April 23, 2018
If you use Tango to store credit card information, you should read this.
Tango V4.35 encrypts customer credit card information to protect it against fraudulent use.
This is done via “Encryption Keys”.
Each Tango database has its own set of keys. If you have several Tango databases, you will have several sets of keys.
Without these keys, the information is unreadable and unuseable.
Keys can only be moved from one server to another if you have an “Encryption Key Backup File”.
This prevents someone from taking a copy of the database, moving it to another server, and extracting the credit card information.
BUT it means if you ever lose your encryption keys, and need to restore your data to a new server, you will lose all your encrypted credit card information. There is no way around this, no secret backdoor, no programmer hack. If you lose the keys, you lose the data.
So it is vitally important to backup the Encryption Keys. This is done via Development / Security / Encryption Info / Backup.
When you run this option, Tango will display a text file containing the keys. You should save this file to a USB drive, or DVD, or copy it to a computer in another building. You must back it up. There is no way to recover your encrypted information without this file.
You should also keep this file safe. Tango saves a copy to your computer. After you save that copy, you should delete the file from your computer. If someone gets hold of this text file, and also gets a copy of your data, they will be able to steal credit card information from your data.
By default, Tango keeps a safety copy of this information inside the database until you have backed it up. After you have backed it up, Tango will ask you if you want to remove this safety copy. You should answer yes. If you do not answer yes and leave the safety copy inside the database, someone can take a copy of your data, and extract the safety copy from the database, and use this to steal credit card information from your data.
Tango security allows ANYONE who can enter loan or client information to save or update credit card information for a loan or client. They do not need special permission to enter credit card info.
When a form containing a credit card number is displayed, you will only be able to see the last four digits of the credit card number. No one is able to view a full credit card number.
If you need to generate an export file for credit-card-based direct debits you now need special permission caled “Tango_Enryptor”. If you do not have this permission, Tango will display an error.
By default, only members of the “Tango_DBO” role have this special permission.
You can give other people this permission in two ways: 1. via Development / Security / Encryption Info / “Allow Credit Card Access”, or 2. via Development / Security / Security Roles. (Select “Tango_Encryptor” from the dropdown, and add any “available users” who need the permission.
Tango also allows for secure transmission of credit card information between systems via a Transmission Cypher. This lets other systems (such as Phoenix) securely transmit loan information and credit card data, without exposing credit card numbers. The Transmission Cypher is set via Development / Security / Encryption Info / Transmission Cypher. You can change it whenever you want, but if you do, you must also set the same Cypher in any other systems (such as Phoenix) which transmit information to Tango.
SUMMARY.
Here’s what you should do now for each Tango database on your server:
Backup encryption keys via Development / Security / Encryption Info / Backup. Copy the backup to a secure off-site location, and remove the copy from your local computer.
When prompted, allow Tango to remove the safety copy of the Encryption Key Backup.
Manage which people should be allowed to export credit card information via Development / Security / Encryption Info / Allow Credit Card Access.