Skip to Content
avatar image
Former Member

Credit Card Encryption & System Copy

Hi All,

We have done a system copy from PRD back to QA (credit card encryption is activated on both servers). The customer would like to be able to read the PRD data including the credit card details but of course the QA system can only de-crypt its own data and not the PRD data. Is there a way of de-crypting the PRD data that is already within QA and then re-encrypt using QA key?

I didn't set up the original encryption so I am learning about this as I go.

Thanks.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Sep 22, 2008 at 07:46 AM

    I don't think that what you're doing here is in any way conforming to the regulations of PCI DSS. What you want to do is dangerous and can have very grave consequences. I would strongly advise you to destroy the credit card data in QA!

    Assuming you used the system PSE for encrypting the data: You'll have to export this PSE from PRD using STRUST and then, also using transaction STRUST, import into QA.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Eric Bushman

      Hi Eric,

      Yes in VCNUM I also have the two corresponding records. One thing I do notice is that the credit card that does not appear in XD03 (ie: the PRD one) is actually expired in terms of validity. Please excuse my ignorance on this one as I am a basis consultant and not functional or FI, so I am not entirely sure how the transaction is meant to work. Wonder if this is the reason it does not get displayed? In which case I will ask the customer for another example.

      - Natalie