search cancel

Detection server and Endpoint cannot pick up CCN in MS-Word doc with embedded XLS file or if the XLS file is sent by itself


Article ID: 159729


Updated On:


Data Loss Prevention Endpoint Prevent Data Loss Prevention Network Monitor Data Loss Prevention Network Prevent for Email Data Loss Prevention Network Protect Data Loss Prevention Endpoint Discover Data Loss Prevention


You have a Credit Card Number in a .xlsx file embedded in a Word document that is not being detected.  The Credit Card Number has no dashes or spaces, just a 16 digit number.

This will also happen if the .xlsx file is sent without being imbedded in a Word document.
This happens with both Network Prevent and Endpoint Prevent.



MS Excel will, by default, only track 15 significant digits in a standard number cell and replace the rest with zeros!  Space delimited and dash delimited CCNs work fine.  With a straight 16 digit valid CCN number, Excel changed the last number to a 0. By changing the last digit to a 0, this is no longer a valid CCN and fails the Luhn check – Symantec DLP is working as designed and not picking it up to avoid a false positive. 

This behavior occurs only if the cell is formatted as Number, and the number that is entered exceeds 15 digits. For cells that are formatted as text, you can type up to 32,767 characters. Excel displays up to 1,024 characters on the worksheet.


Also see: MS article 269370