Credit Card Numbers Not Visible - 25.1
Answered- Description of the issue: When adding payment and filling in the Credit Card/Check field, this field becomes obfuscated to only show the last 4 digits. E.g. XXXXTEST
- Account name: Venues Wellington
- Region: APAC
- Client version: 25.12025071801
-
Steps to reproduce:
1. Login to local v30 URL
2. USIADMIN / ITRocks2014
*Make sure Organization is set to (30)
3. Go to Main Menu > Service Orders
4. Search For Service Order ID: 91427
5. Right-Click Service Order > Edit > Edit
6. Go to Payments tab
7. Click Add Payment and fill in required fields. For the Credit Card/Check field enter any value with more than 4 characters.
Set Transactions Type to Credit Card Payment (PAYEVMCV)
8. Click Save(OK)
9. Observe that under Payments tab the Credit Card field obfuscates the first 4 digits/letters.
- Observed results vs Expected results: Believe this is now expected behaviour with 25.2 – https://supportcenter.ungerboeck.com/hc/en-us/articles/204553828--Store-Credit-Card-Information-System-Parameter
However, Customer version = 25.1
- What is the job the client is trying to accomplish: Customer is using this field to track payments against daily bank reports.
- Business impact if not resolved: Unable to track payments. If expected behaviour - incorrect internal documentation?
- Links to articles where you've looked for solutions and also other steps you've taken to research the issue:
- Link to Zendesk ticket: https://ungerboeck.zendesk.com/agent/tickets/366365
- Local v30 URL: https://supportwebap.ungerboeck.com/PWV_Prod_0033851297_USI_V30/app85.cshtml?ReturnUrl=%2fPWV_Prod_0033851297_USI_V30
Screenshots:


-
Tested in QE 24.4 and confirmed credit/card check field did not obscure values as in above example.
Believe this is now expected behavior in 25.2 https://supportcenter.ungerboeck.com/hc/en-us/articles/33621280927639-Changes-to-Credit-Card-Storage-in-2025-2
However, Customer version is 25.1
-
Ryan Ungerboeck @... Are we able to confirm if the changes to credit card storage was patched back to 25.1? I tested with Joe and it seems like the “credit card number” is masked in 25.1, in 24.4, it still showed the full string added to that field. If it was patched back, we may need to update the article on the support center.
-
This is expected behavior in 25.1 and above.
Effective with this weeks 24.4 patch - it is also expected behavior in 24.4
This feature will be disabled for all customers at the database level - regardless of version or patch level (24.3, 19.9 etc) - likely by end of September
-
I've updated the article:
- Updated the title to reflect that the change is in all versions.
- Added a dated callout reflecting that this is now going to all versions and added the timeline.
- Placed the article in all past version release folders as an FYI.
Seth Halvaksz Unless I missed it (completely possible!) this was communicated as a change in 25.2 only. In the future, it would be good to include the intent that it will affect all versions.
-
Thanks Linda. Asking Ryan Ungerboeck if he previously communicated the affected versions somewhere.
-
Follow up:
There really should be no need for a customer to see credit card numbers. This was disabled for security purposes - and we do have workflows with charge now that can enable customers to proceed with cards on file. This is (and has been for years) the recommended workflow for sites that have post event charges.
Additionally we are working through some conversions currently to move customers to our new token platform for cards on file / charge now.
All customers that wish to continue to use the card on file / charge now feature will be required to upgrade to the latest version for 24.4 (20250828) / 25.1 (20250731) / 25.2 (202500804) to complete this conversion. -
My point is not that clients should see credit card numbers (absolutely not!) but that we need to communicate all changes. We created an article that said the change was in 25.2 but it's being applied to all versions; we should have said so! If we had, support would not have had to ask this question.
-
Hi Ryan Ungerboeck & @... - with the changes in tokenization providers, the article talks about removing the access privilege to see credit info which is fair. Are there any impacts on the token linked to the payments where if the customer needs to initiate a credit card refund, will the control sequence number be preserved that they can refund the customer or do they need to adopt a new way to refund them as the tokens are being changed?
-
The control sequence/authorization ID is not cleared and continues to be the primary part of the request sent to the payment provider in order to refund an original transaction.
-
Thanks Ryan Ungerboeck
Please sign in to leave a comment.
Comments
10 comments
Date Votes