EBill 9.2: Whole CREDITCARD Number Is Visible When Payment Is Made Using Traditional EBILL Model. (Doc ID 2180775.1)

Last updated on SEPTEMBER 08, 2016

Applies to:

PeopleSoft Enterprise SCM eBill Payment - Version 9.2 and later
Information in this document applies to any platform.

Symptoms

On : 9.2 version, Usability
ACTUAL BEHAVIOR
-------------------
In eBill payment application, if the user is in the process of completing an invoice payment with a credit card and uses the “Previous” button to return to the payment information entry page from the payment verification page, it sends a server response that contains a user’s full credit card number in traditional mode. Please note: there’s no such case in hosted mode.

EXPECTED BEHAVIOR

-----------------------
Server response should not contain a user's full credit card number.

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Navigate to  eBill Payment - Payment Cart. Click Next button.
2. Enter credit card and press next button.
3. Now press previous button all fields are blank except credit card and whole number is visible.

BUSINESS IMPACT
-----------------------
This is not acceptable as whole credit card number is visible to user.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms