• Complete deletion of all credit card information data stored from our previous system, along with the table in the database, as well as deletion of all data from our backup subject to this.
• Management of card information carried out on the server of SBI VeriTrans, which is in compliance with PCIDSS, the standard of Global Security.

* Hobby Search will avoid storing any Credit Card information, but with consideration of convenience for the customers,
we have enabled an option for using a previously registered card by entering your User ID and Password,
by the choice of the customer

If you choose to use this option, we have considered the safety of your information and
we will only be storing the following information:

• Last 4 digits of your card number
• Name of the card holder
• Expiry date

*We will be issuing a code that will be linked to the above information, and will be using this to
access the information stored by the server of SBI, so you will not need to input your card details every time you shop with us.

Under the guidance of a third party company of security experts,
we have improved the security focusing on SQL Injections and Cross-Site Scripting. *After the strengthening of security had completed, we had the third party company to diagnose our programs,
and had been given confirmation that there problems with SQL Injections and Cross-Site Scripting does not occur.

Requested a third party specialist to plan the settings.

• Updated the network to a safer structure.
• Strengthened IPS (Intrusion Prevention System)
• Change of Firewall settings so that only the minimal information can be viewed from the local client machines

Increased the number of characters for password of all client machines and server for strengthening of password.
Created a rule for password to be changed periodically.

• Strengthened security settings of the server and client machines (Strengthening of security settings mainly for the OS and software)
• Strengthened security of database (introduction of database coding software, revision of settings and authority levels).
• Change of Anti-Virus and Firewall software.

• Strengthened surveillance of logs for web server and database server.
• Checking news of security information from sites such as IPA and applying a security patch immediately if the level of priority is high.

• Thorough checking of vulnerability of programs.
• Periodically holding meetings within the company to strengthen awareness of security hazards.

As a result of the above improvements, we have judged that a certain level of safety can be seen,
and had revived Credit Card Payment on our site.