By default, Aptify encrypts credit card account numbers. This means that any user who needs to save a credit card payment must have access to the Security Key that is used to encrypt the account numbers. This section describes how to add users to a Security Key.
By default, Aptify encrypts credit card's account numbers in the database. Also, after save, the full credit card number is replaced by a partial credit card number that displays the first digit and the last four digits of the credit card number, as shown in the figure below.
All credit card numbers are stored in the Payment Information service, and this entity's CCAccountNumber field has Field Level Encryption enabled. By default, this field uses the Generic Entity Encryption Key as its Security Key, but you can change the key used to encrypt credit card numbers, as necessary. See the "Field Level Encryption" section in the Entity Security chapter of the Aptify 5.5.1 Administration Guide for details.
In order to save a credit card payment, a user must have access to the security key used to encrypt the credit card account number field (by default, this is the Generic Entity Encryption Key). Follow these steps to add additional users to a security key, as necessary:
- Log in to Aptify as an administrative user who has access to the Security Key used to encrypt credit cards.
- By default, this is the Generic Entity Encryption Key. In the baseline Aptify installation, the sa user and members of the Users, Accounting, and Administrators group have access to this key.
- By default, this is the Generic Entity Encryption Key. In the baseline Aptify installation, the sa user and members of the Users, Accounting, and Administrators group have access to this key.
- Create or open a view of the Security Keys service.
- The Security Keys service is found under the Aptify Framework Administration application.
- The Security Keys service is found under the Aptify Framework Administration application.
- Open the record for the key that is used to encrypt credit card numbers (which is the Generic Entity Encryption Key by default).
- Click the User Permissions tab.
- Add a User Permissions record for each user account that will need to save credit card numbers (either as payments or saved payment methods).
- If desired, you can also add groups to a security key rather than add each user individually. In this case, click the Group Permissions tab and add a sub-type record for each group whose members should have access to this key.\
- Save and close the Security Keys record.