Receipts Workbench Issue: Customer Bank Account Number Field Should be Derived from a Sequence in Post QuickCash
(Doc ID 1676126.1)
Last updated on FEBRUARY 13, 2019
Oracle Receivables - Version 12.1.3 and later Information in this document applies to any platform.
On : 12.1.3 version, Receipts Related
Updating Customer Account Information from an Unassigned receipt application creates Compliance Issue.
The Account Number and Routing Information is concatenated and Copied in the Account Name field, which is not encrypted (or hidden) which leads to Payment Card Industry (PCI) compliance issue.
This data issue happens only when a Collection agent applies a Unassigned receipt to a Customer Account.
This causes the Account Information to be created, based upon the Customer Bank Account details on the Receipt (Lockbox Receipts have those on Receipts where the customer number in file doesn't match with the one in the system).
When a Customer Account is created, it creates the Bank and Branch details. While doing that, it populates the Account Number field correctly, which has only the last four (4) digits visible. The Routing Number is captured correctly, in Branch Number column. But, then it concatenates these two (2) key pieces of information and adds it in the Account Name field, which has no security.
This makes the entire Account Number visible and creates a PCI compliance threat.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!