We have recently refreshed our branding across our offerings and changed the names of our pricing plans. If you have signed up before Aug 9, 2021, please click Previous plans to view your applicable plans.
We assure you that this change will not impact your product experience, and no action is required on your part.

Let’s take the example of a customer sending his credit card number to your support asking for it to be updated. In addition to being visible to anybody with access to the ticket, the credit card number automatically gets stored in a database with the rest of the ticket and the data can also be accessed by APIs or marketplace apps.


Since credit card number is sensitive information, Freshdesk automatically redacts it from the source itself. Redaction is the process of removing sensitive information from the ticket.



Credit card numbers are redacted by replacing some digits with some characters.


The credit card number not only gets masked in the UI but also gets completely redacted from the database.


Freshdesk will redact the information only if it matches the credit card number pattern and will skip redacting any other information on the ticket. This redaction process takes place on all customer responses in the ticket.


The redaction works on: 


Major Credit Card brand patterns: Visa, MasterCard, Amex, Discover, JCB, Diners Club, Maestro, Visa Electron


Special Symbols : & (without space), & (with space) Braces (),[],{},<> quotes '',"",:


Text patterns: space between two patterns, two patterns separated by a comma, two patterns separated by a full stop, card number in the middle of a sentence, card number at the end or beginning of a sentence

Here's a table with sample patterns where card numbers are picked up and redacted:



To enable this automatic redaction, go to Admin > Account > Security > Turn on ‘Redaction’.


Note

  • Any string that matches the selected pattern might get redacted. For example, a gift card number that closely matches the credit card pattern might get redacted. Once a string is redacted, it is not possible to retrieve the information.
  • Click here to know more about PCI compliance.