Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Masking sensitive fields during display

Go to solution
Former Member

‎02-15-2008 3:02 PM

0 Kudos

We want to mask some sensitive fields such as bank account number, social security number, credit card number etc during display based on an authority check. The displayed values, if not authorized, may look something like *****1234 or 1234***** without fully displaying the value.

I have seen some options to do that for credit card numbers but what are our options to do that for any such sensitive fields? Do we have to go for third party tools? If so, do they support only certain fields? Also, we want to do this at the domain level, so that no matter which transaction one of these sensitive fields is displayed on, we want this authority check and masking to happen. I looked for conversion routine option, but not all the domains have conversion routines attached to them.

Encryption of the data at the database level is something we want to keep as last resort. We are on ECC 6.0 version.

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎02-15-2008 10:11 PM

0 Kudos

Are these standard SAP tables and domains?

I would think that some sort of conversion routine would be your best bet.

I recall a similar question a while back, but I don't know if it was ever answered satisfactorily.

Rob

Edited by: Rob Burbank on Feb 16, 2008 4:01 PM

12 REPLIES 12

Go to solution
Former Member

‎02-15-2008 10:11 PM

0 Kudos

Are these standard SAP tables and domains?

I would think that some sort of conversion routine would be your best bet.

I recall a similar question a while back, but I don't know if it was ever answered satisfactorily.

Rob

Edited by: Rob Burbank on Feb 16, 2008 4:01 PM

Go to solution
matt
Active Contributor

‎02-17-2008 6:23 AM

0 Kudos

Are these fields in standard SAP transactions or in your own developments? If you're considering encryption, I can only assume the latter. In which case, you've full control over what is displayed. Rob's suggestion of conversion functions is very neat.

If the former, then you could use transaction variants (shd0), to create transactions that mask the sensitive fields completely. Then create your own program that all users calls, that does a further CALL TRANSACTION, depending on the results of authority checks.

matt

Go to solution
Former Member
In response to matt

‎02-18-2008 3:31 PM

0 Kudos

Thank you Rob/Mathew, I have already looked into conversion routines as I mentioned in my post. But not all of them have conversion routines attached to their domains. So I will have to modify standard SAP domains to add the conversion routines, unless there is another way that I am missing here.

These are standard SAP transactions where we want to do this not custom ones. Hiding is not an option.

Go to solution
Former Member
In response to matt

‎02-19-2008 9:37 PM

0 Kudos

This was the question I was referring to. It is obviously not answered, but you could contact the individual directly to see how he managed:

[;

Rob

Go to solution
Former Member
In response to matt

‎02-19-2008 9:45 PM

0 Kudos

Sorry Rob, he is my collegue asking the same question. So I can say for sure that he hasn't found an answer to it.

Go to solution
Former Member
In response to matt

‎02-19-2008 9:47 PM

0 Kudos

Well, OK - that gave me a chuckle!

Rob

Go to solution
Former Member

‎02-18-2008 3:45 PM

0 Kudos

Hi,

did you think about Field-Exits (Transaction: CMOD and then FCOD: PRFB) instead of modification.

Some useful Hints may be found in Note 29377.

Martin

Edited by: Martin Pfeiffer on Feb 18, 2008 4:50 PM

Edited by: Martin Pfeiffer on Feb 18, 2008 4:50 PM

Go to solution
Former Member

‎04-17-2008 12:26 AM

0 Kudos

Hi! Srinivas,

Have you found any solution for your question yet ? Would you mind share it with me ? Thanks.

Go to solution
Former Member

‎12-21-2009 7:34 AM

0 Kudos

Hi Srinivas, Rob

Appreciate your questions and answers for the maksing fields. I'm kindoff looking for a similar issue would appreciate and your responses if some one would have come up with a solution. I beleive SAP Would have a solution for this bcoz masking of social is a common scenario and it would come with security team or functional team while creating security matrix I'll check with my team. If any one have an anwer for this kindly update.

Thanks

Raja

Go to solution
Former Member

‎08-27-2010 9:17 PM

0 Kudos

We still have no answer for this. Third party tools seem to be the only answer.

Go to solution
former_member753293
Explorer
In response to Former Member

‎12-29-2010 5:50 PM

0 Kudos

Try this configuration.

SPRO -> Cross-application components -> Payment cards -> Make security settings for payment cards.

This should take care of your issue.

Go to solution
Former Member

‎05-19-2011 9:23 PM

0 Kudos

Was anyone able to solve this problem?

Have you tried a Field Exit?

http://help.sap.com/saphelp_40b/helpdata/fr/c8/19765b43b111d1896f0000e8322d00/content.htm