October 29, 2019
GLORY Certified as a PCI P2PE Solutions Provider
- Reducing risk of card information leakage in credit card transactions -
GLORY Ltd. (GLORY) today announced that, in September 2019, it was certified as a provider of PCI P2PE*1 solutions, an international security standard established by the PCI SSC*2.
Under the Amended Installment Sales Act (enacted June 1, 2018), credit card-affiliated stores involved in face-to-face transactions are obliged to take measures for protecting credit card information (i.e., to take security measures equivalent/comparable to not retaining credit card information; businesses that retain credit card information are required to comply with the PCI DSS*3) by the end of March 2020.
By introducing GLORY’s PCI P2PE validated solutions, affiliated stores will be able to take security measures equivalent/comparable to not retaining credit card information, thus reducing the risk of credit card information leakage, and they can expect to reduce the burden associated with achieving compliance with the PCI DSS.
In 2000, GLORY established its own information processing facility, GCAN Center*4 and has been providing debit/credit card settlement relay and ASP (application service provider) services. Meanwhile, the company has initiated settlement relay services for various types of electronic money, as appropriate.
GLORY will remain committed to providing stringently secure yet convenient services through offering advanced security measures to meet the needs of affiliated stores and card users for credit card settlement and other forms of cashless settlement.
*1P2PE: Point-to-Point Encryption. A payment security solution that instantaneously converts payment card data read by a payment device into indecipherable code, which is sent to a PCI DSS-compliant payment center where the card data are decoded and processed. The P2PE solution employs an encryption scheme called DUKPT (Derived Unique Key Per Transaction), which uses a different key for each transaction to encrypt data. By placing the master key in safe custody, rigid security is guaranteed. PCI P2PE is a security standard for P2PE established by the PCI SSC.
*2PCI SSC: Payment Card Industry Security Standards Council. Jointly formed by the five international credit card brands (American Express, Discover, JCB, Mastercard, and Visa), the PCI SSC is an American organization that develops, maintains, and manages the PCI DSS and other international security standards, accredits evaluation organizations, and manages the quality of services provided by such organizations.
*3PCI DSS: Payment Card Industry Data Security Standard. An international security standard in the credit card industry established by the PCI SSC for the purpose of ensuring that cardmembers’ information is handled securely by affiliated stores, payment agencies, and credit card companies.
*4GCAN Center:https://www.glory.co.jp/product/pro_gcan/(in Japanese only)
About GLORY LTD.
GLORY LTD., headquartered in Himeji, Japan, is a pioneer in the development and manufacture of money handling machines and systems. GLORY provides a variety of products such as money handling machines, cash management systems, vending machines, automatic service equipment, and cash management solutions that are built on its leading-edge recognition/identification and mechatronics technology. Committed to meet society's wide-ranging needs, GLORY serves the financial, retail, vending machine, amusement and gaming industries in over 100 countries around the world. GLORY employs approximately 9,000 people worldwide. For more information about GLORY, please visit GLORY's group website at https://corporate.glory-global.com/.
- GLORY LTD.
- Corporate Communications Dept.
Management Strategy Headquarters
Information in this document is current on the date of the announcement and subject to change without prior notice.