Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Minimum knowledge for secure web payment

527e2af04bd5b212b479840016274cdb?s=47 Yutaro Sugai
July 22, 2014
Technology
1
900

Minimum knowledge for secure web payment

安全なウェブ決済のために
最低限知っておいてほしいこと
WebPay meetup #1 2014/07/22

527e2af04bd5b212b479840016274cdb?s=128

Yutaro Sugai

July 22, 2014
Tweet

More Decks by Yutaro Sugai

See All by Yutaro Sugai
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
0
9.4k
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
6
5.3k
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
1
52
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
1
400
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
0
680
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
1
1.1k
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
1
270
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
0
490
527e2af04bd5b212b479840016274cdb?s=48 hokkai7go
1
1.8k

Other Decks in Technology

See All in Technology
36c940c1761f55495077121a88570a65?s=48 torutakahashi
0
120
95aaab3d693889550fd2e7ae02f2f789?s=48 takaking22
1
3.4k
Ef779e9bc420affeb93b274cba74ef7c?s=48 hageyahhoo
3
1.9k
Cb88f765dd38cd942c39aacb5abbea06?s=48 ufoo68
0
170
E83ff81bc5a881c33dcff37eb160ce12?s=48 kochizufan
0
1.6k
D9bccbb47eddad3154e3cb7a967ba4bf?s=48 sarah_fooddatabank
0
170
A97eee01397705443a72a48ce29d3e19?s=48 cybozuinsideout
PRO
0
360
Cd931bc05e7cee46b9a950a63e47ba4c?s=48 you
0
170
7a37d60769f6f3004adee19a8ff2c219?s=48 tunepolo
8
5k
0c2e1fea502b8934820eacdfca778d8c?s=48 tommy351
1
170
3ed35dce7bdede37814ccbb952cbf026?s=48 techtver
0
220
5314ec2302336bf68c95bdb5b1476227?s=48 furuhashilab
0
140

Featured

See All Featured
7c8469ee8c9e594c65c59b919626c08d?s=48 scottboms
253
11k
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
PRO
55
5k
D47656e20ff5e42f125fc5ea0fd636c6?s=48 tmm1
64
10k
Ecdea9b9714877b86cee08458f085481?s=48 trallard
27
1.3k
168ccec72eee0530b818d44f3fedaacf?s=48 shlominoach
178
8.3k
61857dafbd287b3027c4dcea9008ad3c?s=48 carmenhchung
44
2.3k
7653c7c449918ff6542880a8c284f5e7?s=48 jponch
106
5.5k
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
6
1k
E4f5d494ebdc9e7cce1aecf3ce3e8bc1?s=48 shpigford
167
20k
9375a9529679f1b42b567a640d775e7d?s=48 schacon
152
7k
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
14
1.2k
9fa239b3154a0169d99ab7bf1422dd12?s=48 marcelosomers
225
15k

Transcript

  1. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ࠷௿ݶ஌͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <sugai@webpay.jp> @hokkai7go

  2. ϖΠʂ (ָ͠ΜͰ·͔͢)

  3. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ࠷௿ݶ஌͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <sugai@webpay.jp> @hokkai7go

  4. @hokkai7go ! WebPay ɾαʔό܈ͷӡ༻ ɾPCIDSSͳͲηΩϡϦςΟج४΁ͷ४ڌ ! ݸਓ ɾ֤छRubyܥΧϯϑΝϨϯεͷϨϙʔτ൝ ɾΔͼ·ฤू ɾChef࣮ફೖ໳ॻ͖·ͨ͠

  5. PCIDSS஌ͬͯ·͔͢ʁ

  6. PCIDSSͱ͸ ΫϨδοτΧʔυ৘ใ࿙Ӯ๷ࢭͷ ͨΊͷࠃࡍηΩϡϦςΟج४ ΫϨδοτΧʔυ৘ใΛऔΓѻ͏ શͯͷࣄۀऀ΍αʔϏεϓϩόΠ μ͸ɺ͜ͷඪ४ʹ४ڌ͢Δඞཁ͕ ͋Γ·͢ɻ(േଇͳ͠)

  7. PCIDSSͱ͸ ܾࡁࣄۀऀ͚ͩͰͳ͘ AWSͳͲͷαʔϏεϓϩόΠμ͕ ४ڌ͢Δྫ͕૿͍͑ͯΔ

  8. Χʔυ൪߸࿙Ӯͷ ࡾେϦεΫϙΠϯτ

  9. ॲཧ ఻ૹ อଘ

  10. 4242#4242#4242#4242 ఻ૹ

  11. 4242#4242#4242#4242 ఻ૹ

  12. 4242#4242#4242#4242 ఻ૹɾॲཧ

  13. 4242#4242#4242#4242 อଘ

  14. ఻ૹ

  15. PCIDSS͸ ఻ૹ࣌҉߸ԽΛཁٻ

  16. ”ΦʔϓϯͳެڞωοτϫʔΫܦ༝Ͱػີ ੑͷߴ͍ΧʔυձһσʔλΛ఻ૹ͢Δ৔ ߹ɺҎԼͷΑ͏ͳɺڧྗͳ҉߸ԽͱηΩϡ ϦςΟϓϩτίϧʢSSL/TLSɺIPSECɺ SSHͳͲʣΛ࢖༻ͯ͠อޢ͢Δɻ” - PCIDSS ཁ݅ͱηΩϡϦςΟධՁखॱόʔδϣϯ3.0 ΑΓൈਮ

  17. ҉߸ԽͤͣʹΧʔυ൪߸ ͷ఻ૹ͍ͯ͠·ͤΜ͔ʁ

  18. ੜͷΧʔυ൪߸ΛαʔόͰ ड͚ͱΓͨ͘ͳ͍Ͱ͢ΑͶ

  19. Έͳ͞Μ͕Χʔυ൪߸Λۃྗѻ Θͳ͍͍ͯ͘Α͏ʹɺτʔΫϯ ܾࡁͷ࢓૊ΈΛ༻ҙ͍ͯ͠·͢

  20. ɾΫϥΠΞϯταΠυτʔΫϯ ɾαʔόαΠυτʔΫϯ

  21. ΫϥΠΞϯταΠυτʔΫϯͷར఺ ʮॲཧʯʮ఻ૹʯʮอଘʯͷ ͢΂ͯΛճආ͢Δ͜ͱ͕Ͱ͖·͢

  22. https://webpay.jp/docs/payments_with_token

  23. ΫϥΠΞϯταΠυτʔΫϯΛ࢖Θͳ͍ ɾʮॲཧʯʮ఻ૹʯΛආ͚ΒΕͳ͍ ɾੜͷΧʔυ൪߸Λѻ͏ϦεΫ ɹɾܦ࿏্ͷϩάʹΧʔυ൪߸࢒͍ͬͯ·ͤΜ͔ʁ ɹɾʮॲཧʯޙͷϝϞϦ͸҆શͰ͔͢ʁ

  24. ʮॲཧʯʮ఻ૹʯΛߦ͏͜ͱ͸ϦεΫͰ͢ɻ ΫϥΠΞϯταΠυτʔΫϯΛར༻ͯ͠ ආ͚Δ͜ͱΛ͓͢͢Ί͠·͢ɻ

  25. ҆શͳ΢ΣϒܾࡁͷͨΊʹ ɾSSLͷ࢖༻(αΠτؙ͝ͱ or ࠷௿Ͱ΋ܾࡁϖʔδ) ɾద੾ͳΤϥʔϋϯυϦϯά ɾෆཁͳΧʔυ৘ใͷഁغ