E-xact's compliance upgrade to its architectural platform has brought increased security along with stricter enforcement on our Hosted Checkout and API services. Part of this includes stricter filtering on transaction requests. Effective March 16, 2017, all values resembling credit card numbers (between thirteen and nineteen consecutive digits) entered in the application or API will be filtered out from transaction responses. NOTE: This may affect the reference fields in the transaction response.
Example of values that will be filtered include (but are not exclusive to): any consecutive numeric string containing between thirteen to nineteen characters; any consecutive numeric string that is either preceded by, or followed by, a non-numeric character, or characters (e.g. E4444444444444444, or 4444444444444444E, etc.); any of the aforementioned combinations punctuated by hyphens or spaces (e.g. 4444-4444-4444-4444, 4444 4444 4444 4444, or E4444-4444-4444-4444, etc.).
If affected, the solution is to shorten the request value to fewer than thirteen consecutive digits in length.