Using an app with log disabled we can still see some logs reported by the card.io library with confidential information in it. Please take into account that the library shows the last four digits of the PAN, the payment scheme and - when successful - also the expiry date. We tried to remove such logs but we were not able - any hint?
General information
SDK/Library version: 5.4.0
compile 'io.card:android-sdk:5.4.0'
Issue description
Using an app with log disabled we can still see some logs reported by the card.io library with confidential information in it. Please take into account that the library shows the last four digits of the PAN, the payment scheme and - when successful - also the expiry date. We tried to remove such logs but we were not able - any hint?
See below for instance:
01-17 16:32:14.073 636-15231/? W/libsonylc: Invalid ConfigID 24 25 01-17 16:32:14.139 636-15231/? W/libsonylc: Invalid ConfigID 24 25 01-17 16:32:14.206 636-15231/? W/libsonylc: Invalid ConfigID 24 25 01-17 16:32:14.248 16039-16039/? D/CardScanner: detected card: {MasterCard: •••• •••• •••• 6658} 01-17 16:32:14.248 16039-16039/? D/CardIOActivity: onCardDetected() 01-17 16:32:14.250 16039-16039/? D/CardScanner: setFlashOn: false 01-17 16:32:14.273 636-15231/? W/libsonylc: Invalid ConfigID 24 25
Issue seen for all devices and Android OS used.