Handling Company Credit Cards
In PeopleSoft Human Resources, you can identify company credit cards and then assign those cards to employees.
These topics provide an overview of credit card encryption, list prerequisites, and discuss handling company credit cards.
|
Page Name |
Definition Name |
Usage |
|---|---|---|
|
CC_CARD_TBL |
Enter vendors of credit cards that you'll assign to workers. A vendor that you identify here can be linked to an actual vendor in the Accounts Payable Vendor table. |
|
|
CC_CARD_DATA |
Assign company credit cards to workers. |
|
|
CC_ENCRYPT_SETUP |
View and update the Encryption and Decryption Profile IDs. You can also view the encryption flag, which indicates whether encryption is enabled. |
|
|
CC_ENCRYPT_CRD_NBR |
Encrypt preexisting credit card numbers according to the latest encryption standards of the system. |
PeopleSoft Human Resources uses PeopleTools Pluggable Cryptography framework and encryption/decryption profiles (called encryption schemes) to encrypt and decrypt all credit card numbers stored in the database.
PeopleTools Pluggable Cryptography is an advanced security framework that provides a security model for applications to encrypt credit card data. Pluggable Cryptography provides a way for you to secure critical PeopleSoft data and communicate securely with other businesses. It enables you to extend and improve cryptographic support for your data in PeopleTools, giving you strong cryptography with the flexibility to change and grow, by incrementally acquiring stronger and more diverse algorithms for encrypting data. In PeopleTools, pluggable cryptography capability is provided by PeopleSoft pluggable encryption technology (PET).
By using the PeopleTools Pluggable Cryptography for strong encryption/decryption, the Human Resources system encrypts data using Advanced Encryption Standard (AES) algorithms and 128, 192, or 256-bit encryption keys. When enabled, the system displays an X in place of each credit card number other than the last four digits. This includes credit card numbers that are display-only as well as those that are editable. The system encrypts all credit card numbers as soon as they are entered into the system on the Maintain Employee Credit Card page.
Use of the stronger Credit Card Encryption solution supports compliance with the cardholder data protection requirements of the Payment Card Industry (PCI) Data Security Standard and with Visa's Cardholder Information Security Program (CISP).
PeopleSoft Human Resources delivers the system data necessary for credit card encryption and decryption. Encryption and decryption of credit card numbers within the Human Resources system requires no additional setup.
Note: When the system publishes any messages that contain a credit card number (such as the CORPORATE_CARD_DATA_SYNC message) the systems uses clear text rather than encrypted data for the credit card number because the message is being sent via a secured queue. The secured queue likewise meets the requirement of the PCI Data Security Standard. The message CORPORATE_CARD_DATA_FULLSYNC also comes delivered but is not implemented in the system. To use this message you must write code to decrypt the credit card number before publishing the message.
For information on cryptography, see the “Securing Data with Pluggable Cryptography” topic in the documentation, PeopleTools: Security Administration
You must have defined credit card types on the Translate table before entering credit card vendors.
Use the Credit Card Vendors page (CC_CARD_TBL) to enter vendors of credit cards that you'll assign to workers.
A vendor that you identify here can be linked to an actual vendor in the Accounts Payable Vendor table.
Navigation:
This example illustrates the fields and controls on the Credit Card Vendors page. You can find definitions for the fields and controls later on this page.
Field or Control |
Description |
|---|---|
Vendor ID |
Enter the vendor ID. |
Corporate Number |
Enter your company's corporate number. This isn't a credit card number. |
Bill Includes Tax if Applied |
Select if the bill includes tax. |
Grace Period andDays After Billing Date |
Enter the number of days allowable after the billing date to avoid additional charges. |
Use the Maintain Employee Credit Card page (CC_CARD_DATA) to assign company credit cards to workers.
Navigation:
This example illustrates the fields and controls on the Maintain Employee Credit Card page. You can find definitions for the fields and controls later on this page.
Field or Control |
Description |
|---|---|
Credit Card Vendor |
Select the card's vendor. |
Card Type |
Select the card type. |
Credit Card Number |
Enter the card number. The system masks the credit card number except for the last four digits. The masking of the credit card number is visible only after saving the data and then accessing the page again for that employee. To update an existing credit card number you must delete the existing number and enter the new number in its entirety, even if you are only modifying the last four digits. |
Function |
Select the main function for this card (for example, debit card, phone card, or corporate card). |
Issued Date |
Enter the date that the card was issued. |
Expiration Date |
Enter the date that the card expires. |
Limit Amount |
Enter the credit card limit amount. |
Currency |
Enter the currency of the credit card. |
Limit Per Trans (limit per transaction) |
Enter the limit amount per transaction. |
Bill To |
Select whom to bill for this credit card. |
Use the Credit Card Encryption Setup page (CC_ENCRYPT_SETUP) to view and update the Encryption and Decryption Profile IDs. You can also view the encryption flag, which indicates whether encryption is enabled.
Navigation:
This example illustrates the fields and controls on the Credit Card Encryption Setup page. You can find definitions for the fields and controls later on this page.
This example illustrates the fields and controls on the Credit Card Encryption Setup page. You can find definitions for the fields and controls later on this page.
|
Field or Control |
Description |
|---|---|
|
Encryption Enabled |
Displays Yes when encryption has been enabled for the profile ID using the Process Credit Card Encryption Page. You can modify the Encryption and Decryption Profile IDs only when encryption has not been enabled. |
|
Encryption Profile ID |
Enter the profile ID associated with credit card encryption. You can modify this field only if encryption has not been enabled with the Process Credit Card Encryption Page. If encryption has been enabled, this field is display only. |
|
Decryption Profile ID |
Enter the profile ID associated with credit card decryption. You can modify this field only if encryption has not been enabled with the Process Credit Card Encryption Page. If encryption has been enabled, this field is display only. |
Use the Process Credit Card Encryption page (CC_ENCRYPT_CRD_NBR) to encrypt and decrypt the profile IDs according to the latest encryption standards of the system.
Navigation:
This example illustrates the fields and controls on the Process Credit Card Encryption page. You can find definitions for the fields and controls later on this page.
Note: Run this process one time to encrypt pre-existing credit card numbers only if you have unsecured data in the Credit Card Number field on the Maintain Employee Credit Card page.
Field or Control |
Description |
|---|---|
Run Control ID |
Displays the run control ID entered in the Add page. |
Encryption Action |
The Encryption Action displays Encrypt when encryption is disabled in the Credit Card Encryption Setup Page. The action displays Decrypt when encryption is enabled. |
Run |
Click this button to encrypt or decrypt the pre-existing data for the selected field. |