1. Using B2C Service
  2. Incident Thread Masking

Incident Thread Masking

Your customers and agents may occasionally submit incidents containing sensitive customer information, such as credit card and social security numbers in incident threads. Whether the information appears in a customer entry, response, or private note thread, the security of your customers’ personal assets may be compromised.

Incident thread masking can protect this personal data by automatically masking content in incident threads. By default, B2C Service contains three predefined system masks for credit card, social security, and telephone numbers. In addition, if our predefined patterns do not satisfy your organization’s needs, you can define up to five custom masks to hide other personally identifiable information when new thread entries are created. As you configure incident thread masking for your application, you can test each system and custom mask before finally deploying the configurations to your site. To mask customer information in incident threads, incident thread masking must be enabled. Contact your Oracle account manager to enable this feature.

Caution: Be aware that after incident thread masking is enabled, masking is automatically performed in new thread entries, even if you make no changes to the predefined masks or define custom masks. Masking also occurs in the incident thread data itself, where the masked values are replaced and not recoverable. Note that predefined text, such as standard text, SmartAssistant responses, and variables, is not masked. Do not include confidential information in predefined text. For these reasons, you should use extreme caution when configuring masking for your site, and enable the profile permission for this feature only for trusted administrators.

After incident thread masking is enabled, you must perform the following tasks so you and your staff can configure incident thread masking.