Setting user privileges

Ensure that only user accounts with a legitimate business need are allowed to access sensitive data.

According to PCI DSS, the PAN must be displayed masked only, unless there is a legitimate business need to see the full PAN.

Full PAN visibility is controlled by the Mask level global privilege for each user.

  1. In the user interface, click the Administration tab.
  2. Select User management > Accounts from the navigation menu. Select a user.
  3. Scroll down to the Global Privileges section.
    Figure 1. Global privileges section
    This image is explained in the surrounding text.
  4. Select may see clear values in Mask level.

In addition to global privileges, certain functions of IBM® Safer Payments can be accessed only by users with a legitimate business need. You can grant certain privileges to such users. More precisely, model revisions, report, and query definitions must be viewed only by privileged users. However, nonprivileged users can still run reports and queries.

  1. In the user interface, click the Administration tab.
  2. Select User management > Roles from the navigation menu.
  3. Click the user role that you want to change in the roles table.
  4. Change the privileges according to your requirements by selecting the appropriate checkboxes.