Skip to Content
Technical Articles
Author's profile photo Sumanth Gururaj

Encryption & Masking in SAP – key points

Introduction :

As many posts/blogs are extensively available online for the above subject, the purpose of this post is to highlight a few key points, differences &  relv. SAP Notes consolidated.- on a high level.

The basic point to be kept in mind is that, STD SAP does NOT permit the flow/default of Payment Card # from the CMR into an SO. They have to be entered manually by an user at SO level.

The above is applicable for S/4 HANA systems too.

For copying the payment card # automatically from the CMR into the SO, a custom code is to be implemented at USEREXIT_MOVE_FIELD_TO_VBAK ( Include: MV45AFZZ)

Encryption Masking
For unstructured data like files, videos, images, etc For structured data like Payment Cards,SSNs,etc
Focuses on data being secured Focuses on data being functional
Reversible Irreversible




SAP STD Program Purpose
CCARDEC_TRANSFORM_SD To check & encrypt values in SD
CCARC_CHECK To check the encryption
CCARDEC_CHECK To ensure that the encryption tool is working correctly
CCARDEC_TRANSFORM_VCKUN_VCNUM for the retrospective encryption of the card data in the CMR


Desc SAP Notes #
FAQs : Credit Card encryption in R/3 systems 766703
FAQs : Credit Card encryption & master data 836079
Encrypting  Credit card data 633462
FAQs/Collective note for Payment Cards ( Consulting/modif) 914603
Payment Card # all digits masked 1820234 ( KBA)
Security when displaying credit card no:s 1105524
FAQs : Credit card encryption in CRM 1034482
SSF Encryption using the SAPCryptolib 662340
Payment card not masked in SO 1947100


Feedback/suggestions are improvement are welcome.

Thank you for your time.

Sumanth Gururaj

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.