RegEx/Postini CC & SSN Filtering
Posted on 2011-09-29
Hello again. I am again having problems with Postini catching false positives, or not catching CC numbers.
Using Postini's built in filters is not robust enough for us to meet PCI requirements, so I've been tasked with creating custom RegEx's that will block emails. The problem, though, is that Postini's RegEx engine doesn't seem to conform to most standards.
Through multiple variations, I've finally came up with the following RegEx for Visa, MasterCard and JCB credit card filtering:
It basically states that the number should be at the beginning of a line, or preceded by a space, or preceded by a colon, and contain a set of four numbers starting with a 3,4, or 5, and 3 blocks of four digits, separated by a variety of separators. I also have a similar RegEx looking for a string of 16 digits starting with a 3,4, or 5, and various other similar RegEx's for other cards, or SSN's.
For the most part, it seems to work fine, however there are two problems:
1. It catches false positives in the form of "5000" followed by NO other blocks of digits.
So, for example and email like this:
"Hello, here are the short codes I'd like to order:
It will flag it.
2. If a CC number is sent in this format: "5XXX XXXXXXXXXXXX" it will get by. Presumably, any variation on that will get by as well.
Any help would be appreciated.