Zeus Releases White Paper Explaining Key Points of the 'Credit Card Security Guidelines [Version 6.1]'

Zeus Co., Ltd. (Headquarters: Shibuya-ku, Tokyo; Representative Director: Yuichi Kaneko; hereinafter “the Company”), a provider of payment services including credit cards, announces the release of a white paper titled 'What is the Credit Card Security Guidelines?' This document explains the background, specific required countermeasures, and key practical points of the 'Credit Card Security Guidelines [Version 6.1]'※1, revised by the Japan Credit Association (JCA), a general incorporated association, under the guidance of the Ministry of Economy, Trade and Industry, to broadly support e-commerce merchants in enhancing their security measures.

※1 Credit Card Security Guidelines [Version 6.1] (Japan Credit Association)

https://www.j-credit.or.jp/security/document/index.html

Download the document here

■ Background

In recent years, credit card fraud incidents have remained at high levels, and businesses—especially e-commerce merchants—are increasingly required to implement more effective security measures. In response, the 'Credit Card Security Guidelines' have been continuously revised, with the [Version 6.1] released in March 2026, including measures to promote understanding among businesses. The [6.1 version] outlines concrete and practical actions that e-commerce merchants must take, including enhanced vulnerability management, improved defenses against unauthorized logins, and the mandatory adoption of EMV 3-D Secure. However, many businesses have expressed concerns such as 'We don’t know where to start' or 'It’s difficult to determine how much our internal systems need to comply.'

Drawing on its extensive experience supporting numerous e-commerce businesses as a payment processor, the Company has compiled this white paper to clarify the overall framework and practical key points of the 'Credit Card Security Guidelines [Version 6.1]', enabling businesses to appropriately assess and implement suitable security measures based on their own circumstances.

■ Main Contents of the Document

- Fundamental concepts and practical key points outlined in the 'Credit Card Security Guidelines [Version 6.1]'

- Vulnerability countermeasures required for e-commerce merchants (e.g., web application security, malware protection)

- Overview of unauthorized login prevention measures (e.g., multi-factor authentication, login controls, behavioral analysis)

■ Recommended For

- Businesses operating e-commerce websites or membership-based services seeking to strengthen vulnerability and unauthorized login countermeasures

- Businesses struggling to determine the scope and priority of security measures

- Personnel preparing for reporting or compliance verification with credit card companies or payment processors

- Businesses seeking to understand the fundamental concepts and practical points of the 'Credit Card Security Guidelines [Version 6.1]'

Download the document here

The Company will continue to provide optimal payment and security solutions tailored to each business’s industry, business model, and system configuration, supporting the creation of safe and secure payment environments. Going forward, we will also strive to provide timely information and expand our services in line with evolving laws, regulations, and guidelines, aiming to deliver trusted payment services to all our customers.

■ About 'EMV 3-D Secure'

'EMV 3-D Secure' is an authentication service recommended by international card brands to prevent fraudulent use of credit card information during online shopping. Based on the previous 3-D Secure (1.0)※2, the updated EMV 3-D Secure scheme incorporates 'risk-based authentication'※3. This enables frictionless transactions—where additional authentication is skipped—for low-risk transactions, thereby improving usability and reducing cart abandonment during checkout※4. Furthermore, if a transaction authenticated via this service is later found to be fraudulent, the card issuer will generally cover the charge, allowing e-commerce merchants to simultaneously reduce chargeback※5 risk and enhance security.

The Company provides 'EMV 3-D Secure' free of charge.

For more details on 'EMV 3-D Secure', please visit:

https://www.cardservice.co.jp/service/creditcard/3d.html

※2 Service ended in October 2022.

※3 Risk-based authentication: A method that uses information collected from devices such as PCs or smartphones during online shopping to determine whether the purchaser is the legitimate cardholder. The level of risk, determined via scoring, dictates the authentication process.

※4 EMV 3-D Secure Implementation Guide 2.1 (March 2026, Credit Transaction Security Countermeasures Council)

https://www.j-credit.or.jp/security/pdf/secure_installation_guide.pdf

※5 Chargeback: Occurs when a credit cardholder refuses to pay for a transaction due to fraud or other reasons, prompting the card issuer to reverse the sale. Once reversed, the merchant (e-commerce business) must refund the transaction amount to the card issuer and typically does not receive the returned goods, resulting in financial loss.

【About the Company】

The Company boasts over 14,000 site implementations nationwide and has been a pioneer in Japan’s payment processing industry since its founding in 1994. We provide a wide range of online and in-store payment services, including credit card processing, to e-commerce stores and B2B businesses. Supported by tailored proposals, high-quality service delivery, and a 24/7 human-operated customer support center—which has received the highest 'Three Stars' rating for service quality for three consecutive years in the HDI benchmarking 'Quality Rating (Center Evaluation)'—we are trusted by businesses across all industries and business models, including corporations, sole proprietors, retail, and service sectors.

【Company Overview】

Company Name: Zeus Co., Ltd.

Representative: Representative Director Yuichi Kaneko

Headquarters: 9F, Aoyama First Building, 2-1-1 Shibuya, Shibuya-ku, Tokyo

Founded: November 14, 1994

Business: Payment Service Provider

URL: https://www.cardservice.co.jp/