Show TOC

 Protection of Payment Card Data in ERP Applications

Use

You save payment card numbers, along with other payment card data (such as, card holder and validity period) in you application data, and you want to protect this data.

Features

To protect payment card data in the data of your application, enter a security level in Customizing for Cross-Application Components. Choose Start of the navigation path Payment Cards Next navigation step Basic Settings Next navigation step Make Security Settings for Payment Cards. End of the navigation path You can choose among the following:

  • No Additional Security Measures

  • Masked Display, No Encrypted Storage

  • Masked Display and Encrypted Storage

Masked display means that when you display or change objects that contain a payment card number, the system makes the number partially unrecognizable. For example, only the value 1111********4444 is displayed instead of the card number 1111222233334444. You can configure the number of visible characters at the beginning and end of the payment card number. The security standards of the credit card industry require that a maximum of six characters are visible at the beginning, and four at the end.

For each card type (AMEX, MC, VISA), you can decide whether you require encryption or not. In Customizing for Cross-Application Components, choose Start of the navigation path Payment Cards Next navigation step Basic Settings Next navigation step Maintain Payment Card Type End of the navigation path . However, the column for this is only visible if the encryption of payment cards is already active in the business partner data or if you configured encrypted storage for other data records (see above).

You make general settings for using encryption software in Customizing for SAP NetWeaver by choosing Start of the navigation path Application Server Next navigation step System Administration Next navigation step Maintain the Public Key Information of the System. End of the navigation path