Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Minimum knowledge for secure web payment

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Yutaro Sugai Yutaro Sugai
July 22, 2014
Technology
1.2k
1

Minimum knowledge for secure web payment

安全なウェブ決済のために
最低限知っておいてほしいこと
WebPay meetup #1 2014/07/22

Avatar for Yutaro Sugai

Yutaro Sugai

July 22, 2014

More Decks by Yutaro Sugai

See All by Yutaro Sugai
DevOpsDays2026 Tokyo Cross-border practices to connect "safety" and "DX" in healthcare
Avatar for Yutaro Sugai hokkai7go
0
290
jtf2019-hatena-sre-scrum
Avatar for Yutaro Sugai hokkai7go
0
12
devlove-kansai-sre-scrum
Avatar for Yutaro Sugai hokkai7go
0
11k
sre-lounge8
Avatar for Yutaro Sugai hokkai7go
6
7k
88_techbookfest5_in_omotesandorb
Avatar for Yutaro Sugai hokkai7go
1
160
Career Keynote at LDD '18 in Muroran
Avatar for Yutaro Sugai hokkai7go
1
710
What has been realized to improve maintainability at "Eight".
Avatar for Yutaro Sugai hokkai7go
0
1k
Serverless and tough access management
Avatar for Yutaro Sugai hokkai7go
1
1.5k
"1st try and team productivity"
Avatar for Yutaro Sugai hokkai7go
1
350

Other Decks in Technology

See All in Technology
Platform Engineering as a Product: Criteria for Improvement and Multi-Tenant Design
Avatar for Kumo Ishikawa kumorn5s
0
450
Ruby::Boxでできること、Refinementsでできること
Avatar for Tomohiro Hashidate joker1007
2
280
AI時代から振り返るTerraform drift運用の歴史 / AI Age Reflections on the History of Terraform Drift Operations
Avatar for AEON aeonpeople
2
630
React、まだ楽しくて草
Avatar for uhyo uhyo
7
3.6k
AIガバナンス実践 - 生成AIコネクタのデータ漏洩リスクと実務対策
Avatar for 西岡 賢一郎 (Kenichiro Nishioka) knishioka
0
150
自称宇宙最速で不合格となったAIP-C01にリベンジを果たすべくAIで問題集アプリを作ってみた。
Avatar for Yuuki Yamashita yama3133
0
260
JEP 522 Deep Dive - G1 GC同期コスト削減によるスループット向上を徹底検証&解説
Avatar for Daishi Tabata tabatad
1
530
A Harness for Behaviour: how to get AI to generate code that does what we intend, or "TDD in the age of AI"
Avatar for Matteo Vaccari xpmatteo
1
530
20260528_生成AIを専属DSに_Howの次にすべきことを考える
Avatar for NobuakiOshiro doradora09
PRO
0
270
コードレビューを制するチームがソフトウェアデリバリーのフローを制す / Beyond Code Review: Distributing Its Responsibilities Across the SDLC
Avatar for mtx2s mtx2s
3
560
Java正規表現エンジン(NFA)の仕組みと パフォーマンスを維持するための最適化手法
Avatar for 竹内 雅和 takeuchi_132917
0
160
Terraformモジュールは、なぜ「魔境」化するのか
Avatar for hayama hayama17
1
140

Featured

See All Featured
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
4k
We Analyzed 250 Million AI Search Results: Here's What I Found
Avatar for Josh Blyskal joshbly
1
1.3k
AI Search:
Where Are We & What Can We Do About It?
Avatar for Aleyda Solis aleyda
0
7.5k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1370
210k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
Avatar for Tech SEO Connect techseoconnect
PRO
0
170
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
463
34k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
Avatar for Ines Montani inesmontani
PRO
0
390
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
67k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
287
14k
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
Avatar for Tech SEO Connect techseoconnect
PRO
0
150
svc-hook: hooking system calls on ARM64 by binary rewriting
Avatar for Akira Moroo retrage
2
280
Introduction to Domain-Driven Design and Collaborative software design
Avatar for Kenny Baas-Schwegler baasie
1
810

Transcript

  1. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ࠷௿ݶ஌͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <[email protected]> @hokkai7go

  2. ϖΠʂ (ָ͠ΜͰ·͔͢)

  3. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ࠷௿ݶ஌͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <[email protected]> @hokkai7go

  4. @hokkai7go ! WebPay ɾαʔό܈ͷӡ༻ ɾPCIDSSͳͲηΩϡϦςΟج४΁ͷ४ڌ ! ݸਓ ɾ֤छRubyܥΧϯϑΝϨϯεͷϨϙʔτ൝ ɾΔͼ·ฤू ɾChef࣮ફೖ໳ॻ͖·ͨ͠

  5. PCIDSS஌ͬͯ·͔͢ʁ

  6. PCIDSSͱ͸ ΫϨδοτΧʔυ৘ใ࿙Ӯ๷ࢭͷ ͨΊͷࠃࡍηΩϡϦςΟج४ ΫϨδοτΧʔυ৘ใΛऔΓѻ͏ શͯͷࣄۀऀ΍αʔϏεϓϩόΠ μ͸ɺ͜ͷඪ४ʹ४ڌ͢Δඞཁ͕ ͋Γ·͢ɻ(േଇͳ͠)

  7. PCIDSSͱ͸ ܾࡁࣄۀऀ͚ͩͰͳ͘ AWSͳͲͷαʔϏεϓϩόΠμ͕ ४ڌ͢Δྫ͕૿͍͑ͯΔ

  8. Χʔυ൪߸࿙Ӯͷ ࡾେϦεΫϙΠϯτ

  9. ॲཧ ఻ૹ อଘ

  10. 4242#4242#4242#4242 ఻ૹ

  11. 4242#4242#4242#4242 ఻ૹ

  12. 4242#4242#4242#4242 ఻ૹɾॲཧ

  13. 4242#4242#4242#4242 อଘ

  14. ఻ૹ

  15. PCIDSS͸ ఻ૹ࣌҉߸ԽΛཁٻ

  16. ”ΦʔϓϯͳެڞωοτϫʔΫܦ༝Ͱػີ ੑͷߴ͍ΧʔυձһσʔλΛ఻ૹ͢Δ৔ ߹ɺҎԼͷΑ͏ͳɺڧྗͳ҉߸ԽͱηΩϡ ϦςΟϓϩτίϧʢSSL/TLSɺIPSECɺ SSHͳͲʣΛ࢖༻ͯ͠อޢ͢Δɻ” - PCIDSS ཁ݅ͱηΩϡϦςΟධՁखॱόʔδϣϯ3.0 ΑΓൈਮ

  17. ҉߸ԽͤͣʹΧʔυ൪߸ ͷ఻ૹ͍ͯ͠·ͤΜ͔ʁ

  18. ੜͷΧʔυ൪߸ΛαʔόͰ ड͚ͱΓͨ͘ͳ͍Ͱ͢ΑͶ

  19. Έͳ͞Μ͕Χʔυ൪߸Λۃྗѻ Θͳ͍͍ͯ͘Α͏ʹɺτʔΫϯ ܾࡁͷ࢓૊ΈΛ༻ҙ͍ͯ͠·͢

  20. ɾΫϥΠΞϯταΠυτʔΫϯ ɾαʔόαΠυτʔΫϯ

  21. ΫϥΠΞϯταΠυτʔΫϯͷར఺ ʮॲཧʯʮ఻ૹʯʮอଘʯͷ ͢΂ͯΛճආ͢Δ͜ͱ͕Ͱ͖·͢

  22. https://webpay.jp/docs/payments_with_token

  23. ΫϥΠΞϯταΠυτʔΫϯΛ࢖Θͳ͍ ɾʮॲཧʯʮ఻ૹʯΛආ͚ΒΕͳ͍ ɾੜͷΧʔυ൪߸Λѻ͏ϦεΫ ɹɾܦ࿏্ͷϩάʹΧʔυ൪߸࢒͍ͬͯ·ͤΜ͔ʁ ɹɾʮॲཧʯޙͷϝϞϦ͸҆શͰ͔͢ʁ

  24. ʮॲཧʯʮ఻ૹʯΛߦ͏͜ͱ͸ϦεΫͰ͢ɻ ΫϥΠΞϯταΠυτʔΫϯΛར༻ͯ͠ ආ͚Δ͜ͱΛ͓͢͢Ί͠·͢ɻ

  25. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ɾSSLͷ࢖༻(αΠτؙ͝ͱ or ࠷௿Ͱ΋ܾࡁϖʔδ) ɾద੾ͳΤϥʔϋϯυϦϯά ɾෆཁͳΧʔυ৘ใͷഁغ