Question

United health group
IN
Posted: Sep 8, 2015
Last activity: Sep 8, 2015
Last activity: 8 Sep 2015 4:12 EDT
This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.
Hi Team I have a requirement to encrypt SSN in Pega could you please suggest me the process to achieve it.
You might want to take a look at this article - https://community.pega.com/sites/default/files/help_v719/procomhelpmain.htm
Hi Rajiv
I tried this but in below Link its mentioned that this feature cannot be used for securing data in production so can u please suggest how to proceed.
https://docs-previous.pega.com/encrypting-properties-and-blobs
Hi Pavani,
I am assuming you referring to this text from the PDN article
In both cases you must provide your own cipher algorithm. Out of the box, PRPC contains a sample algorithm but it is NOT meant for production use. The class com.pega.pegarules.crypto.PRCipherSampleBF can be used for testing this functionality, but you must create an appropriate cipher for production use. Instructions on building a cipher can be found under the help topic Working with the PegaRULES Database - How to Encrypt the Storage Streams of Selected Classes.
This clearly states that the out of the box cipher algorithm provided in the platform is not meant for production use. But if you provide your own cipher algorithm which meets your internal security standards, then you can use it for production.
-Rajiv
Rajiv,
Thank u for your prompt responses. Can I use data type PASSWORD for SSN as this control also encrypts data and in this case do I need to use any custom cipher algorithm?.
Can you explain me when to choose data types password and textencrypted types?
Accepted Solution
Hi Pavani,
The initial link that I pasted had the differences. But the key difference is this
A password field hashes the text (using MD5) and stored the hashed value. It is one way hashing so the value is never decrypted to get the original text.
A text encrypted field uses a cipher that you provide to encrypt and store its value and also gives you the option to decrypt and display if required.
So in essence, if you want to get back the original text that you saved after modifying it (hash / encrypt), you should use text encrypted.
-Rajiv
Excerpt from the link - https://community.pega.com/sites/default/files/help_v719/procomhelpmain.htm
When choosing which Type value to use, consider these factors:
Hi Pavani,
The initial link that I pasted had the differences. But the key difference is this
A password field hashes the text (using MD5) and stored the hashed value. It is one way hashing so the value is never decrypted to get the original text.
A text encrypted field uses a cipher that you provide to encrypt and store its value and also gives you the option to decrypt and display if required.
So in essence, if you want to get back the original text that you saved after modifying it (hash / encrypt), you should use text encrypted.
-Rajiv
Excerpt from the link - https://community.pega.com/sites/default/files/help_v719/procomhelpmain.htm
When choosing which Type value to use, consider these factors:
Question
Discussion
Question
Question
Question Solved
Question Solved
Question Solved
Question
Question
Question Solved
Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.