Handling Company Credit Cards
In PeopleSoft Human Resources, you can identify company credit cards and then assign those cards to employees.
These topics provide an overview of credit card encryption, list prerequisites, and discuss handling company credit cards.
|
Page Name |
Definition Name |
Usage |
|---|---|---|
|
CC_CARD_TBL |
Enter vendors of credit cards that you'll assign to workers. A vendor that you identify here can be linked to an actual vendor in the Accounts Payable Vendor table. |
|
|
CC_CARD_DATA |
Assign company credit cards to workers. |
|
|
CC_ENCRYPT_CRD_NBR |
Encrypt preexisting credit card numbers according to the latest encryption standards of the system. |
PeopleSoft Human Resources uses PeopleTools Pluggable Cryptography framework and encryption/decryption profiles (called encryption schemes) to encrypt and decrypt all credit card numbers stored in the database.
PeopleTools Pluggable Cryptography is an advanced security framework that provides a security model for applications to encrypt credit card data. Pluggable Cryptography provides a way for you to secure critical PeopleSoft data and communicate securely with other businesses. It enables you to extend and improve cryptographic support for your data in PeopleTools, giving you strong cryptography with the flexibility to change and grow, by incrementally acquiring stronger and more diverse algorithms for encrypting data. In PeopleTools, pluggable cryptography capability is provided by PeopleSoft pluggable encryption technology (PET).
By using the PeopleTools Pluggable Cryptography for strong encryption/decryption, the Human Resources system encrypts data using 3DES algorithms and 168-bit encryption keys. The system displays an X in place of each credit card number other than the last four digits. This includes credit card numbers that are display-only as well as those that are editable. The system encrypts all credit card numbers as soon as they are entered into the system on the Maintain Employee Credit Card page.
Use of the stronger Credit Card Encryption solution supports compliance with the cardholder data protection requirements of the Payment Card Industry (PCI) Data Security Standard and with Visa's Cardholder Information Security Program (CISP).
PeopleSoft Human Resources delivers the system data necessary for credit card encryption. Encryption of credit card numbers within the Human Resources system requires no additional setup.
Note: When the system publishes any messages that contain a credit card number (such as the CORPORATE_CARD_DATA_SYNC message) the systems uses clear text rather than encrypted data for the credit card number because the message is being sent via a secured queue. The secured queue likewise meets the requirement of the PCI Data Security Standard. The message CORPORATE_CARD_DATA_FULLSYNC also comes delivered but is not implemented in the system. To use this message you must write code to decrypt the credit card number before publishing the message.
For information on cryptography, see the “Securing Data with Pluggable Cryptography” topic in the documentation, PeopleTools: Security Administration
You must have defined credit card types on the Translate table before entering credit card vendors.
Use the Credit Card Vendors page (CC_CARD_TBL) to enter vendors of credit cards that you'll assign to workers.
A vendor that you identify here can be linked to an actual vendor in the Accounts Payable Vendor table.
Navigation
Image: Credit Card Vendors page
This example illustrates the fields and controls on the Credit Card Vendors page. You can find definitions for the fields and controls later on this page.
|
Field or Control |
Definition |
|---|---|
| Vendor ID |
Enter the vendor ID. |
| Corporate Number |
Enter your company's corporate number. This isn't a credit card number. |
| Bill Includes Tax if Applied |
Select if the bill includes tax. |
| Grace Period andDays After Billing Date |
Enter the number of days allowable after the billing date to avoid additional charges. |
Use the Maintain Employee Credit Card page (CC_CARD_DATA) to assign company credit cards to workers.
Navigation
Image: Maintain Employee Credit Card page
This example illustrates the fields and controls on the Maintain Employee Credit Card page. You can find definitions for the fields and controls later on this page.
|
Field or Control |
Definition |
|---|---|
| Credit Card Vendor |
Select the card's vendor. |
| Card Type |
Select the card type. |
| Credit Card Number |
Enter the card number. The system masks the credit card number except for the last four digits. The masking of the credit card number is visible only after saving the data and then accessing the page again for that employee. To update an existing credit card number you must delete the existing number and enter the new number in its entirety, even if you are only modifying the last four digits. |
| Function |
Select the main function for this card (for example, debit card, phone card, or corporate card). |
| Issued Date |
Enter the date that the card was issued. |
| Expiration Date |
Enter the date that the card expires. |
| Limit Amount |
Enter the credit card limit amount. |
| Currency |
Enter the currency of the credit card. |
| Limit Per Trans (limit per transaction) |
Enter the limit amount per transaction. |
| Bill To |
Select whom to bill for this credit card. |
Use the Process Credit Card Encryption page (CC_ENCRYPT_CRD_NBR) to encrypt preexisting credit card numbers according to the latest encryption standards of the system.
Navigation
Image: Process Credit Card Encryption page
This example illustrates the fields and controls on the Process Credit Card Encryption page. You can find definitions for the fields and controls later on this page.
Note: Run this process one time to encrypt preexisting credit card numbers only if you have unsecured data in the Credit Card Number field on the Maintain Employee Credit Card page.
|
Field or Control |
Definition |
|---|---|
| Record Name |
Select the record that contains the field for which you want to encrypt preexisting data with the system's latest encryption standards. To encrypt preexisting credit card numbers found on the Maintain Employee Credit Card page, select the CC_CARD_DATA_EX record. |
| Field Name |
Select the field (within the selected record) for which you want to encrypt preexisting data with the system's latest encryption standards. To encrypt preexisting credit card numbers found on the Maintain Employee Credit Card page, select the CRDMEM_ACCT_NBR field. |
| Encrypt |
Click this button to encrypt the preexisting data for the selected field. |