I was attracted to Zendesk knowing there were credit card encrypted fields. For the life of me, I cannot figure out how they could possibly be useful. After input, the card is masked. I see no value in capturing a masked credit card.
Rather, I expected to have a PCI compliant capture of the card, and expiry date, allowing our agent with appropriate permission the ability to expose this card and log the time stamp and user that viewed the card. The card should then be redacted.
Or, a secure way to pass this card using the API to a 3rd party application in a PCI compliant way.
If none of these are possible, I do not see any value in the field type unless I am missing something. It seems we have to build our own forms to capture these cards, and being advised to use a Text field to capture the card in a non-compliant way makes no sense to me.
댓글을 남기려면 로그인하세요.