Setting user privileges
Ensure that only user accounts with a legitimate business need are allowed to access sensitive data.
According to PCI DSS, the PAN must be displayed masked only, unless there is a legitimate business need to see the full PAN.
Full PAN visibility is controlled by the Mask level global privilege for each user.
- In the user interface, click the Administration tab.
- Select from the navigation menu. Select a user.
- Scroll down to the Global Privileges section.
- Select may see clear values in Mask level.
In addition to global privileges, certain functions of IBM® Safer Payments can be accessed only by users with a legitimate business need. You can grant certain privileges to such users. More precisely, model revisions, report, and query definitions must be viewed only by privileged users. However, nonprivileged users can still run reports and queries.
- In the user interface, click the Administration tab.
- Select from the navigation menu.
- Click the user role that you want to change in the roles table.
- Change the privileges according to your requirements by selecting the appropriate checkboxes.