$30 off During Our Annual Pro Sale. View Details »

Minimum knowledge for secure web payment

Avatar for Yutaro Sugai Yutaro Sugai
July 22, 2014
Technology
1
1.2k

Minimum knowledge for secure web payment

安全なウェブ決済のために
最低限知っておいてほしいこと
WebPay meetup #1 2014/07/22

Avatar for Yutaro Sugai

Yutaro Sugai

July 22, 2014
Tweet

More Decks by Yutaro Sugai

See All by Yutaro Sugai
devlove-kansai-sre-scrum
Avatar for Yutaro Sugai hokkai7go
0
11k
sre-lounge8
Avatar for Yutaro Sugai hokkai7go
6
6.8k
88_techbookfest5_in_omotesandorb
Avatar for Yutaro Sugai hokkai7go
1
140
Career Keynote at LDD '18 in Muroran
Avatar for Yutaro Sugai hokkai7go
1
640
What has been realized to improve maintainability at "Eight".
Avatar for Yutaro Sugai hokkai7go
0
980
Serverless and tough access management
Avatar for Yutaro Sugai hokkai7go
1
1.5k
"1st try and team productivity"
Avatar for Yutaro Sugai hokkai7go
1
330
Technology to support Eight, Infrastructure part
Avatar for Yutaro Sugai hokkai7go
0
630
AWS and Serverless and Monitoring
Avatar for Yutaro Sugai hokkai7go
1
2.2k

Other Decks in Technology

See All in Technology
新 Security HubがついにGA!仕組みや料金を深堀り #AWSreInvent #regrowth / AWS Security Hub Advanced GA
Avatar for MasahiroKawahara masahirokawahara
1
1.6k
Ruby で作る大規模イベントネットワーク構築・運用支援システム TTDB
Avatar for Taketo Takashima taketo1113
1
220
Microsoft Agent 365 を 30 分でなんとなく理解する
Avatar for skmkzyk skmkzyk
1
1k
モダンデータスタック (MDS) の話とデータ分析が起こすビジネス変革
Avatar for suto sutotakeshi
0
440
小さな判断で育つ、大きな意思決定力 / 20251204 Takahiro Kinjo
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
580
ログ管理の新たな可能性?CloudWatchの新機能をご紹介
Avatar for Ikumi Ono ikumi_ono
1
570
今年のデータ・ML系アップデートと気になるアプデのご紹介
Avatar for Nayuta S. nayuts
1
200
「Managed Instances」と「durable functions」で広がるAWS Lambdaのユースケース
Avatar for Lamaglama39 lamaglama39
0
290
グレートファイアウォールを自宅に建てよう
Avatar for 綿糸てせ ctes091x
0
140
Debugging Edge AI on Zephyr and Lessons Learned
Avatar for misoji engineer iotengineer22
0
140
Challenging Hardware Contests with Zephyr and Lessons Learned
Avatar for misoji engineer iotengineer22
0
140
20251209_WAKECareer_生成AIを活用した設計・開発プロセス
Avatar for syobochim syobochim
5
1.4k

Featured

See All Featured
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
47
7.8k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
330
39k
Designing for humans not robots
Avatar for Tammie Lister tammielis
254
26k
Visualization
Avatar for Eitan Lees eitanlees
150
16k
[RailsConf 2023 Opening Keynote] The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
31
9.8k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
122
21k
Rebuilding a faster, lazier Slack
Avatar for samanthasiow samanthasiow
84
9.3k
What’s in a name? Adding method to the madness
Avatar for Product Marketing Alliance productmarketing
PRO
24
3.8k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
4.9k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.5k
Dealing with People You Can't Stand - Big Design 2015
Avatar for Cassini Nazir cassininazir
367
27k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.3k

Transcript

  1. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ࠷௿ݶ஌͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <[email protected]> @hokkai7go

  2. ϖΠʂ (ָ͠ΜͰ·͔͢)

  3. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ࠷௿ݶ஌͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <[email protected]> @hokkai7go

  4. @hokkai7go ! WebPay ɾαʔό܈ͷӡ༻ ɾPCIDSSͳͲηΩϡϦςΟج४΁ͷ४ڌ ! ݸਓ ɾ֤छRubyܥΧϯϑΝϨϯεͷϨϙʔτ൝ ɾΔͼ·ฤू ɾChef࣮ફೖ໳ॻ͖·ͨ͠

  5. PCIDSS஌ͬͯ·͔͢ʁ

  6. PCIDSSͱ͸ ΫϨδοτΧʔυ৘ใ࿙Ӯ๷ࢭͷ ͨΊͷࠃࡍηΩϡϦςΟج४ ΫϨδοτΧʔυ৘ใΛऔΓѻ͏ શͯͷࣄۀऀ΍αʔϏεϓϩόΠ μ͸ɺ͜ͷඪ४ʹ४ڌ͢Δඞཁ͕ ͋Γ·͢ɻ(േଇͳ͠)

  7. PCIDSSͱ͸ ܾࡁࣄۀऀ͚ͩͰͳ͘ AWSͳͲͷαʔϏεϓϩόΠμ͕ ४ڌ͢Δྫ͕૿͍͑ͯΔ

  8. Χʔυ൪߸࿙Ӯͷ ࡾେϦεΫϙΠϯτ

  9. ॲཧ ఻ૹ อଘ

  10. 4242#4242#4242#4242 ఻ૹ

  11. 4242#4242#4242#4242 ఻ૹ

  12. 4242#4242#4242#4242 ఻ૹɾॲཧ

  13. 4242#4242#4242#4242 อଘ

  14. ఻ૹ

  15. PCIDSS͸ ఻ૹ࣌҉߸ԽΛཁٻ

  16. ”ΦʔϓϯͳެڞωοτϫʔΫܦ༝Ͱػີ ੑͷߴ͍ΧʔυձһσʔλΛ఻ૹ͢Δ৔ ߹ɺҎԼͷΑ͏ͳɺڧྗͳ҉߸ԽͱηΩϡ ϦςΟϓϩτίϧʢSSL/TLSɺIPSECɺ SSHͳͲʣΛ࢖༻ͯ͠อޢ͢Δɻ” - PCIDSS ཁ݅ͱηΩϡϦςΟධՁखॱόʔδϣϯ3.0 ΑΓൈਮ

  17. ҉߸ԽͤͣʹΧʔυ൪߸ ͷ఻ૹ͍ͯ͠·ͤΜ͔ʁ

  18. ੜͷΧʔυ൪߸ΛαʔόͰ ड͚ͱΓͨ͘ͳ͍Ͱ͢ΑͶ

  19. Έͳ͞Μ͕Χʔυ൪߸Λۃྗѻ Θͳ͍͍ͯ͘Α͏ʹɺτʔΫϯ ܾࡁͷ࢓૊ΈΛ༻ҙ͍ͯ͠·͢

  20. ɾΫϥΠΞϯταΠυτʔΫϯ ɾαʔόαΠυτʔΫϯ

  21. ΫϥΠΞϯταΠυτʔΫϯͷར఺ ʮॲཧʯʮ఻ૹʯʮอଘʯͷ ͢΂ͯΛճආ͢Δ͜ͱ͕Ͱ͖·͢

  22. https://webpay.jp/docs/payments_with_token

  23. ΫϥΠΞϯταΠυτʔΫϯΛ࢖Θͳ͍ ɾʮॲཧʯʮ఻ૹʯΛආ͚ΒΕͳ͍ ɾੜͷΧʔυ൪߸Λѻ͏ϦεΫ ɹɾܦ࿏্ͷϩάʹΧʔυ൪߸࢒͍ͬͯ·ͤΜ͔ʁ ɹɾʮॲཧʯޙͷϝϞϦ͸҆શͰ͔͢ʁ

  24. ʮॲཧʯʮ఻ૹʯΛߦ͏͜ͱ͸ϦεΫͰ͢ɻ ΫϥΠΞϯταΠυτʔΫϯΛར༻ͯ͠ ආ͚Δ͜ͱΛ͓͢͢Ί͠·͢ɻ

  25. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ɾSSLͷ࢖༻(αΠτؙ͝ͱ or ࠷௿Ͱ΋ܾࡁϖʔδ) ɾద੾ͳΤϥʔϋϯυϦϯά ɾෆཁͳΧʔυ৘ใͷഁغ