You can configure Information Privacy features to protect sensitive data so that it is not displayed on the screen or in productivity features, such as Screen History.
If you need to... |
Do this... |
---|---|
Redact certain patterns of data that are outside the realm of credit card formats (e.g., US Social Security numbers). |
Set up and . |
Redact credit card Primary Account Numbers (PANs) to meet PCI DSS PCI DSS (Payment Card Industry Data Security Standard) is a worldwide standard comprising technology requirements and process requirements designed to prevent fraud and is published by PCI Security Standards Council, LLC. All companies who handle credit cards are likely to be subject to this standard. requirements. |
Set up and . |
Require secure connections (as may be required for PCI DSS compliance). |
Set up . |
NOTE:
You can use Privacy Filters together with Primary Account Number (PAN) detection. To improve performance, do not duplicate existing PAN patterns in privacy filters.
Information Privacy settings do not apply to IBM host printer emulation.
If redaction is enabled, HLLAPI functions are disabled to prevent access to unredacted data through HLLAPI.
Privacy Filters Redaction Rules
Use privacy filters when you need to:
Redact certain patterns of data that are outside the realm of credit card formats (for example, US Social Security numbers or proprietary sensitive account numbers).
Redact Primary Account Numbers (PANs) that are outside of a 13-16 digit range. (PAN detection does not detect PANs that are outside of this range.)
The redaction rules specify how to redact sensitive data, based on the filters that you specify in
.
|
Redacts sensitive data so that it is not displayed in productivity features, such as Office Tools integration, Screen History, Recent Typing, and Auto Complete. This option also obscures data from the Print Screen and Cut/Copy/Paste commands. |
|
Redacts data on screens after you navigate out of the current field. |
|
Redacts data on screens after you navigate out of the current field. |
Privacy Filters
|
Opens the Add Privacy Filter dialog box where you can define the filter. |
|
Opens the Modify Privacy Filter dialog box where you can modify the regular or simple expression that defines the filter. |
|
Deletes the selected filter. |
Primary Account Number (PAN) Redaction Rules
You can set up redaction rules to redact PANs (credit card numbers) that appear in screen histories, the clipboard, and Microsoft Office applications. You can also choose to redact PAN data displayed on screens, either as the PAN is typed or after it is entered.
|
Redacts sensitive data, based on the rules that you specify in . |
|
Specifies how many digits of the PAN to redact. |
|
Redacts data after it is entered. redacts data as it is typed. |
|
Prevents PAN data from being saved in an external file or any component that saves screen data. This includes the data saved for the Screen History, Recent Typing, Auto Complete, Auto Expand, and Macro Recording features. It also includes data returned by the InfoConnect API CreditCardRecognized event. |
Primary Account Number (PAN) Detection Rules
|
Add, modify, or delete the regular expressions used by the PAN Detection methods to detect PAN data. |
|
InfoConnect PAN detection allows you to set up regular expressions to detect PAN data. Use this option when:
|
|
NOTE:By default InfoConnect does not redact digit patterns such as North American phone numbers containing area code information and optional country code, common short date/time formats (MM/DD/YYYY, YYYY/MM/DD, HH:MM:SS, HH:MM, etc), and US Social Security numbers. |
|
Simple PAN detection matches either a credit card number sequence (a 13-16 digit number) or preceding text (e.g., keywords like "Account") followed by a credit card number sequence. Use Simple PAN detection when:
|
|
matches a credit card number sequence. Account) to the box. t matches preceding text followed by a credit card number sequence. To use this option, you will need to add the preceding text (e.g., |
PCI DSS Rules
You can configure InfoConnect to require secure connections for all network connections or for only wireless connections. You can also choose to fire a InfoConnect API event when an unredacted PAN (or credit card number) is displayed.
|
Allow non-secure connections, such as Telnet. Select this option only when testing or when your sessions do not require PCI DSS compliance. |
|
Allows only secure connections, regardless of the type of network. This applies to wired, wireless, and VPN connections. |
|
Allows non-secure connections on wired networks but requires secure connections for wireless networks. NOTE:VPN connections are not subject to the wireless restrictions. Because of VPN's inherent security, VPN connections are handled in the same way as wired connections. To secure VPN connections, choose the option. |
|
Fires the CreditCardRecognized .NET API and VBA event when unredacted PAN data is copied from the terminal to the clipboard or to a productivity tool. For IBM systems, the event is also fired when unredacted PAN data is displayed on the screen. You can handle this event to create logs or perform other actions required for compliance. (See the InfoConnect VBA Guide or the InfoConnect .NET API Guide.) NOTE:This event is fired only when a PAN is copied or displayed in its entirety ("in the clear"). It is not fired when only redacted PANs are copied or displayed. |