1. Implementing Expenses
  2. Enable Pretty Good Privacy (PGP) for Corporate Card Transaction Files

Enable Pretty Good Privacy (PGP) for Corporate Card Transaction Files

This topic describes how to enable PGP for Visa, MasterCard, or Diner's Club corporate card transaction files. First, you create a PGP encryption certificate and provide it to the card issuer.

Using the PGP certificate that you provide, the card issuer encrypts your corporate card transaction files and sends them to the server that hosts the files for you. Finally, you run the Upload Corporate Card Transaction File process, which decrypts the files in memory and processes the transactions.

Note: PGP encryption isn't applicable to American Express.

Prerequisites

To receive files directly from Visa, MasterCard, or Diner's Club, you must set up an HTTPS or SFTP server at your site or with a third party. Alternatively, you can set up an HTTPS or SFTP server at the card issuer's site so it can host your corporate card transaction files. It's recommended to use SFTP.

Note: Oracle Expenses Cloud doesn't allow card issuers to directly push corporate card transaction files to your Cloud environment.

Create a PGP Encryption Certificate

To create a PGP encryption certificate for uploading corporate card transactions files, perform the following steps:

  1. Sign in to Oracle Applications Cloud as a user with the IT Security Manager role.

  2. From the Springboard, navigate to Tools > Security Console.

  3. Select the Certificates tab.

  4. Click the Generate button to open the Generate page.

  5. From Certificate Type, select the PGP option.

  6. In the Alias field, enter an alias.

    Note: Use this alias when defining the Corporate Card Program’s transfer parameters.

  7. In the Passphrase field, enter a password.

    Caution: Store the password in a safe location. You require this password to delete this certificate in the future.

  8. From the Key Type choice list, select RSA.

  9. From the Key Length choice list, select the length that you want to use.

  10. From the Encryption Algorithm choice list, select the algorithm that you want to use.

    Note: Select the length as 2048 and the algorithm as AES256 for stronger encryption.

  11. Click the Save and Close button.

Export a PGP Encryption Certificate

To export the PGP encryption certificate to your card issuer, perform the following steps:

  1. On the Certificates page, select the row with the alias you defined while creating a PGP Encryption Certificate, and click the down arrow to open actions available for this certificate.

  2. Select Export > Public Key.

  3. Save the public key file.

  4. Provide the public key file to your card issuer.

    Note: Using the public key, your card issuer must encrypt your corporate card transactions files.

Import a Signature Certificate from Your Bank

  1. Sign in to Oracle Applications Cloud as a user with the IT Security Manager role.

  2. From the Springboard, navigate to Tools > Security Console.

  3. Select the Certificates tab.

  4. On the Certificates page, click Import and select the certificate that you received from your bank for signature.

  5. In the Alias field, enter an alias.

    Note: Use this alias when defining the Corporate Card Program’s transfer parameters.

  6. Click Save and Close.

  7. Sign in to Oracle Applications Cloud as a user with the Corporate Card Admin role.

  8. On the Edit Corporate Card Programs page, define the parameters for the card program. Provide the alias that you used in step 5.

  9. Click Save and Close.

Verify Encrypted Files

Contact the card issuer to verify that the files are encrypted.

Process Encrypted Transaction Files

Run or schedule the Upload Corporate Card Transaction File process. The process uses the alias, decrypts the corporate card transaction files, and processes the transactions.