Return to Navigation

Understanding Credit Card Encryption

PeopleTools Pluggable Cryptography is an advanced security framework that introduces a new security model for applications to encrypt and decrypt credit card data. This feature adds greater security to the credit card data handling system as well as upgrades existing credit card data.

Credit card encryption is available to PeopleSoft CRM implementations that are integrated with PeopleSoft Financials.

Strong Encryption

Pluggable Cryptography protects critical PeopleSoft data and enables more secure data communication with other businesses. It enables you to extend and improve cryptographic support for your data in PeopleTools. By incrementally acquiring stronger and more diverse algorithms for encrypting data, Pluggable Cryptography offers strong cryptography with the flexibility to change and grow.

Enhanced cryptography capability is provided by PeopleSoft pluggable encryption technology (PET), which employs 3DES algorithms and 168-bit encryption keys to secure data.

Features

Applying Pluggable Cryptography to your system:

  • Improves the system's ability to protect credit card data during transfer and storage.

  • Upgrades existing credit card data.

  • Protects data during information display.

Once upgraded, the system displays credit card numbers so as to mask them. Before upgrade, the system displayed all digits of a credit card number, whether display-only or editable. The feature modifies the display to show only the last four digits, replacing each preceding digit with an X.

Standards

PeopleTools Pluggable Cryptography complies with the cardholder data protection requirements of the Payment Card Industry (PCI) Security Standards Council and with Visa's Cardholder Information Security Program (CISP). When you enable this feature, credit card numbers for external third-party payers, such as customers or students, are encrypted.

Note: This feature upgrades credit card numbers that are shared with the PeopleSoft Financials or a third-party database; it does not upgrade those stored internally in the CRM database, such as company-owned or employee credit cards.

See “Securing Data with Pluggable Cryptography” in PeopleTools: Security Administration product documentation.