Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Minimum knowledge for secure web payment
Search
Yutaro Sugai
July 22, 2014
Technology
1
1.1k
Minimum knowledge for secure web payment
安全なウェブ決済のために
最低限知っておいてほしいこと
WebPay meetup #1 2014/07/22
Yutaro Sugai
July 22, 2014
Tweet
Share
More Decks by Yutaro Sugai
See All by Yutaro Sugai
devlove-kansai-sre-scrum
hokkai7go
0
11k
sre-lounge8
hokkai7go
6
6.7k
88_techbookfest5_in_omotesandorb
hokkai7go
1
130
Career Keynote at LDD '18 in Muroran
hokkai7go
1
620
What has been realized to improve maintainability at "Eight".
hokkai7go
0
970
Serverless and tough access management
hokkai7go
1
1.5k
"1st try and team productivity"
hokkai7go
1
320
Technology to support Eight, Infrastructure part
hokkai7go
0
620
AWS and Serverless and Monitoring
hokkai7go
1
2.2k
Other Decks in Technology
See All in Technology
Function Body Macros で、SwiftUI の View に Accessibility Identifier を自動付与する/Function Body Macros: Autogenerate accessibility identifiers for SwiftUI Views
miichan
2
180
Obsidian応用活用術
onikun94
1
480
20250903_1つのAWSアカウントに複数システムがある環境におけるアクセス制御をABACで実現.pdf
yhana
3
550
CDK CLIで使ってたあの機能、CDK Toolkit Libraryではどうやるの?
smt7174
4
130
バッチ処理で悩むバックエンドエンジニアに捧げるAWS Glue入門
diggymo
3
200
roppongirb_20250911
igaiga
1
210
ハードウェアとソフトウェアをつなぐ全てを内製している企業の E2E テストの作り方 / How to create E2E tests for a company that builds everything connecting hardware and software in-house
bitkey
PRO
1
120
「Linux」という言葉が指すもの
sat
PRO
4
120
20250910_障害注入から効率的復旧へ_カオスエンジニアリング_生成AIで考えるAWS障害対応.pdf
sh_fk2
3
240
要件定義・デザインフェーズでもAIを活用して、コミュニケーションの密度を高める
kazukihayase
0
100
JTCにおける内製×スクラム開発への挑戦〜内製化率95%達成の舞台裏/JTC's challenge of in-house development with Scrum
aeonpeople
0
210
OCI Oracle Database Services新機能アップデート(2025/06-2025/08)
oracle4engineer
PRO
0
110
Featured
See All Featured
Designing for humans not robots
tammielis
253
25k
Building Better People: How to give real-time feedback that sticks.
wjessup
368
19k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.9k
It's Worth the Effort
3n
187
28k
The Cult of Friendly URLs
andyhume
79
6.6k
Fireside Chat
paigeccino
39
3.6k
BBQ
matthewcrist
89
9.8k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
Code Reviewing Like a Champion
maltzj
525
40k
Making the Leap to Tech Lead
cromwellryan
135
9.5k
Music & Morning Musume
bryan
46
6.8k
Imperfection Machines: The Place of Print at Facebook
scottboms
268
13k
Transcript
҆શͳΣϒܾࡁͷͨΊʹ ࠷ݶ͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <
[email protected]
> @hokkai7go
ϖΠʂ (ָ͠ΜͰ·͔͢)
҆શͳΣϒܾࡁͷͨΊʹ ࠷ݶ͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <
[email protected]
> @hokkai7go
@hokkai7go ! WebPay ɾαʔό܈ͷӡ༻ ɾPCIDSSͳͲηΩϡϦςΟج४ͷ४ڌ ! ݸਓ ɾ֤छRubyܥΧϯϑΝϨϯεͷϨϙʔτ൝ ɾΔͼ·ฤू ɾChef࣮ફೖॻ͖·ͨ͠
PCIDSSͬͯ·͔͢ʁ
PCIDSSͱ ΫϨδοτΧʔυใ࿙Ӯࢭͷ ͨΊͷࠃࡍηΩϡϦςΟج४ ΫϨδοτΧʔυใΛऔΓѻ͏ શͯͷࣄۀऀαʔϏεϓϩόΠ μɺ͜ͷඪ४ʹ४ڌ͢Δඞཁ͕ ͋Γ·͢ɻ(േଇͳ͠)
PCIDSSͱ ܾࡁࣄۀऀ͚ͩͰͳ͘ AWSͳͲͷαʔϏεϓϩόΠμ͕ ४ڌ͢Δྫ͕૿͍͑ͯΔ
Χʔυ൪߸࿙Ӯͷ ࡾେϦεΫϙΠϯτ
ॲཧ ૹ อଘ
4242#4242#4242#4242 ૹ
4242#4242#4242#4242 ૹ
4242#4242#4242#4242 ૹɾॲཧ
4242#4242#4242#4242 อଘ
ૹ
PCIDSS ૹ࣌҉߸ԽΛཁٻ
”ΦʔϓϯͳެڞωοτϫʔΫܦ༝Ͱػີ ੑͷߴ͍ΧʔυձһσʔλΛૹ͢Δ ߹ɺҎԼͷΑ͏ͳɺڧྗͳ҉߸ԽͱηΩϡ ϦςΟϓϩτίϧʢSSL/TLSɺIPSECɺ SSHͳͲʣΛ༻ͯ͠อޢ͢Δɻ” - PCIDSS ཁ݅ͱηΩϡϦςΟධՁखॱόʔδϣϯ3.0 ΑΓൈਮ
҉߸ԽͤͣʹΧʔυ൪߸ ͷૹ͍ͯ͠·ͤΜ͔ʁ
ੜͷΧʔυ൪߸ΛαʔόͰ ड͚ͱΓͨ͘ͳ͍Ͱ͢ΑͶ
Έͳ͞Μ͕Χʔυ൪߸Λۃྗѻ Θͳ͍͍ͯ͘Α͏ʹɺτʔΫϯ ܾࡁͷΈΛ༻ҙ͍ͯ͠·͢
ɾΫϥΠΞϯταΠυτʔΫϯ ɾαʔόαΠυτʔΫϯ
ΫϥΠΞϯταΠυτʔΫϯͷར ʮॲཧʯʮૹʯʮอଘʯͷ ͯ͢Λճආ͢Δ͜ͱ͕Ͱ͖·͢
https://webpay.jp/docs/payments_with_token
ΫϥΠΞϯταΠυτʔΫϯΛΘͳ͍ ɾʮॲཧʯʮૹʯΛආ͚ΒΕͳ͍ ɾੜͷΧʔυ൪߸Λѻ͏ϦεΫ ɹɾܦ࿏্ͷϩάʹΧʔυ൪߸͍ͬͯ·ͤΜ͔ʁ ɹɾʮॲཧʯޙͷϝϞϦ҆શͰ͔͢ʁ
ʮॲཧʯʮૹʯΛߦ͏͜ͱϦεΫͰ͢ɻ ΫϥΠΞϯταΠυτʔΫϯΛར༻ͯ͠ ආ͚Δ͜ͱΛ͓͢͢Ί͠·͢ɻ
҆શͳΣϒܾࡁͷͨΊʹ ɾSSLͷ༻(αΠτؙ͝ͱ or ࠷Ͱܾࡁϖʔδ) ɾదͳΤϥʔϋϯυϦϯά ɾෆཁͳΧʔυใͷഁغ