Customers
User information
 Loading ...
Show article in Knowledge Base

 Masking and encrypting credit card numbers Export knowledge base Export     SubscribeSubscribe      Show article info

 

In VisionProject it is possible to encrypt credit card data on issues if available, as required by the security standard PCI DSS (Payment Card Industry’s Data Security Standard).

 

In VisionProject we have chosen to use GPG for encryption since it is a very secure and open framework, more on GPG here...

 

Configure VisionProject

To enable this functionality you need to follow the steps below :

  1. Create a GPG encryption key, i.e. a public and private key pair. 
  2. Export the public key from your key and store it in a file with extension .asc, see here for more info on how to do this:
  3. The public key will be used for data encryption by us and then you will use your private (secret) key to decrypt data
  4. Upload the public key as an .asc or .txt file in the Settings --> Other configurations --> Security in VisionProject
  5. Configure your projects/workspaces to mask and encrypt data by going to Project --> Settings --> General --> "General issue settings" 
  6. Check the option "Enable masking of credit cards number....", and you can also mark any issues that have contained credit card data by setting a custom field (boolean) on it if you want

Using encrypted data

When you have followed the  steps above, credit card numbers in emails are masked/hidden and then encrypted. 

 

For example, if you type in a credit card number such as 378282246310005 it will be masked and converted to: ***MASKED***0005

 

The original text, including the credit card number will be stored on the issue as attachments (with extension .gpg). This means that the original data and credit card number can only be retrieved by you and your trusted personell.

 

To do this, if you have GPG4Win installed, you only need to download the file then right click on it and choose "Decrypt" in the menu. You will then be forced to type your passphrase to decrypt the data.

 

Recommendations

  • Choose a secure passphrase for your encryption key
  • Distribute the private key to trusted personnel only
  • Let only trusted personnel know the passphrase
  • Generate new public/private key pairs on a regular basis
  • Store all old encryption keys in a secure location to be able to restore old data
  • Change your passphrase regularly for your encryption key

User comments
 Loading ...