diff --git a/src/main/java/au/com/royalpay/payment/manage/appclient/web/RetailAppController.java b/src/main/java/au/com/royalpay/payment/manage/appclient/web/RetailAppController.java
index 7016b67d8..bb333ca68 100644
--- a/src/main/java/au/com/royalpay/payment/manage/appclient/web/RetailAppController.java
+++ b/src/main/java/au/com/royalpay/payment/manage/appclient/web/RetailAppController.java
@@ -102,7 +102,7 @@ public class RetailAppController {
 
     @RequestMapping(value = "/notice/{noticeId}", method = RequestMethod.PUT)
     public void updateNoticePartnerHasRead(@ModelAttribute(CommonConsts.RETAIL_DEVICE) JSONObject device, @PathVariable String noticeId, @RequestBody JSONObject account_param) {
-        if (device.getString("account_id").equals(account_param.getString("account_id")){
+        if (!device.getString("account_id").equals(account_param.getString("account_id"))){
             throw new ForbiddenException("You have no permission");
         }
         retailAppService.updateReadStatus(device, noticeId);