[ISSUE] PAN masking does not meet the PCI SSC requirements

[zbalkan]

Describe the bug
At the core, it is not a problem but an inconvenience. The PAN masking is a double edged sword. If you mask too much, then sometimes it blocks some business functions. If you mask too less, then you are non-compliant. In order to be able to tailor according to the regulations, one needs to have multiple settings in masking, such as left-6, right-4 -the most common and accepted one. But currently the only option is to pick either left or right.

The configuration can include both left and right settings to provide fine-tuned masking.

Additional context

Reference: https://www.advantio.com/blog/8-digit-bin-how-does-it-affect-pci-dss-compliance

PAN (16 digits)	Display ​BIN and last four digits	Storage (truncation) ​BIN and any other four digits
426398******9299​First six (6) and last four (4) digits	YES, for 6 and 8-digit BINs​	YES, for 6 and 8-digit BINs
42639826******99​First eight (8) and last two (2) digits	YES, for 8-digit BINs	YES, for 6 and 8-digit BINs​
42639826****9299​First eight (8) and last four (4) digits	YES, but requires a list of roles that need access to displays of more than BIN and last four and a legitimate business need for each role to have such access.	YES, for 6 and 8-digit BINs​
4263982640******​First ten (10) digits	YES, for 8-digit BINs​	YES, for 8-digit BINs
426398264026****​First twelve (12) digits	YES, but requires a list of roles that need access to displays of more than BIN and last four and a legitimate business need for each role to have such access.	YES, for 6 and 8-digit BINs.
42639826***69299​First eight (8) and last five (5) digits		NO

[vixentael]

A good one, thank you!

Acra Enterprise Edition supports custom mask formats, but we will think about porting PAN mask format to Acra CE.