GMO Payment Gateway
Participated in the "PCI SSC PO Japan Liaison Committee" as a regular member

March 11, 2009
GMO Payment Gateway, Inc.

GMO Payment Gateway, Inc. GMO Internet Group Develops payment processing business for Non-Face-to-Face Credit Cards (TSE Partial: Securities Code: 3769 Headquarters: Shibuya-ku, Tokyo, President & Chief Executive Officer: Issei Ainoura (hereinafter referred to as GMO-PG) announced on March 2 that it will meet the global security standard "PCI DSS" for the payment card data industry. We have joined the international standardization organization "PCI SSC"*2 as a regular member. On March 4, we participated as a regular member of the PCI SSC PO Japan Liaison Committee, which consists of PCI SSC Participating Organizations (PO*3).

Currently, "PCI DSS" is rapidly gaining popularity in the United States as a standard that all companies handling credit card information must adhere to. However, in Japan, where security measures are urgently needed as in the United States, such as the leakage of credit card information including personal information, the PCI PED (PIN Entry Device Standard) and PA-DSS (Payment Application Standard), which must be dealt with by POS vendors, etc., which are also formulated by PCI SSC, are not fully understood and penetrated at present. There is a need to promote understanding throughout the payment card industry.

Under these circumstances, the "PCI SSC PO Japan Liaison Committee" will serve as a receptacle for companies in a wide range of industries, such as card merchants, financial institution, service providers, and POS vendors, who need to improve knowledge and implement information security standards such as PCI DSS, and share issues related to information security measures in Japan Japan. Through the exchange of information and technology, we are actively working to protect credit card information.

GMO-PG agrees with this purpose and has decided to join the "PCI SSC" as a full member and the "PCI SSC PO Japan Liaison Committee" as a regular member.

By participating in the PCI SSC PO Japan Liaison Committee as a regular member, GMO-PG will work to ensure the security of credit card information by collaborating with PO members and interacting and coordinating with international payment card brands, QSAs (Accredited Examination Organizations), and credit industry related organizations.

In addition, PCI DSS is not limited to the payment card industry, but as a best practice for information security, Since it is an effective data security standard for all industries such as government offices, municipalities, school corporations, and business corporations, through the activities of this liaison group, We will work on the use of ISMS and information security management standards as an implementation standard that complements them.

For more information on the PCI SSC PO Japan Liaison Committee, please refer to the following website.
http://www.netone.co.jp/pcisscpojapan/index.html

※1  PCI DSS：Payment Card Industry Data Security Standard
*2 PCI SSC: PCI Security Standards Council
*3 PO: PO members are given the following qualifications as stakeholders of PCI SSC.

1. Elect representatives of participating companies to the PCI SSC Advisory Board.
2. Nominate candidates for election to the PCI SSC Advisory Committee.
3. Comment on any draft amendments to the use of DSS and draft new specifications prior to public release.
4. Participate in the annual regular community meeting hosted by the PCI SSC.
5. Recommend a new study initiative for the PCI SSC.