Company policy
POLICY
Providing payment services
with a high level of safety and security
is a characteristic of our business
and also a matter of company policy.
- Confirmation of representative
and highest beneficiary - Website compliance
- Selling price
and transaction checking - PCI DSS
Confirmation of representative and highest beneficiary
At this company, we require member stores to report their representative and highest beneficiary when submitting an application. We reference these names against the Sanction List of Thomson Reuters World-Check. We also conduct PEPS surveys of prospective customers.
Website compliance
At this company, we ensure website compliance based on the following compliance policy.01. Clear listing of means for contacting customer service, such as a phone number and email address
02. Listing of user agreement, refund and returns policy, and privacy policy
03. Safe page design (SSL encryption)
04. Mastercard and VISA logo on your page
05. Listing of billing name
Selling price and transaction checking
As a means of preventing fraudulent transactions, we regularly check the average selling prices on member sites. Our proprietary fraud prevention monitoring system detects suspicious transactions, checking for potential money laundering and other scamming activities.
PCI DSS
Smart Checkout Inc. is recognized as a company compliant with PCI DSS*1, the global security standard of the credit card industry.
The company became PCI DSS-compliant in March 2019, and was officially recognized by a QSA*2.
With PCI DSS compliance, Smart Checkout will continue to provide high-grade security and excellent systems through services that meet the customers’
level of trust and expectations.
*1 PCI DSS (Payment Card Industry Data Security Standard): A global standard of the credit card industry, created by PCI SSC*3, an organization established collaboratively by
several international card brands. The standard is intended for the purpose of safely handling the credit card membership data managed by these brands.
There are 12 compliance requirements, covering about 400 items.
*2 QSA (Qualified Security Assessors): Security assessment agencies certified by the PCI SSC.
They are qualified to officially audit interviews, documents, and servers.
* 3 PCI SSC (Payment Card Industry Security Standards Council): An organization established by five major international credit card companies (American Express, Discover
Financial Services, JCB International, MasterCard, and Visa Inc.).
They are responsible for PCI DSS standard establishment, maintenance, and assessment procedures.
Compliant Standard | PCI DSS Version 3.2.1 |
---|---|
Range of Application | Payment Services |
Issued | March 29, 2019 |
Certification Number | 193105 |
Certification Agency (QSA) | Infosec Corporation |
[To franchisees]
Card franchisees, banks, clearing agencies, and other service providers that "store, process, or transmit" card information must comply with the PCI DSS in accordance to the volume of annual card transactions.
We ask that you to operate in accordance with the PCI DSS.