Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Masking sensitive fields during display

Go to solution
Former Member

‎2008 Feb 15 3:02 PM

0 Kudos
3,946

We want to mask some sensitive fields such as bank account number, social security number, credit card number etc during display based on an authority check. The displayed values, if not authorized, may look something like *****1234 or 1234***** without fully displaying the value.

I have seen some options to do that for credit card numbers but what are our options to do that for any such sensitive fields? Do we have to go for third party tools? If so, do they support only certain fields? Also, we want to do this at the domain level, so that no matter which transaction one of these sensitive fields is displayed on, we want this authority check and masking to happen. I looked for conversion routine option, but not all the domains have conversion routines attached to them.

Encryption of the data at the database level is something we want to keep as last resort. We are on ECC 6.0 version.

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2008 Feb 15 10:11 PM

0 Kudos
1,170

Are these standard SAP tables and domains?

I would think that some sort of conversion routine would be your best bet.

I recall a similar question a while back, but I don't know if it was ever answered satisfactorily.

Rob

Edited by: Rob Burbank on Feb 16, 2008 4:01 PM

12 REPLIES 12
Read only

Go to solution
Former Member

‎2008 Feb 15 10:11 PM

0 Kudos
1,171

Are these standard SAP tables and domains?

I would think that some sort of conversion routine would be your best bet.

I recall a similar question a while back, but I don't know if it was ever answered satisfactorily.

Rob

Edited by: Rob Burbank on Feb 16, 2008 4:01 PM

Read only

Go to solution
matt
Active Contributor

‎2008 Feb 17 6:23 AM

0 Kudos
1,170

Are these fields in standard SAP transactions or in your own developments? If you're considering encryption, I can only assume the latter. In which case, you've full control over what is displayed. Rob's suggestion of conversion functions is very neat.

If the former, then you could use transaction variants (shd0), to create transactions that mask the sensitive fields completely. Then create your own program that all users calls, that does a further CALL TRANSACTION, depending on the results of authority checks.

matt

Read only

Go to solution
Former Member
In response to matt

‎2008 Feb 18 3:31 PM

0 Kudos
1,170

Thank you Rob/Mathew, I have already looked into conversion routines as I mentioned in my post. But not all of them have conversion routines attached to their domains. So I will have to modify standard SAP domains to add the conversion routines, unless there is another way that I am missing here.

These are standard SAP transactions where we want to do this not custom ones. Hiding is not an option.

Read only

Go to solution
Former Member
In response to matt

‎2008 Feb 19 9:37 PM

0 Kudos
1,170

This was the question I was referring to. It is obviously not answered, but you could contact the individual directly to see how he managed:

[;

Rob

Read only

Go to solution
Former Member
In response to matt

‎2008 Feb 19 9:45 PM

0 Kudos
1,170

Sorry Rob, he is my collegue asking the same question. So I can say for sure that he hasn't found an answer to it.

Read only

Go to solution
Former Member
In response to matt

‎2008 Feb 19 9:47 PM

0 Kudos
1,170

Well, OK - that gave me a chuckle!

Rob

Read only

Go to solution
Former Member

‎2008 Feb 18 3:45 PM

0 Kudos
1,170

Hi,

did you think about Field-Exits (Transaction: CMOD and then FCOD: PRFB) instead of modification.

Some useful Hints may be found in Note 29377.

Martin

Edited by: Martin Pfeiffer on Feb 18, 2008 4:50 PM

Edited by: Martin Pfeiffer on Feb 18, 2008 4:50 PM

Read only

Go to solution
Former Member

‎2008 Apr 17 12:26 AM

0 Kudos
1,170

Hi! Srinivas,

Have you found any solution for your question yet ? Would you mind share it with me ? Thanks.

Read only

Go to solution
Former Member

‎2009 Dec 21 7:34 AM

0 Kudos
1,170

Hi Srinivas, Rob

Appreciate your questions and answers for the maksing fields. I'm kindoff looking for a similar issue would appreciate and your responses if some one would have come up with a solution. I beleive SAP Would have a solution for this bcoz masking of social is a common scenario and it would come with security team or functional team while creating security matrix I'll check with my team. If any one have an anwer for this kindly update.

Thanks

Raja

Read only

Go to solution
Former Member

‎2010 Aug 27 9:17 PM

0 Kudos
1,170

We still have no answer for this. Third party tools seem to be the only answer.

Read only

Go to solution
former_member753293
Explorer
In response to Former Member

‎2010 Dec 29 5:50 PM

0 Kudos
1,170

Try this configuration.

SPRO -> Cross-application components -> Payment cards -> Make security settings for payment cards.

This should take care of your issue.

Read only

Go to solution
Former Member

‎2011 May 19 9:23 PM

0 Kudos
1,170

Was anyone able to solve this problem?

Have you tried a Field Exit?

http://help.sap.com/saphelp_40b/helpdata/fr/c8/19765b43b111d1896f0000e8322d00/content.htm