Message

In accordance with card payments security standards an invoice should never include a full card primary account number (BT-87). At the moment PCI Security Standards Council has defined that the first 6 digits and last 4 digits are the maximum number of digits to be shown.

Context
cac:PaymentMeans/cac:CardAccount/cbc:PrimaryAccountNumberID
Test
string-length(normalize-space(.))<=10
Usage
/ ubl:Invoice / cac:PaymentMeans / cac:CardAccount / cbc:PrimaryAccountNumberID
/ ubl:CreditNote / cac:PaymentMeans / cac:CardAccount / cbc:PrimaryAccountNumberID