In this small tutorial I will show you how you can Mask credit card information in SAP CRM. Without this configuration, the complete creditcard number would be visible to all your employees, using the SAP CRM system - which clearly is not wanted.
When you haven't made the necessary settings in customizing, your credit cards will by default NOT be masked in the system. In such a case all your employees, having access to the customer master data, will be able to see the complete credit card information.
Before making the settings to mask credit card information in your system, you should have done the necessary customizing setup related to credit cards.
In SAP CRM 7.0 , launch customizing, and go to:
IMG >>Customer Relationship Management >> Basic Functions >> Payment Cards
Make sure you:
- defined the relevant payment card types
The checking rule(s) defined next to the payment card type, actually match a function module, that is being used to perform certain validity checks when entering a new credit card in the system.
These checking rules are also defined in customizing.
- assigned payment card category to payment card type
Steps for masking the Credit Cards
Now in order to MASK your credit cards in the SAP CRM System, we will perform 2 specific steps:
Step 1: Make Security settings for Payment Cards
If there are no entries yet in Customizing, then create a new entry.
In this new entry, you can define:
- The Security Level:
- Masked Display and Encrypted When Saved
- Masked Display, Not Encrypted When Saved
- No Additional Security Measures
- Access Log:
- No Logging
- Logging Of Unmasked Display
- Additional Authorization Check for Unmasked Display (Flag): Defines whether additional authorization is necessary for displaying an unmasked payment card number
By flagging this field, a check will take place on the authorization object B_CCSEC. Selecting this field has no effect if you have chosen a level of security that allows payment card numbers to be displayed unmasked.
- Visible Characters for Masking : Here you define how many characters of your credit card number will be shown in masked display (by an Asterisk *)
To illustrate this with an example I made the following settings in our demo system.
Step 2: Maintain Payment Card Type settings -Encryption Flag
In a previous customizing step, I spoke about defining the payment card types. In order to activate the masking, you must also flag the "Encryption" Field.
Remark: make sure to perform these steps as soon as you decide to store/use credit card information for your Business Partners. E.g. when you decide to Mask credit cards, you can still do this afterwards, however, older credit cards - maintained in your system before having made the masking steps - are NOT getting masked.Only creditcards maintained AFTER you made these settings will be shown masked!
After having done all these steps, let's have a look at the changes in our SAP CRM System.
To show the credit card in an unmasked form, you need the correct authorizations. By clicking on the blue hyperlink, a pop-up will show the complete credit card number.
Relevant Authorization Objects for Credit Cards you may want to check !
Davy - The SAP University Team