Automatic Redaction of Credit/Debit Card Numbers
  • 05 Nov 2021
  • 1 Minute To Read
  • PDF

Automatic Redaction of Credit/Debit Card Numbers

  • PDF

Customers sometimes send sensitive information such as their credit/debit number when trying to complete a transaction. In Gladly, valid credit/debit card numbers are automatically redacted, which makes the information unusable. 

How credit/debit card number redaction works

Gladly uses the Luhn algorithm to identify if a credit/debit card number is valid and not just a random sequence of numbers. Still, it doesn't guarantee that every credit/debit card number will be identified. 

When a Customer types their card number, we redact the number before it leaves the browser but only after hitting Enter. We do not attempt to redact as they type the number in the composition field.

Tip - PCI Compliance
Once a credit/debit card number is redacted for PCI compliance, it's no longer seen as cardholder data. See the PCI Council FAQ for more information.

Once identified as a credit/debit number, it's redacted from the Conversation. It will look like this:

Automatic redaction of credit/debit card numbers applies to all text-based Channels like chat, email, and SMS.

Note - Credit/debit card information sent as an image
Images, scanned copies, PDF, or other text documents of a credit/debit card sent as attachments or messages can be deleted.

Why some credit/debit card numbers are not redacted

If the number is not a valid credit/debit card number, it will not be redacted.

Credit/debit card number collection over the phone

Agents would sometimes process payment over the phone. Instruct Agents to pause the call recording when discussing sensitive personal information such as credit/card information. Messages containing sensitive information can also be deleted.


Was this article helpful?