DG Mail
DG Mail is an online magazine that provides you with the latest news from the Digital Garage Group.
If you would like to subscribe to DG Mail, please fill out the form.
Designing
New Context
Designing
New Context
Supporting E-Commerce Businesses with Selectable Diagnostics for 5 Guideline 6.0 Vulnerability Countermeasures
– DG Business Technology, Inc. (HQ: Tokyo; Representative Director, President & CEO: Kazunori Shimizu; “DGBT”), a Digital Garage Group company that provides comprehensive support for digital businesses, will launch the “DGBT Security Assessment Service” for e-commerce business operators on July 14, 2025.
“DGBT Security Assessment Service” is a diagnostic service supporting the implementation of “Vulnerability Countermeasures” required by e-commerce business operators under the “Credit Card Security Guidelines Edition 6.0” (“Guidelines 6.0”), which were revised in March 2025. The Guidelines are positioned as a “practical guideline” for security measures required by the Installment Sales Act (for deferred payments), as stipulated in the Supervisory Guidelines based on this law and overseen by the Ministry of Economy, Trade and Industry (METI).
A number of diagnostic plans are available to suit the structure, budget and technical resources of e-commerce sites, making it easy for business operators implementing vulnerability countermeasures for the first time to handle their issue.
■Background
There have been a series of cases of unauthorized access and leaks of credit card information targeting e-commerce business operators in recent years, and the amount of damage caused by unauthorized use of credit cards has reached a record high. In response to such circumstances, the following new security measures for e-commerce merchants were added to Guidelines 6.0.
・Card information protection measures: Implementation of “Vulnerability Countermeasures” for e-commerce merchants systems and websites
・Anti-fraud measures: Introduction of EMV 3-D Secure and appropriate fraudulent login countermeasures
Of these, “Vulnerability Countermeasures” require the implementation of the following 5 technical measures.
・Access restrictions and ID/password management for system administration screens
・Countermeasures against incorrect settings caused by data directory exposure
・Web application Vulnerability Countermeasures (SQL injection, etc.)
・Installation and operation of anti-virus software
・Abuse prevention measures such as credit master measures (validation measures)
Of these measures, identifying and responding to vulnerabilities in websites and systems is an area with a heavy burden on work in terms of cost, time and effort, and determining the level of response. DGBT has supported the security measures of various e-commerce business operators by providing “ReD Shield” and “Sift,” its globally proven fraud detection solutions. Drawing on its knowledge and track record with providing support, “DGBT Security Assessment Service” will be launched as a new service for supporting e-commerce business operators facing issues related to vulnerability countermeasures.
■About “DGBT Security Assessment Service”
“DGBT Security Assessment Service” is a diagnostic service that provides “Vulnerability Countermeasures” required by Guidelines 6.0 that can be selected in a flexible manner to suit the structure and requirements of e-commerce sites. The service is structured to allow the most appropriate diagnostic plan to be selected according to the scope of response, level of urgency, organizational structure, and budget.
| Menu Package | Overview/Outline |
|---|---|
| Guideline Compliance Check Full Pack (Light, Standard, Premium) | Diagnoses the compliance status with 5 types of Vulnerability Countermeasures for e-commerce systems and websites required of e-commerce merchants under Guidelines 6.0. Web application vulnerability diagnoses are available in 3 plans, ranging from Light to Premium depending on the number of requests being diagnosed |
| Guideline Compliance Check Select | An optional menu item allowing users to select only the necessary measures out of the 5 vulnerability countermeasures required by Guidelines 6.0, and check the status of countermeasures. Covers priority items even with limited budgets |
| Web Application Vulnerability Diagnosis | Checks for any vulnerabilities in web applications. 6 types of plans are available, from Light to Full Order, to suit the size and budget of e-commerce sites, allowing for diagnosis in a flexible manner. |
■Comprehensive Security Support System by the Digital Garage Group
DGBT is working with DG Financial Technology, Inc. (DGFT), a Digital Garage Group company that provides payment platforms, to supply a comprehensive range of solutions catering to Guideline 6.0, including the “DGBT Security Assessment Service.”
It supports the practical issues that e-commerce business operators are facing, by providing integrated services such as non-retention of card information, vulnerability assessments, EMV 3-D Secure, and fraud detection services in response to the “Card information protection measures” and “Anti-fraud measures” required by Guidelines 6.0. And more than just complying with Guidelines 6.0, it also provides ongoing practical support for selecting security measures and operational issues to encourage establishing realistic and sustainable security systems.
■Future Developments
Cyber-attacks exploiting fraudulent use of card information and vulnerabilities have become increasingly sophisticated and diverse in recent years, and there has been an increase in cases that cannot be prevented with conventional countermeasures alone. With e-commerce and online services in particular, a wide range of areas can be subject to attacks, from customer account information including payment information, to applications and infrastructure, making comprehensive countermeasures indispensable.
DGBT is coordinating efforts with DGFT for expanding solutions to ensure compliance with credit card security guidelines and other diverse security issues related to e-commerce business operators.
Based on Digital Garage Group’s strategy “DG FinTech Shift,” both companies will also provide comprehensive support, not only in the security domain but also across all e-commerce business operators, from strategic planning to sales promotions, purchasing, repeat business, and LTV maximization, thereby contributing to the sustainable growth of businesses and enhancing their competitive edge.
■Comment
<Kazuhiro Shimizu, President & CEO, DG Business Technology, Inc.>
The Credit Card Security Guidelines have been promoted jointly by the public and private sectors as an important framework to curb the sharp rise in fraudulent activity and enhance the safety of card transactions. At the same time, there has been a rapid increase in cases where small and medium-sized enterprises—whose security measures tend to be less robust than those of large companies—are targeted by cyberattacks. Security is no longer just a temporary safeguard, but has entered a new stage as a foundation that supports the long-term continuity and growth of businesses.
DG Business Technology, launched through the integration of leading companies that have contributed to the success of e-commerce operators, draws on the expertise in security and fraud prevention built up by our predecessor company, Scudetto, since 2011. By leveraging this knowledge, we will support a wide range of businesses, including small and medium-sized enterprises, in building robust security frameworks and contribute to the healthy advancement of digital transformation throughout society.
■Company Profile
<DG Business Technology, Inc.> https://www.dgbt.jp
DGBT is a Digital Garage Group company providing comprehensive digital business support. The combination of a wide range of solutions, including strategic support, system strategy, digital marketing, security, and data utilization, provides comprehensive support for all processes underpinning commerce and digital business, from strategy formulation to sales promotions, purchasing, and repeat business, with the view to boosting growth of business operators. Based on the group strategy “DG FinTech Shift,” DGBT and DG Financial Technology Inc., which provides payment and settlement services, will support business operators for maximizing their business and strengthening their management base.
DGBT was launched as a new company in April 2025, following the business merger of NaviPlus Co., Ltd., DG Commerce Inc. and Scudetto Corporation, three companies that have supported commerce businesses since the early days of e-commerce.
<DG Financial Technology, Inc.> https://www.dgft.jp/
DG Financial Technology (DGFT) provides a wide range of cashless payment solutions—including credit cards, QR codes, and more—to over one million in-store and online locations of merchants across Japan. In addition to its payment service provider business, DGFT collaborates with the Digital Garage Group and strategic partners to offer e-commerce infrastructure, marketing tools, and fraud detection solutions, supporting the cashless transition and digital transformation (DX) initiatives of various businesses.
<Digital Garage, Inc. (parent company)> https://www.garage.co.jp/en/
Digital Garage’s corporate purpose is “Designing ‘New Context’ for a sustainable society with technology.” Digital Garage operates a payment business that provides one of the largest comprehensive payment platforms in Japan. In addition, Digital garage has a marketing business that provides one-stop solutions in the digital and real world, and a startup investment and development business that reaches out to promising startups and technologies in Japan and overseas.