Incident Thread Masking

Incident thread masking protects data by automatically masking content in the incident thread when written to the database.

All databases and file systems associated to your instance are maintained on encrypted file systems. The Oracle B2C Service PCI environment automatically redacts payment account numbers (PAN) and social security numbers from displaying when this data is detected during read operations.

However, by default, B2C Service does not prevent you from storing sensitive data in the database. If you want PAN, social security numbers, or sensitive personally identifiable information (PII) to be permanently redacted when stored in the incident thread object within the database, then you need to configure incident thread masking.

Incident thread masking protects data by automatically masking content in the incident thread when it is written to the database. Data matching the masking patterns will be permanently redacted and stored in the database with an X replacing each redacted character. The original data being redacted is unrecoverable.

By default, B2C Service provides three mask algorithms for credit cards, social security numbers, and phone numbers. You can can define up to five additional custom masks.

Incident thread masking is included in the Enterprise and Enterprise Contact Center user seat license tier. To learn how to configure this feature, see Incident Thread Masking. To enable this feature in a site instance, enable THREADS_AUTO_MASKING_ENABLED, or contact either Technical Support or your account manager for assistance.