Receipts Workbench Issue: Customer Bank Account Number Field Should be Derived from a Sequence in Post QuickCash (Doc ID 1676126.1)

Last updated on APRIL 21, 2015

Applies to:

Oracle Receivables - Version 12.1.3 and later
Information in this document applies to any platform.

Symptoms

On : 12.1.3 version, Receipts Related

Updating Customer Account Information from an Unassigned receipt application creates Compliance Issue.

The Account Number and Routing Information is concatenated and Copied in the Account Name field, which is not encrypted (or hidden) which leads to Payment Card Industry (PCI) compliance issue.

This data issue happens only when a Collection agent applies a Unassigned receipt to a Customer Account.

This causes the Account Information to be created, based upon the Customer Bank Account details on the Receipt (Lockbox Receipts have those on Receipts where the customer number in file doesn't match with the one in the system).

When a Customer Account is created, it creates the Bank and Branch details.
While doing that, it populates the Account Number field correctly, which has only the last four (4) digits visible.
The Routing Number is captured correctly, in Branch Number column.  But, then it concatenates these two (2) key pieces of information and adds it in the Account Name field, which has no security.

This makes the entire Account Number visible and creates a PCI compliance threat.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms