6 Encryption Manager (EM)

The purpose of Encryption Manager(EM) is to provide guidelines to change the encryption key within Fleet Management.

The Encryption Manager screen has following tabs:

Table 6-1 FMS Encryption Manager Screen

Tabs Description

Encryption

Encrypts the message using public key in Microsoft Message Queuing (MSMQ) and decrypts using Private Key before inserting in Corporate Data Transfer Interface (CDTI). Corporate Data Transfer Interface (CDTI) should have this key and it should be stored in Extensible Markup Language (XML) Templates.

Use this tab to view columns that are currently encrypted and to add columns as part of an encryption.

Decryption

Shows which columns are encrypted and need to be removed from encryption and should be seen as plain text in future. The user can select from the currently available columns and decide not to encrypt.

Encrypted Data PCI Adjustment

Picks up the data that is older than a year and is in an encrypted form. To decrypt it, mask the number except last 4 digits > again encrypt and it stores the data.

Example:

  • PLAIN:1233456789081114

  • ENCRYPTION: AXS12556HSndhdhsdjhwd781738

  • DECRYPT: 1233456789081114 if the credit card is older than 1 year then MASK.

    MASK-XXXXXXXXXXXX1114

  • Again Encrypt: AXS12556HSndhdhsdwewvh232vvevevr38

  • Decrypt: Only last 4 digits are available on the screen

Conversion from Old to New

Picks the encrypted data and decrypt from old method and encrypts again to new method.

FM encryption manager fetches the information from FM_ENCRYPTION_COLUMNS table and knows whether the data is in FM or SPMS method.

If the FM sender (FM sender 8.4. and above) uses old method, the sender needs to install encryption manager, convert the data to new method using this tab.

The latest version of sender uses only the SPMS new algorithm, it does not support old method.

There is a prerequisite to run the script FMS_FCONSOL_ALTERS.SQL.

When you click on convert from old to new, it checks for all data which is NULL in column CRD_ENCRYPTION_TYPE and it starts converting to new method and in the end the column is marked as new.

Pre-requisite: Select FidelioBK in Sender and Receiver on both sides.

The scenarios can be:
  • Data is stored in FM Encryption method
  • Data is stored in SPMS encryption method but using Old key
  • Data is stored in SPMS encryption method but using New key
Old method = FM or SPMS (old algorithm).

New method= SPMS (new algorithm).

SPMS 8.0 and above strictly uses new algorithm.

FM data viewer also must be 8.4 and above.

RSA Encryption Key

Encrypts the message using Public Key in Microsoft Message Queuing (MSMQ) and decrypt the message using Private Key before inserting in Corporate Data transfer interface (CDTI). CDTI needs to know this key and is stored in XML Templates.

Fidelio BK Keys

Shows the schema and the password.

Settings

Use to view and configure settings.