1. Implementing Receivables Credit to Cash
  2. PCI DSS Credit Card Processing Requirements

PCI DSS Credit Card Processing Requirements

The Payment Card Industry (PCI) has developed security requirements for managing and processing cardholder information and has created a published standard called the Payment Card Industry Data Security Standard (PCI DSS). The security requirements defined in the PCI DSS apply to all members, merchants,

Oracle Payments is engaged in the PCI certification process. Credit card processing is currently available only in the Oracle data centers where Oracle Payments is certified by the latest PCI Data Security Standard (PCI DSS v3.2.1). Credit card processing is included in all Oracle Fusion Applications that use Oracle Payments: Receivables, Payables, Expenses, Advanced Collections, and Bill Management.

Oracle Fusion Cloud Service

Oracle Fusion Cloud Applications Suite provides the integration services that facilitate credit card tokenization and payment processing using supported payment gateways. Individual organizations are responsible for their ongoing agreements with the supported payment gateway services.

Organization responsibilities for credit card data processing using Oracle Fusion Applications include:

  • Credit Card Tokenization and Masking: Credit card numbers must be tokenized or truncated. A truncated credit card number displays no more than the first six or last four digits of the full card number, with the remaining digits masked or removed.

  • Movement of Credit Card Data: All credit card data, including credit card tokens, must be sent within the supported business flows only. Alternative communication flows, including file transfer, email, email attachments, descriptive flexfields, and other similar attributes are prohibited.

Oracle Payments supports a select number of payment gateways for tokenization and credit card payment processing services. For details on the certified Oracle data centers and supported gateways, refer to Is Credit Card Processing Supported In Oracle Fusion Applications (1949941.1). You can refer to this document as more data centers become PCI certified.

Related Topics