PCI

PCI requirement 3.4 requires PAN data to be unreadable anywhere it is stored unless it is protected. With Release 12 credit cardholder data can be decrypted at any time as easily as it is encrypted by simply running the request set “Decrypt...

Creating clones and copies of production E-Business Suite databases is a regular occurrence. There are several PCI DSS requirements that apply to non-production instances of the Oracle E-Business Suite. No Production Cardholder DataThe most...

The real challenge for meeting PCI compliance is the secure management of all the components and parts of the Oracle E-Business Suite environment every day of year. While Release 12 of the Oracle E-Business Suite by default does not protect...

Continuing this blog series on PCI compliance and the Oracle E-Business Suite, this posting focuses on the Secure Payments Repository.  New with Release 12 of the E-Business Suite, credit card processing and data storage within Oracle...

To help understand the Oracle E-Business Suite’s standard functionality to help meet PCI compliance, it is useful to know the difference between what Oracle deems as external and internal accounts.Oracle defines “external accounts” as those accounts...

A common question we receive is about Corporate Cards and PCI compliance. Corporate Cards, credit cards held by employees for corporate purposes, are not usually subject to the scope of PCI DSS compliance.  Corporate Cards are classified as...

The next few blog postings will focus on PCI and the Oracle E-Business Suite. All Oracle E-Business Suite implementations that "store, process, or transmit cardholder data" must comply with Payment Card Industry (PCI) Data Security Standard...

PCI requirement 3.4 mandates that the Primary Account Number (PAN) is unreadable anywhere it is stored using one-way hashes or strong encryption. The Oracle E-Business Suite Release 12 meets this requirement first by centralizing cardholder data (...