Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Minimum knowledge for secure web payment
Search
Yutaro Sugai
July 22, 2014
Technology
1
1.1k
Minimum knowledge for secure web payment
安全なウェブ決済のために
最低限知っておいてほしいこと
WebPay meetup #1 2014/07/22
Yutaro Sugai
July 22, 2014
Tweet
Share
More Decks by Yutaro Sugai
See All by Yutaro Sugai
devlove-kansai-sre-scrum
hokkai7go
0
11k
sre-lounge8
hokkai7go
6
6.7k
88_techbookfest5_in_omotesandorb
hokkai7go
1
130
Career Keynote at LDD '18 in Muroran
hokkai7go
1
610
What has been realized to improve maintainability at "Eight".
hokkai7go
0
960
Serverless and tough access management
hokkai7go
1
1.5k
"1st try and team productivity"
hokkai7go
1
320
Technology to support Eight, Infrastructure part
hokkai7go
0
610
AWS and Serverless and Monitoring
hokkai7go
1
2.2k
Other Decks in Technology
See All in Technology
SREの次のキャリアの道しるべ 〜SREがマネジメントレイヤーに挑戦して、 気づいたこととTips〜
coconala_engineer
1
1k
TableauLangchainとは何か?
cielo1985
1
150
Zero Data Loss Autonomous Recovery Service サービス概要
oracle4engineer
PRO
2
7.8k
セキュアな社内Dify運用と外部連携の両立 ~AIによるAPIリスク評価~
zozotech
PRO
0
100
United™️ Airlines®️ Customer®️ USA Contact Numbers: Complete 2025 Support Guide
flyunitedguide
0
780
第64回コンピュータビジョン勉強会「The PanAf-FGBG Dataset: Understanding the Impact of Backgrounds in Wildlife Behaviour Recognition」
x_ttyszk
0
170
AIエージェントが書くのなら直接CloudFormationを書かせればいいじゃないですか何故AWS CDKを使う必要があるのさ
watany
18
7k
ソフトウェアテストのAI活用_ver1.25
fumisuke
1
560
Sansanのデータプロダクトマネジメントのアプローチ
sansantech
PRO
0
230
CDK Toolkit Libraryにおけるテストの考え方
smt7174
1
450
AWS CDK 入門ガイド これだけは知っておきたいヒント集
anank
4
600
Rethinking Incident Response: Context-Aware AI in Practice
rrreeeyyy
1
380
Featured
See All Featured
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
GraphQLとの向き合い方2022年版
quramy
49
14k
Designing Experiences People Love
moore
142
24k
Mobile First: as difficult as doing things right
swwweet
223
9.7k
The Pragmatic Product Professional
lauravandoore
35
6.7k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.3k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
34
5.9k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
Why Our Code Smells
bkeepers
PRO
336
57k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
Intergalactic Javascript Robots from Outer Space
tanoku
271
27k
Transcript
҆શͳΣϒܾࡁͷͨΊʹ ࠷ݶ͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <
[email protected]
> @hokkai7go
ϖΠʂ (ָ͠ΜͰ·͔͢)
҆શͳΣϒܾࡁͷͨΊʹ ࠷ݶ͓͍ͬͯͯ΄͍͜͠ͱ Yutaro Sugai <
[email protected]
> @hokkai7go
@hokkai7go ! WebPay ɾαʔό܈ͷӡ༻ ɾPCIDSSͳͲηΩϡϦςΟج४ͷ४ڌ ! ݸਓ ɾ֤छRubyܥΧϯϑΝϨϯεͷϨϙʔτ൝ ɾΔͼ·ฤू ɾChef࣮ફೖॻ͖·ͨ͠
PCIDSSͬͯ·͔͢ʁ
PCIDSSͱ ΫϨδοτΧʔυใ࿙Ӯࢭͷ ͨΊͷࠃࡍηΩϡϦςΟج४ ΫϨδοτΧʔυใΛऔΓѻ͏ શͯͷࣄۀऀαʔϏεϓϩόΠ μɺ͜ͷඪ४ʹ४ڌ͢Δඞཁ͕ ͋Γ·͢ɻ(േଇͳ͠)
PCIDSSͱ ܾࡁࣄۀऀ͚ͩͰͳ͘ AWSͳͲͷαʔϏεϓϩόΠμ͕ ४ڌ͢Δྫ͕૿͍͑ͯΔ
Χʔυ൪߸࿙Ӯͷ ࡾେϦεΫϙΠϯτ
ॲཧ ૹ อଘ
4242#4242#4242#4242 ૹ
4242#4242#4242#4242 ૹ
4242#4242#4242#4242 ૹɾॲཧ
4242#4242#4242#4242 อଘ
ૹ
PCIDSS ૹ࣌҉߸ԽΛཁٻ
”ΦʔϓϯͳެڞωοτϫʔΫܦ༝Ͱػີ ੑͷߴ͍ΧʔυձһσʔλΛૹ͢Δ ߹ɺҎԼͷΑ͏ͳɺڧྗͳ҉߸ԽͱηΩϡ ϦςΟϓϩτίϧʢSSL/TLSɺIPSECɺ SSHͳͲʣΛ༻ͯ͠อޢ͢Δɻ” - PCIDSS ཁ݅ͱηΩϡϦςΟධՁखॱόʔδϣϯ3.0 ΑΓൈਮ
҉߸ԽͤͣʹΧʔυ൪߸ ͷૹ͍ͯ͠·ͤΜ͔ʁ
ੜͷΧʔυ൪߸ΛαʔόͰ ड͚ͱΓͨ͘ͳ͍Ͱ͢ΑͶ
Έͳ͞Μ͕Χʔυ൪߸Λۃྗѻ Θͳ͍͍ͯ͘Α͏ʹɺτʔΫϯ ܾࡁͷΈΛ༻ҙ͍ͯ͠·͢
ɾΫϥΠΞϯταΠυτʔΫϯ ɾαʔόαΠυτʔΫϯ
ΫϥΠΞϯταΠυτʔΫϯͷར ʮॲཧʯʮૹʯʮอଘʯͷ ͯ͢Λճආ͢Δ͜ͱ͕Ͱ͖·͢
https://webpay.jp/docs/payments_with_token
ΫϥΠΞϯταΠυτʔΫϯΛΘͳ͍ ɾʮॲཧʯʮૹʯΛආ͚ΒΕͳ͍ ɾੜͷΧʔυ൪߸Λѻ͏ϦεΫ ɹɾܦ࿏্ͷϩάʹΧʔυ൪߸͍ͬͯ·ͤΜ͔ʁ ɹɾʮॲཧʯޙͷϝϞϦ҆શͰ͔͢ʁ
ʮॲཧʯʮૹʯΛߦ͏͜ͱϦεΫͰ͢ɻ ΫϥΠΞϯταΠυτʔΫϯΛར༻ͯ͠ ආ͚Δ͜ͱΛ͓͢͢Ί͠·͢ɻ
҆શͳΣϒܾࡁͷͨΊʹ ɾSSLͷ༻(αΠτؙ͝ͱ or ࠷Ͱܾࡁϖʔδ) ɾదͳΤϥʔϋϯυϦϯά ɾෆཁͳΧʔυใͷഁغ