Last updated on APRIL 21, 2015
Applies to:Oracle Receivables - Version 12.1.3 and later
Information in this document applies to any platform.
On : 12.1.3 version, Receipts Related
Updating Customer Account Information from an Unassigned receipt application creates Compliance Issue.
The Account Number and Routing Information is concatenated and Copied in the Account Name field, which is not encrypted (or hidden) which leads to Payment Card Industry (PCI) compliance issue.
This data issue happens only when a Collection agent applies a Unassigned receipt to a Customer Account.
This causes the Account Information to be created, based upon the Customer Bank Account details on the Receipt (Lockbox Receipts have those on Receipts where the customer number in file doesn't match with the one in the system).
When a Customer Account is created, it creates the Bank and Branch details.
While doing that, it populates the Account Number field correctly, which has only the last four (4) digits visible.
The Routing Number is captured correctly, in Branch Number column. But, then it concatenates these two (2) key pieces of information and adds it in the Account Name field, which has no security.
This makes the entire Account Number visible and creates a PCI compliance threat.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms