You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<rulecontext="cac:PaymentMeans/cac:CardAccount">
<assertid="BR-51"flag="warning"test="string-length(cbc:PrimaryAccountNumberID)<=10">[BR-51]-In accordance with card payments security standards an invoice should never include a full card primary account number (BT-87). At the moment PCI Security Standards Council has defined that the first 6 digits and last 4 digits are the maximum number of digits to be shown.</assert>
</rule>
We recommend to change the test to:
<rulecontext="cac:PaymentMeans/cac:CardAccount/cbc:PrimaryAccountNumberID">
<assertid="BR-51"flag="warning"test="string-length(normalize-space(.))<=10">[BR-51]-In accordance with card payments security standards an invoice should never include a full card primary account number (BT-87). At the moment PCI Security Standards Council has defined that the first 6 digits and last 4 digits are the maximum number of digits to be shown.</assert>
</rule>
a) Make the context as narrow as possible
b) Use normalize-space for the value to omit false positives for values like <cbc:PrimaryAccountNumberID> 1234567890 </cbc:PrimaryAccountNumberID>
The text was updated successfully, but these errors were encountered:
The check is lacking a
normalize-space
call:We recommend to change the test to:
a) Make the context as narrow as possible
b) Use
normalize-space
for the value to omit false positives for values like<cbc:PrimaryAccountNumberID> 1234567890 </cbc:PrimaryAccountNumberID>
The text was updated successfully, but these errors were encountered: