headershadow

How to Mask your Credit card information in SAP CRM

Print Friendly

In this small tutorial  I will show you how you can Mask credit card information in SAP CRM. Without this configuration, the complete creditcard number would be visible to all your employees, using the SAP CRM system - which clearly is not wanted.

When you haven't made the necessary settings in customizing, your credit cards will by default NOT be masked in the system. In such a case all your employees, having access to the customer master data, will be able to see the complete credit card information.

Prerequisites

Before making the settings to mask credit card information in your system, you should have done the necessary customizing setup related to credit cards.

In SAP CRM 7.0 , launch customizing, and go to:

IMG >>Customer Relationship Management >> Basic Functions >> Payment Cards

Make sure you:

  • defined the relevant payment card types

The checking rule(s) defined next to the payment card type, actually match a function module, that is being used to perform certain validity checks when entering a new credit card in the system.

These checking rules are also defined in customizing.

 

  • assigned payment card category to payment card type

 

Steps for masking the Credit Cards

Now in order to MASK your credit cards in the SAP CRM System, we will perform 2 specific steps:

Step 1: Make Security settings for Payment Cards

If there are no entries yet in Customizing, then create a new entry.

In this new entry, you can define:

  • The Security Level:

- Masked Display and Encrypted When Saved

- Masked Display, Not Encrypted When Saved

- No Additional Security Measures

  • Access Log:

- No Logging

- Logging Of Unmasked Display

  • Additional Authorization Check for Unmasked Display (Flag): Defines whether additional authorization is necessary for displaying an unmasked payment card number

By flagging this field, a check will take place on the authorization object B_CCSEC. Selecting this field has no effect if you have chosen a  level of security that allows payment card numbers to be displayed unmasked.

  • Visible Characters for Masking : Here you define how many characters of your credit card number will be shown in masked display (by an Asterisk *)

To illustrate this with an example I made the following settings in our demo system.

Step 2: Maintain Payment Card Type settings -Encryption Flag

In a previous customizing step, I spoke about defining the payment card types. In order to activate the masking, you must also flag the "Encryption" Field.

Remark: make sure to perform these steps as soon as you decide to store/use credit card information for your Business Partners. E.g. when you decide to Mask credit cards, you can still do this afterwards, however, older credit cards - maintained in your system before having made the masking steps - are NOT getting masked.Only creditcards maintained AFTER you made these settings will be shown masked!

After having done all these steps, let's have a look at the changes in our SAP CRM System.

To show the credit card in an unmasked form, you need the correct authorizations. By clicking on the blue hyperlink, a pop-up will show the complete credit card number.

 

Relevant Authorization Objects for Credit Cards you may want to check !

  • B_CARD_SEC
  • B_CCARD
  • B_CCSEC

 Kind Regards

Davy - The SAP University Team

Davy has been working as an SAP Consultant since 2000 and started working in the SAP IS-U Module , but as of 2002 he has mainly worked as functional SAP CRM consultant and SAP Authorizations consultant.
More about

2 thoughts on “How to Mask your Credit card information in SAP CRM


Comment author said

By Koti on 24 November 2012 at 07:05

Hi Davy, Can you tell me how to mask bank account number? do we need to write any code for this? If yes can you please let me know?

 

Comment author said

By ashu on 4 July 2013 at 11:20

Koti, i also need to know how to mask bank account number

 

Leave a Reply


*