I. INTRODUCTION
Based on the concerns of the security of personal information (PID) and identity theft, CARS+ offers several options to mask the personal data of renters.
When viewing existing Reservations, RAs, and Customer records, data that can be masked includes the customer's:
Address (street address and zip/postal code)
drivers license
credit card
birth date
frequent traveler number
Other ID #
Customer number
Certain users can be exempt from the masking logic.
With the goal of protecting the security of renters' personal information, the following steps can be taken to configure your CARS+ system. Following the set up steps is a section on how masking affects rental counter transactions.
A separate chapter exists for the masking of credit card numbers within CARS+. This chapter covers the masking of the other PID data.
II. REQUIRED SET-UP STEPS
A. EDIT MISCELLANEOUS CONTROL FILE (shortcut: EDITMISC)
Fields in this file control which types of data will be masked.
Page 2; Data Field # 35: MASK CREDIT CARD NUMBERS
For security and privacy reasons, hiding or "masking" the customers' credit card numbers once they have been entered into the system should be done. This field controls whether or not users are barred from seeing complete credit card numbers once they have been stored. Enter "Y" to mask the credit card numbers.
Page 3; Data Field # 14: MASK DRIVER'S LICENSE NO
This field is used to designate whether or not certain items of personal data should be masked on the RA Open, Reservations, and Customer File Update screens. Enter:
Y = Mask the Other ID number and driver's license.
1 = Mask the Other ID number, driver's license, and date of birth.
2 = Mask the Other ID number, drivers license, date of birth, and frequent traveler number.
N (or blank) = Don't mask any of the above.
Page 3: Data Field # 36; MASK ADDRESS
Enter "Y" to mask the customer's street address and zip/postal code when an existing Reservation or RA and when the customer 's record is brought up in the Customer File Update screen.
Additionally, the customer's phone numbers and local contact data will be masked on the Reservation Manifest and the Vehicle's Due In Report.
B. EDIT USER ACCESS FILE (shortcut: EDITUAF)
Page 2; Data Field # 1: MASKING EXEMPT
This field controls whether or not each user is subject to the masking logic. For each user, enter:
Y = YES, this user is exempt from the masking logic. For credit cards, the card number is not displayed on a screen until the user presses Shift/F4. The user is then required to enter user name and password before the credit card number is revealed. Credit card numbers do not print on reports regardless. The rest of the customer's personal data will be unmasked on the various screens and will print on reports and RAs.
N (or blank) = NO, this user is not exempt from masking. Therefore, those pieces of data defined as masked (credit card, address, drivers license, birth date, frequent traveler number) will be shown with a series of "X's" and cannot be unmasked by the user.
III. COUNTER AGENT INSTRUCTIONS WHEN MASKING IS TURNED ON
For reservations, If masking of PID data is turned on, all PID data fields will be masked when re-displaying an existing transaction and unmasking is unavailable.
For Rental agreements, press Shift/F4 and enter usercode and password at the prompts. The data will be unmasked for users that are exempt from the masking logic.
B. CUSTOMER RECORDS (Customer File Update):
For existing customers, masking of the credit card number and customer's personal information is in effect. Press Shift/F4 and enter usercode and password at the prompts. The data will be unmasked for users that are exempt from the masking logic.
C. REPORTS
Credit card data is masked on all reports regardless of the setting in the User Access File. But the other PID data is masked as follows: