Skip to Content
0
Former Member
Jun 25, 2009 at 10:04 PM

PCI-DSS Standard - HTTP Custom Adapter Module

48 Views

i have a xml message that i post using a HTTP adapter. Its a synchronous message. Its inbound.

XML message contains sensitive information say - Credit Card #, SSN # etc.

Client wants to mask the Credit Card #, SSN # (as per the PCI-DSS standards) even before the xml message hits the integration engine so as to avoid this entry to be stored anywhere in the PI database.

One of the solutions i am thinking is to write a module adapter and to parse the XML message to mask the credit card, SSN # in java

Did anyone implement a similar solution or any other ideas they have who wrote a custom adapter - an extension to HTTP/HTTPS - to mask the sensitive information?

Thanks in advance,

KP