Q1. How does the credit card encryption in the CRM system work?
1. If the encryption has been enabled payment cards are encrypted as soon as you save a transaction and before the data is stored on the database.
Q 2. Which algorithm is used for the encryption?
2. For encrypting payment card numbers you have to use the SAP Cryptographic Library (SAPCryptolib).The SAP Cryptographic Library is the default security product delivered by SAP for performing encryption functions in SAP Systems.
Q3. How can I activate the payment card encryption?
3. To activate the encryption in the CRM system you have to perform following steps:
a) Implement the SAP Cryptographic Library as described in 662340 and 1014619. Make sure, that you define the encryption key using transaction SSFA for application DFAULT. You can take over the standard setting. Then you have to generate the key using transaction STRUST. (Make sure, you select an algorithm suitable for encryption, eg. RSA.)
b) Activate the encryption in the customizing (Transaction 'SPRO') at CRM -> Basic Functions -> Payment Cards -> Basic Settings -> Maintain Payment Card Type. If encryption is active for a payment card type, but no external tool is connected (see 3 a)), the payment card number is saved without being encrypted.
Q4. How can I switch on the masking of payment card numbers?
4. The masking functionality depends on activation of card encryption. If card encryption is active, in online transactions card numbers are shown always in masked form (after first save). Since CRM Release 5.0 the card numbers will be visible in the following way: #####*********##. To see the card numbers in unmasked form the user needs the display authorization CRM_ORD_PC and additionally the authorization B_CARD_SEC if the encryption is switched on.
Q5. How can I encrypt payment cards which were entered into the system before the encryption has been made operational
Q6. Where can I find additional documentation regarding possible security settings and measures that can help me to operate a secure CRM system?
6. The Security Guide document can be found in the SAP Service Marketplace at following link:
SAP Support Portal -> Release & Upgrade Info -> Installation & Upgrade Guides -> SAP Business Suite Applications -> SAP CRM -> SAP CRM 2005 -> Security Guide mySAP CRM 2005 (SAP CRM 5.0)