`340 BAD_MASK Cause` error response for 14-digit credit card

[peacefulseeker]

We've noticed that some Inquiry requests with PENC marked as MASK and having a 14-digit long credit card mask
are not meeting the regex expectation.

Full error message received during processing the request.

{"ERRO": 340, "ERROR_0": "340 BAD_MASK Cause: [value [123456XXXX1111] did not match regex /^\\d{6}X{5,9}\\d{1,4}$/], Field: [PTOK], Value: [123456XXXX1111]", "ERROR_COUNT": 1, "MODE": "E", "WARNING_COUNT": 0}

123456XXXX1111 - 14-digit long credit card mask number(replaced digits for real customer mask, but kept the length),
and it's indeed not matching the regex, because the amount of X is expected to be at least 5, while 14-digit CCs will have 4, given then BIN is 6-digit long, which is the case for Discover credit cards.

How would you recommend evaluating such credit cards? We had ~ 80 cases where the Discover credit card has failed to be evaluated because of the issue described.

Perhaps the regex expectation should be changed from your side?

P.S. We're using kount-ris-sdk==3.2.0

[jarrettmitchell-zz]

Go ahead and add the additional X to meet the regex requirements. It will clear the error and will not have any negative impact on the risk assessment. *Eric Brügger* | Manager, Implementation Services Kount, An Equifax Company 1005 W. Main Street | Boise, Idaho 83702 p 208 489 3329 ***@***.***

…

On Wed, Jul 26, 2023 at 9:14 AM 'Alexey Vorobyov' via Kount_SalesEngineering ***@***.***> wrote: We've noticed that some Inquery requests with PENC marked as MASK and having a 14-digit long credit card mask are not meeting the regex expectation. Full error message received during processing the request. {"ERRO": 340, "ERROR_0": "340 BAD_MASK Cause: [value [123456XXXX1111] did not match regex /^\\d{6}X{5,9}\\d{1,4}$/], Field: [PTOK], Value: [123456XXXX1111]", "ERROR_COUNT": 1, "MODE": "E", "WARNING_COUNT": 0} 123456XXXX1111 - 14-digit long credit card mask number(replaced digits for real customer mask, but kept the length), and it's indeed not matching the regex, because the amount of X is expected to be at least *5*, while 14-digit CCs will have *4*, given then BIN is 6-digit long, which is a case for Discover credit cards. How would you recommend evaluating such credit cards? We had ~ 80 cases where the Discover credit card was failed to be evaluated because of the issue described. Perhaps the regex expectation should be changed from your side? — Reply to this email directly, view it on GitHub <https://protect2.fireeye.com/v1/url?k=31323334-501d2dca-313219e2-454455534531-5d840fa3a2354da6&q=1&e=0fa9894b-2299-4853-982c-f3c6ccb00b74&u=https%3A%2F%2Fgithub.com%2FKount%2Fkount-ris-python-sdk%2Fissues%2F30>, or unsubscribe <https://protect2.fireeye.com/v1/url?k=31323334-501d2dca-313219e2-454455534531-c962bd95ca247afa&q=1&e=0fa9894b-2299-4853-982c-f3c6ccb00b74&u=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAMS2ENQWDWYZYVK5D4XLBGLXSEX5HANCNFSM6AAAAAA2YX46Q4> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

-- This message contains proprietary information from Equifax which may be confidential. If you are not an intended recipient, please refrain from any disclosure, copying, distribution or use of this information and note that such actions are prohibited. If you have received this transmission in error, please notify by e-mail ***@***.*** ***@***.***>. Equifax® is a registered trademark of Equifax Inc.  All rights reserved.

[peacefulseeker]

Thanks for the suggestion. In this case, the original credit card mask length and payment token length would not match.
Won't that be an issue based on the docs https://developer.kount.com/hc/en-us/articles/11301589488404-Payment-Encryption-PENC-Options?

[jarrettmitchell-zz]

Yes I am aware of the guidance of keeping the MASKed PTOK the same length however, the MASKed value is not used as a unique identifier of the credit card token so the extra X causes no issue in the risk assessment or scoring. Thank you for being so conscientious in following the documentation but in this case I assure you the extra X is just fine to meet the regex requirements. *Eric Brügger* | Manager, Implementation Services Kount, An Equifax Company 1005 W. Main Street | Boise, Idaho 83702 p 208 489 3329 ***@***.***

…

On Wed, Jul 26, 2023 at 11:50 PM 'Alexey Vorobyov' via Kount_SalesEngineering ***@***.***> wrote: Thanks for the suggestion. In this case, the original credit card mask length and payment token length would not match. Won't that be an issue based on the docs https://developer.kount.com/hc/en-us/articles/11301589488404-Payment-Encryption-PENC-Options <https://protect2.fireeye.com/v1/url?k=31323334-501cfaeb-313219e2-454455535732-7a92ebb022b0a149&q=1&e=1578547d-da14-4175-a8e6-e054a4a1151c&u=https%3A%2F%2Fdeveloper.kount.com%2Fhc%2Fen-us%2Farticles%2F11301589488404-Payment-Encryption-PENC-Options> ? [image: Screenshot 2023-07-27 at 08 49 54] <https://user-images.githubusercontent.com/25010454/256437761-b161db78-45ef-4928-ba0b-5eac36c368d3.png> — Reply to this email directly, view it on GitHub <https://protect2.fireeye.com/v1/url?k=31323334-501cfaeb-313219e2-454455535732-82e5835bfb6cf9ae&q=1&e=1578547d-da14-4175-a8e6-e054a4a1151c&u=https%3A%2F%2Fgithub.com%2FKount%2Fkount-ris-python-sdk%2Fissues%2F30%23issuecomment-1652952076>, or unsubscribe <https://protect2.fireeye.com/v1/url?k=31323334-501cfaeb-313219e2-454455535732-3450cca9219d7628&q=1&e=1578547d-da14-4175-a8e6-e054a4a1151c&u=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAMS2ENRMQXLFEZITB2B4TGDXSH6TFANCNFSM6AAAAAA2YX46Q4> . You are receiving this because you commented.Message ID: ***@***.***>

-- This message contains proprietary information from Equifax which may be confidential. If you are not an intended recipient, please refrain from any disclosure, copying, distribution or use of this information and note that such actions are prohibited. If you have received this transmission in error, please notify by e-mail ***@***.*** ***@***.***>. Equifax® is a registered trademark of Equifax Inc.  All rights reserved.

[peacefulseeker]

Thanks @jarrettmitchell-zz for quick help here 👍