PCIDSS

PCIDSS

PCIDSS

▼ Safe credit card payment with full compliance for PCI DSS

The Company’s services are fully compliant with PCI DSS Ver3.2, the global security standard for the credit card industry. PCI DSS is jointly established by the international credit card companies JCB, American Express, Discover, MasterCard, and Visa.

This provides safe credit card payment and peace of mind to all our customers.

What is the PCI Data Security Standard (PCI DSS)?

PCI DSS(Payment Card Industry Data Security Standard) is a global security standard for the credit card industry which is followed by the Company in order to safely protect credit card information and transaction information which we handle. PCI DSS was jointly established by the international credit card companies JCB, American Express, Discover, MasterCard, and Visa.

In order to protect important information handled by the Company, we adopt PCI DSS as part of our security measures.

Possession of information security policy

PCI DSS defines the following 12 requirements.

Build and maintain a secure network

  • 1.Install and maintain a firewall configuration to protect cardholder data
  • 2.Do not use vendor-supplied defaults for system passwords and other security parameters

Protect cardholder data

  • 3.Protect stored cardholder data
  • 4.Encrypt transmission of cardholder data across open, public networks

Maintain a vulnerability management program

  • 5.Use and regularly update anti-virus software on all systems commonly affected by malware
  • 6.Develop and maintain secure systems and applications

Implement strong access control measures

  • 7.Restrict access to cardholder data by business need-to-know
  • 8.Assign a unique ID to each person with access to system components
  • 9.Restrict physical access to cardholder data

Regularly monitor and test networks

  • 10.Track and monitor all access to network resources and cardholder data
  • 11.Regularly test security systems and processes

Maintain an information security policy

  • 12.Maintain a policy that addresses information security for all persons in charge

Membership in the PCI SSC(Payment Card Industry Security Standards Council, LLC)

GMO-PG is a member of the PCI SSC, a joint organization of five international payment brand corporations aimed at promoting PCI DSS. Also, GMO-PG is an official member of the PCI SSC PO Japan Community.

PCI SSC