Seller Merchant onboarding
Register a Seller Merchant account for your seller (Platform Use Case)
Get started
As a Platform Merchant (Platform Business), you are required to register a "Seller Merchant" account for each of your sellers/users via our APIs.
Key prerequisites:
- We only accept Japanese entities (both Corporation and Sole Proprietorship) to register a Seller Merchant account.
- Seller Merchant must have a Japanese Bank Account to receive payouts in JPY from KOMOJU.
1) Create a Seller Merchant account
Request Merchant: Create API to create a Seller Merchant account with platform_role
set to seller
.
curl -X POST https://komoju.com/api/v1/merchants \
-u <platform merchant secret key>: \
-d name='New Seller Merchant 1' \
-d platform_role="seller"
Request Attribute | Type | Description |
---|---|---|
name | string | Seller Merchant's name |
platform_role | dropdown | The role of sub-merchant account. Please specify it as seller here. |
2. Query the seller merchant’s live_application for required fields
Request Live Application: Show API with seller merchant's uuid
you received from the previous step.
curl -X GET https://komoju.com/api/v1/live_application/{id}?locale=en \
-u platform_merchant_secret_key:
Response example
{
"merchant_id": "5td723eoi9txn8sj545ww2mv1",
"status": "incomplete",
"payments_enabled": false,
"payouts_enabled": false,
"requested_fields": [
{
"field_type": "phone_number",
"field": "company_information.company_phone",
"field_name": "Company Phone",
"field_properties": {
"minLength": 1,
"pattern": "^([() \\-_+]*[0-9]){10}[() \\-_+0-9]*$"
},
"optional": false
},
...
],
"newly_requested_fields": [],
"errored_fields": []
}
Within the requested_fields
array, you’ll find the required information for Seller Merchant registration. If a field’s optional
parameter is set to false
, the Seller Merchant must provide the relevant information. If set to true
, they can skip it if they don’t have the corresponding details.
Following is the breakdown of each field property.
"field": "visa_mastercard_credit_card.access_restrictions",
"field_name": "Implemented (to be implemented)",
"field_description": "Restrict IP addresses accessible to administrators; if IP addresses cannot be restricted, set access restrictions such as basic authentication on the administrator screen.",
"field_type": "checkbox",
"field_properties": {}
"optional": false
field
is the property name that should be used when submitting information for that field.field_name
is the localized name for the field that should be shown to the user.field_description
is a localized explanation of what the field is asking.field_type
is the type of component that should be displayed.field_properties
includes information about restrictions on the value of the field.optional
represents whether the field is required or not.
(1) field_types
Different field_types
are meant to help direct the types of form components shown to the user to help differentiate and format expected values.
Type | Description |
---|---|
string | A string |
dropdown | A dropdown of values. field_properties['enum'] will contain the translation ↔ value pairings |
radio | A radio selection. field_properties['enum'] will contain the translation ↔ value pairings |
checkbox | A true/false checkbox field. |
url | a URL |
text | a text box intended for longer values (ex: descriptions) than string |
an email | |
date | Datepicker that formats the date as “YYYY-MM-DD” |
integer | a non-negative integer field |
file_upload | A field that allows multiple files to be uploaded. The file should be uploaded to the merchant file upload endpoint. The value of the field should then be a list of the id s of the files uploaded. |
single_file_upload | A field that allows one file to be uploaded. The file should be uploaded to the merchant file upload endpoint. The value of the field should then be the id of the file uploaded. |
terms_of_service | Should be represented as a checkbox, but will also have an extra external_links field property that links to the actual service agreement(s) |
multi_select | A field that allows a list of selected options. field_properties['items']['enum'] will contain the translation ↔ value pairings. |
(2) field_properties
field_properties
provide information on the properties of the field.
Property | Description | Example |
---|---|---|
enum | A dictionary of option ↔ value mapping. The option is localized based on |
|
minLength | minimum length of the string/text |
|
minimum | minimum value for fields of |
|
maximum | maximum value for fields of |
|
format | Follows the possible built-in formats as specified by https://json-schema.org/understanding-json-schema/reference/string.html#built-in-formats |
|
pattern | Regex pattern for formatting values |
|
external_links | a list of URLs linking to hosted service agreements |
|
3. Upload files for seller merchant
Some field_type
s (single_file_upload
, file_upload
) require that files be uploaded via our merchant file API first, then the UUID(s) submitted as the value for the live_application.
Request File: Create API to upload the files for Seller Merchant onboarding.
We only accept jpg, png, and pdf formats. Besides, each file size should be smaller than 10MB.
curl -X POST https://komoju.com/api/v1/merchants/{id}/files \
-u platform_merchant_secret_key: \
-F "paper=/path/to/file"
The response will look like:
{
"id": "6ssx1zxovw3fgmdsdd1zuzr5u",
"resource": "file",
"filename": "blank.png",
"size": 998,
"mime_type": "image/png",
"created_at": "2023-01-10T12:16:00.819+09:00",
"updated_at": "2023-01-10T12:16:01.085+09:00"
}
4. Submit fields
Based on the requested_fields
received in step 2, information can now be submitted for the Seller Merchant via Live Application: Update API.
Here’s an example of submitting company_information.company_name
curl -X PATCH https://komoju.com/api/v1/live_application/{id} \
-u platform_merchant_secret_key: \
-d "company_information.company_name=My Company"
If successful, the response will include any additional required fields based on what was just submitted. In the case of company_name
, newly_requested_fields
will be blank as no additional fields rely on the value company_name
.
An example ofnewly_requested_fields
If you submit sole_proprietor
as the company_information.corporation_type
curl -X PATCH https://komoju.com/api/v1/live_application/{id} \
-u platform_merchant_secret_key: \
-d "company_information.corporation_type=sole_proprietor"
In the response, see that newly_requested_fields
now includes sole_proprietor_proofs
.
"newly_requested_fields": [
{
"field": "company_information.sole_proprietor_proofs",
"field_name": "Sole proprietor proofs",
"field_type": "file_upload",
"field_properties": {}
}
]
newly_requested_fields
are only shown upon update
and return new fields that should be added to the form as a result of the last update to live_application.
For fields that allow multiple values (multi_select
, file_upload
field_types)
Submit an array of values.
curl -X PATCH https://komoju.com/api/v1/live_application/{id} \
-u platform_merchant_secret_key: \
-d '{
"visa_mastercard_credit_card.countermeasures_during_card_registration":
[ "access_restrictions_during_card_registration"]
}'
5. Complete the Live Application
The required information may vary based on the seller's type (e.g., corporation, sole proprietorship). Our API responses will guide you through the entire onboarding process, providing additional fields under the requested_fields
and newly_requested_fields
arrays as needed.
The live application must be completed by filling out all fields until requested_fields
, newly_requested_fields
, and errored_fields
are empty. At this stage, the status field of the application should be set to pending
.
The information required typically falls into five categories:
(1) Acceptance of KOMOJU Service Agreements
To provide Platform Model service to your sellers, KOMOJU must establish a direct contractual relationship with them. It requires each Seller Merchant to consent to KOMOJU Merchant Services Terms of Use and Privacy Policy. As the Platform Merchant, you are responsible for ensuring your sellers agree to these terms when registering via your interfaces.
Referencing KOMOJU's service agreement
At a minimum, you must provide your sellers with links to the correct terms and obtain their explicit consent when starting the onboarding process. Here’s the recommended process:
- Request Live Application: Show API to retrieve the URLs of KOMOJU Merchant Services Terms of Use and Privacy Policy from
service_agreement.agreed_to_tos
field. - Display these terms to your sellers on your platform when they opt into the service.
- Submit your seller's consent back to KOMOJU via
service_agreement.agreed_to_tos
field in Live Application: Update API.
Here’s an example of how to present our terms to your users via your interface.

(2) Company information
Below is a detailed list of the company-related information required for registration.
Field | Type | Optional | Description |
---|---|---|---|
company_information.company_country | dropdown | false | Country of company's entity.
|
company_information.corporation_type | radio | false | The type of company, either |
company_information.company_phone | phone_number | false | Company's phone number |
company_information.share_capital_amount | integer | false | Company's share capital.
|
company_information.share_capital_currency | dropdown | false | The currency of the company's share capital.
|
company_information.registration_number | string | false | The corporate number is a 13-digit unique identifier for every Japanese corporation. (reference)
|
company_information.company_name | string | false | Company's name |
company_information.company_name_kana | string | false | Company's Katakana name |
company_information.company_name_alphabet | string | false | Company's Alphabet name |
company_information.company_postal_code | string | false | Postal code of company's address |
company_information.company_prefecture_state | string | false | Prefecture of company's address |
company_information.company_prefecture_state_kana | string | false | Prefecture of company's address in Katakana |
company_information.company_city | string | false | City of company's address |
company_information.company_city_kana | string | false | City of company's address in Katakana |
company_information.company_address | string | false | Company's address |
company_information.company_address_kana | string | false | Company's address in Katakana |
company_information.company_url | url | true | The URL of the company's official site. |
company_information.industry_description | text | false | Description of the industry that the company belongs to |
company_information.business_description | text | false | Description of the company's business |
company_information.employee_number | integer | false | Number of employees |
company_information.establishment_date | date | false | The date of the company's establishment |
company_information.office_name | string | false | Name of the company's Customer Support Department. |
company_information.contact_email | false | Email to contact the company's Customer Support | |
company_information.contact_phone | phone_number | false | Phone number to contact the company's Customer Support |
company_information.sole_proprietor_proofs | file_upload | false | Provide proof of registration of sole proprietorship.
|
(3) Personal Information
Below is the required information for the Representative Director and Applicant.
For Corporations:
- The Representative Director and Applicant can be the same person.
- The Applicant must have the authority to make decisions on corporate contracts.
For Sole Proprietorships:
- The Representative Director and Applicant should be the same person, so you only have to complete the
representative_director
fields.
Field | Type | Optional | Description |
---|---|---|---|
representative_director_information.first_name | string | false | Representative Director's first name |
representative_director_information.first_name_kana | string | false | Representative Director's first name in Katakana |
representative_director_information.last_name | string | false | Representative Director's last name |
representative_director_information.last_name_kana | string | false | Representative Director's last name in Katakana |
representative_director_information.date_of_birth | date | false | Representative Director's date of birth |
representative_director_information.gender | radio | false | Representative Director's gender |
representative_director_information.country | dropdown | false | Country of Representative Director's residence address |
representative_director_information.postal_code | string | false | Postal code of Representative Director's residence address |
representative_director_information.prefecture_state | string | false | Prefecture of Representative Director's residence address |
representative_director_information.prefecture_state_kana | string | false | Prefecture of Representative Director's residence address in Katakana |
representative_director_information.city | string | false | City of Representative Director's residence address |
representative_director_information.city_kana | string | false | City of Representative Director's residence address in Katakana |
representative_director_information.address | string | false | Address of Representative Director's residence address |
representative_director_information.address_kana | string | false | Address of Representative Director's residence address in Katakana |
representative_director_information.address_building_name | string | true | The building name of Representative Director's residence address. |
representative_director_information.address_building_name_kana | string | true | The building name in Katakana of Representative Director's residence address. |
representative_director_information.phone | string | false | Phone number of Representative Director |
applicant_information.country | dropdown | false | Country of Applicant's residence address
|
applicant_information.first_name | string | false | Applicant's first name
|
applicant_information.first_name_kana | string | false | Applicant's first name in Katakana
|
applicant_information.last_name | string | false | Applicant's last name
|
applicant_information.last_name_kana | string | false | Applicant's last name in Katakana
|
applicant_information.gender | radio | false | Applicant's gender
|
applicant_information.date_of_birth | date | false | Applicant's date of birth
|
applicant_information.identity_document_type | dropdown | false | The copy of Applicant's identity document.
|
applicant_information.identity_front | single_file_upload | false | Upload a picture or scan of the front side of the Applicant's identity document
|
applicant_information.identity_back | single_file_upload | false | Upload a picture or scan of the back side of the Applicant's identity document
|
(4) Site Information
Below is the required information related to your website.
- The store address must match the one listed on the website that hosts the Specified Commercial Transactions Law URL.
Field | Type | Optional | Description |
---|---|---|---|
site_information.site_name | string | false | Site's name
|
site_information.site_name_kana | string | false | Site's Katakana name |
site_information.site_name_alphabet | string | false | Site's Alphabet name |
site_information.site_url | string | false | Site's URL |
site_information.note | string | true | If making a payment on Seller Merchant's store requires any login information or other credentials, please supply them here. |
site_information.establishment_date | date | false | The date of the site's establishment |
site_information.industry_type | dropdown | false | The industry type of the site's services and products.
|
site_information.site_annual_sales | integer | false | Annual sales forecast of the store |
site_information.site_annual_sales_currency | dropdown | false | The currency of annual sales forecast |
site_information.site_average_transactional_value | integer | false | The average order value of the store |
site_information.site_average_transactional_currency | dropdown | false | The currency of the average order value |
site_information.site_minimum_product_pricing_cents | integer | false | The minimum price of a product in the store |
site_information.site_minimum_product_pricing_currency | dropdown | false | The currency of the minimum price |
site_information.site_maximum_product_pricing_cents | integer | false | The maximum price of a product in the store |
site_information.site_maximum_product_pricing_currency | dropdown | false | The currency of the maximum price |
site_information.store_country | dropdown | false | The country of the store address.
|
site_information.store_postal_code | string | false | The postal code of the store address. |
site_information.store_prefecture_state | string | false | The state of the store address |
site_information.store_prefecture_state_kana | string | false | The state of the store address in Katakana |
site_information.store_city | string | false | The city of the store address |
site_information.store_city_kana | string | false | The city of the store address in Katakana |
site_information.store_address | string | false | Store's address |
site_information.store_address_kana | string | false | Store's address in Katakana |
site_information.sctl_url | url | false | This represents Specified Commercial Transactions Law URL.
|
site_information.sales_permit_required | radio | false | Does the seller's business require a sales permit to be able to sell the products described? (Secondhand Dealer License, Liquor Sales License, Cosmetics Manufacturing and Sales License, Pharmaceutical Sales License) |
site_information.sales_permits | file_upload | false | Upload the copies of Sales permits if the answer is |
site_information.aup_accepted | terms_of_service | false | Please ensure the seller has acknowledged and agreed with the acceptable use policy. |
(5) Bank Account information
Below is the required bank account information.
For Corporations:
- You can only register a bank account under the same name as the corporation applying.
For Sole Proprietorships:
- You can only register a bank account under the name of the representative or the business name.
Before proceeding, please read this guide to ensure the bank account information is entered correctly.
Possible payout delay
If the account holder name is incorrect, there may be a delay in receiving the payout. Please make sure to accurately enter the half-width kana name as it appears in your bank passbook.
Field | Type | Optional | Description |
---|---|---|---|
bank_account_information.transfer_type | dropdown | false | Limited to Japanese bank accounts. Therefore, the option is limited to |
bank_account_information.default_frequency | dropdown | false | You can decide the frequency that KOMOJU pays out to your user, either
|
bank_account_information.zengin_bank_name | string | false | Bank's name |
bank_account_information.zengin_bank_code | string | false | Bank's code |
bank_account_information.zengin_branch_name | string | false | Bank branch's name |
bank_account_information.zengin_branch_code | string | false | Bank branch's code |
bank_account_information.zengin_account_type | dropdown | false | The bank account type, either |
bank_account_information.zengin_account_number | string | false | The bank account number.
|
bank_account_information.zengin_account_holder_kana | string | false | Account holder's Katakana name.
|
bank_account_information.currency | dropdown | false | Limited to |
6. Review submitted information
Request Live Application: Show again to review all submitted information. The submitted_fields
array will display the information you’ve already provided.
7. Set up webhook
You can set up webhooks to subscribe to events and receive notifications when there are updates to the review status of a Seller Merchant's application.
- Learn more about Webhook events for Platform Model here
8. Specify Seller Merchant's Owned Payment Methods
Owned Payment Methods can only be selected from your Common Payment Methods
Please note that only the payment methods listed in your Common Payment Methods are available for selection as Owned Payment Methods. For more details, refer to here.
You will need to apply for the payment methods your Seller Merchant intends to use. To view applicable payment methods to apply for, use the Live Application: Payment Methods API which will return the following:
curl -X GET https://komoju.com/api/v1/live_application/{id}/payment_methods \
-u platform_merchant_secret_key: \
submitted_payment_methods
lists the payment methods Seller Merchant has already applied for.unsubmitted_payment_methods
lists the applicable payment methods Seller Merchant has not yet applied for.
To apply for a specific payment method, request Live Application: Update Payment Method API.
Below are the details when applying for each payment method:
(1) VISA/MasterCard
Payment methods: visa_mastercard_credit_card
Available for corporation
andsole_proprietor
Note: 3D Secure 2.0 will be used for all credit card payments except some integration types. For more details, please see this article (Japanese).
To enable credit card payments for your Seller Merchant, you will have to provide additional information about their business.
1st stage questionnaire:
Field | Type | Optional | Description |
---|---|---|---|
shared_payment_method_data.has_processed_cc_before | checkbox | false |
|
shared_payment_method_data.processes_card_info | checkbox | false |
|
shared_payment_method_data.conducts_door_to_door_sales | checkbox | false |
|
shared_payment_method_data.conducts_telemarketing | checkbox | false |
|
shared_payment_method_data.conducts_mlm_scheme | checkbox | false |
|
shared_payment_method_data.conducts_business_opportunity_scheme | checkbox | false |
|
shared_payment_method_data.provides_specified_continuous_services | checkbox | false |
|
shared_payment_method_data.violated_consumer_contract_act | checkbox | false |
|
shared_payment_method_data.violated_commercial_transaction_act | checkbox | false |
|
2nd stage questionnaire: Reporting on Security Measures
KOMOJU has been requested by the Ministry of Economy, Trade and Industry (METI), the Japan Credit Association (JCA), and other organizations to request that EC merchants planning to introduce new credit card payment systems declare the status of their security measures based on the "Security Checklist" developed by the Credit Transaction Security Measures Council.
The "Security Checklist" is a list of basic security measures that the Credit Card Transaction Security Council has compiled as part of the security measures that merchants should implement in order to build and operate EC sites, and covers the basic security measures set forth in the "Credit Card Security Guidelines (Version 4.0)" published by METI. We request that merchants newly applying for credit card settlement services declare the security measures listed on the next page based on this checklist and agree to implement and maintain the security measures. We have received guidance that if you do not agree to follow the above guidelines, you should not enter into a contract with us. Thank you for your cooperation.
If you are a merchant who plans to introduce KOMOJU credit card payment systems, please indicate your implementation status of the following security measures. If the system has not yet been established, please answer on the premise that the items for each key measure will be satisfied upon completion of the establishment of the system. Also, please answer on the premise that the measures will be maintained not only at the time of signing a new franchise agreement, but also continuously after the agreement is signed.
In principle, all items must be checked for a contract to be concluded. However, since the status of installation of each security measure is dependent on the system environment of your company, please check with your internal system staff or contracted system developer before checking the status of each security measure. If your system is outsourced, please confirm the status of the outsourced system before responding to our inquiry.
Topic 1: Measures against inadequate access restrictions on the administrator's screen and administrator ID/PW mismanagement
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.access_restrictions | checkbox | false |
|
visa_mastercard_credit_card.mfa_implementation | checkbox | false |
|
visa_mastercard_credit_card.account_lock_v2 | checkbox | false |
|
Topic 2: Measures against inadequate settings due to exposure of data directories
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.public_directories | checkbox | false |
|
visa_mastercard_credit_card.file_extension_restrictions | checkbox | false |
|
Topic 3: Periodic vulnerability assessments or penetration tests, and measures to address web application vulnerabilities.
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.vulnerability_assessments | checkbox | false |
|
visa_mastercard_credit_card.sql_injection_and_xss_v2 | checkbox | false |
|
visa_mastercard_credit_card.source_code_review | checkbox | false |
|
Topic 4: Installation and operation of anti-virus software as measures against malware
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.anti_virus_software | checkbox | false |
|
Topic 5: Countermeasures against malicious validation and credit masters
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.against_validation_hack | checkbox | false |
|
Topic 6: Countermeasures against unauthorized login
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.have_countermeasures_against_unauthorized_login | checkbox | false |
|
Topic 7: If you answered true
to the visa_mastercard_credit_card.have_countermeasures_against_unauthorized_login
, please answer the following questions regarding the anti-fraud login measures implemented in your system. (According to the rules of the Japan Credit Association, one or more of the measures listed below must be implemented in each of the following situations: member registration, member login authentication, and user attribute information change.)
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.countermeasures_during_card_registration | multi_select | false |
|
access_restrictions_during_card_registration
: Restrict access from suspicious IP addressesmfa_implementation_during_card_registration
: Identification by two-factor authentication, etc.user_information_validation_during_card_registration
: Confirmation of personal information at the time of member registrationfraud_detection_system_during_card_registration
: Fraud detection system (Fraud service)
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.countermeasures_during_authentication | multi_select | false |
|
access_restrictions_during_authentication
: Restrict access from suspicious IP addressesmfa_implementation_during_authentication
: Identification by two-factor authentication, etc.login_attempt_restriction_during_authentication
: Tighten limits on the number of login attempts (to address account password cracking)login_notification_during_authentication
: Email and SMS notifications upon login, throttling, etc.device_fingerprint_during_authentication
: Device fingerprints, etc.
Field | Type | Optional | Description |
---|---|---|---|
visa_mastercard_credit_card.countermeasures_during_user_data_modification | multi_select | false |
|
access_restrictions_during_user_data_modification
: Restrict access from suspicious IP addressesmfa_implementation_during_user_data_modification
: Identification by two-factor authentication, etc.fraud_detection_system_during_user_data_modification
: Fraud detection system (Fraud service)
(2) JCB/AMEX/Diners (Japan)
Payment methods: jcb_amex_diners_credit_card
Available for corporation
andsole_proprietor
Note: 3D Secure 2.0 will be used for all credit card payments except some integration types. For more details, please see this article (Japanese).
To enable credit card payments for your Seller Merchant, you will have to provide additional information about their business.
1st stage questionnaire:
Field | Type | Optional | Description |
---|---|---|---|
shared_payment_method_data.has_processed_cc_before | checkbox | false |
|
shared_payment_method_data.processes_card_info | checkbox | false |
|
shared_payment_method_data.conducts_door_to_door_sales | checkbox | false |
|
shared_payment_method_data.conducts_telemarketing | checkbox | false |
|
shared_payment_method_data.conducts_mlm_scheme | checkbox | false |
|
shared_payment_method_data.conducts_business_opportunity_scheme | checkbox | false |
|
shared_payment_method_data.provides_specified_continuous_services | checkbox | false |
|
shared_payment_method_data.violated_consumer_contract_act | checkbox | false |
|
shared_payment_method_data.violated_commercial_transaction_act | checkbox | false |
|
2nd stage questionnaire: Reporting on Security Measures
KOMOJU has been requested by the Ministry of Economy, Trade and Industry (METI), the Japan Credit Association (JCA), and other organizations to request that EC merchants planning to introduce new credit card payment systems declare the status of their security measures based on the "Security Checklist" developed by the Credit Transaction Security Measures Council.
The "Security Checklist" is a list of basic security measures that the Credit Card Transaction Security Council has compiled as part of the security measures that merchants should implement in order to build and operate EC sites, and covers the basic security measures set forth in the "Credit Card Security Guidelines (Version 4.0)" published by METI. We request that merchants newly applying for credit card settlement services declare the security measures listed on the next page based on this checklist and agree to implement and maintain the security measures. We have received guidance that if you do not agree to follow the above guidelines, you should not enter into a contract with us. Thank you for your cooperation.
If you are a merchant who plans to introduce KOMOJU credit card payment systems, please indicate your implementation status of the following security measures. If the system has not yet been established, please answer on the premise that the items for each key measure will be satisfied upon completion of the establishment of the system. Also, please answer on the premise that the measures will be maintained not only at the time of signing a new franchise agreement, but also continuously after the agreement is signed.
In principle, all items must be checked for a contract to be concluded. However, since the status of installation of each security measure is dependent on the system environment of your company, please check with your internal system staff or contracted system developer before checking the status of each security measure. If your system is outsourced, please confirm the status of the outsourced system before responding to our inquiry.
Topic 1: Measures against inadequate access restrictions on the administrator's screen and administrator ID/PW mismanagement
Field | Type | Optional | Description |
---|---|---|---|
jcb_amex_diners_credit_card.access_restrictions | checkbox | false |
|
jcb_amex_diners_credit_card.mfa_implementation | checkbox | false |
|
jcb_amex_diners_credit_card.account_lock_v2 | checkbox | false |
|
Topic 2: Measures against inadequate settings due to exposure of data directories
Field | Type | Optional | Description |
---|---|---|---|
jcb_amex_diners_credit_card.public_directories | checkbox | false |
|
jcb_amex_diners_credit_card.file_extension_restrictions | checkbox | false |
|
Topic 3: Periodic vulnerability assessments or penetration tests, and measures to address web application vulnerabilities.
Field | Type | Optional | Description |
---|---|---|---|
jcb_amex_diners_credit_card.vulnerability_assessments | checkbox | false |
|
jcb_amex_diners_credit_card.sql_injection_and_xss_v2 | checkbox | false |
|
jcb_amex_diners_credit_card.source_code_review | checkbox | false |
|
Topic 4: Installation and operation of anti-virus software as measures against malware
Field | Type | Optional | Description |
---|---|---|---|
jcb_amex_diners_credit_card.anti_virus_software | checkbox | false |
|
Topic 5: Countermeasures against malicious validation and credit masters
Field | Type | Optional | Description |
---|---|---|---|
jcb_amex_diners_credit_card.against_validation_hack | checkbox | false |
|
Topic 6: Countermeasures against unauthorized login
Field | Type | Description |
---|---|---|
jcb_amex_diners_credit_card.have_countermeasures_against_unauthorized_login | checkbox |
|
Topic 7: If you answered true
to the jcb_amex_diners_credit_card.have_countermeasures_against_unauthorized_login
, please answer the following questions regarding the anti-fraud login measures implemented in your system. (According to the rules of the Japan Credit Association, one or more of the measures listed below must be implemented in each of the following situations: member registration, member login authentication, and user attribute information change.)
Field | Type | Optional | Description |
---|---|---|---|
jcb_amex_diners_credit_card.countermeasures_during_card_registration | multi_select | false |
|
access_restrictions_during_card_registration
: Restrict access from suspicious IP addressesmfa_implementation_during_card_registration
: Identification by two-factor authentication, etc.user_information_validation_during_card_registration
: Confirmation of personal information at the time of member registrationfraud_detection_system_during_card_registration
: Fraud detection system (Fraud service)
Field | Type | Optional | Description |
---|---|---|---|
jcb_amex_diners_credit_card.countermeasures_during_authentication | multi_select | false |
|
access_restrictions_during_authentication
: Restrict access from suspicious IP addressesmfa_implementation_during_authentication
: Identification by two-factor authentication, etc.login_attempt_restriction_during_authentication
: Tighten limits on the number of login attempts (to address account password cracking)login_notification_during_authentication
: Email and SMS notifications upon login, throttling, etc.device_fingerprint_during_authentication
: Device fingerprints, etc.
Field | Type | Optional | Description |
---|---|---|---|
jcb_amex_diners_credit_card.countermeasures_during_user_data_modification | multi_select | false |
|
access_restrictions_during_user_data_modification
: Restrict access from suspicious IP addressesmfa_implementation_during_user_data_modification
: Identification by two-factor authentication, etc.fraud_detection_system_during_user_data_modification
: Fraud detection system (Fraud service)
(3) PayPay
Payment methods: paypay
Available for corporation
andsole_proprietor
The following information is required when applying for PayPay:
Field | Type | Optional | Description |
---|---|---|---|
paypay.accepted_paypay_tos | terms_of_service | false | Seller Merchant has read and agreed with the following terms and conditions and privacy policy. and also agrees to be contacted by PayPay regarding sales promotions. |
(4) Merpay
Payment methods: merpay
Available for corporation
only.
The following information is required when applying for Merpay:
Field | Type | Optional | Description |
---|---|---|---|
merpay.accepted_merpay_tos | terms_of_service | false | Seller Merchant has read and agreed with the following terms and conditions and privacy policy. |
shared_payment_method_data.privacy_policy_url | string | false | URL of your user's privacy policy |
(5) Bank Transfer
Payment methods: bank_transfer
Available for corporation
andsole_proprietor
No additional information is required when applying for Bank Transfer.
(6) Pay-easy
Payment methods: pay_easy
Available for corporation
andsole_proprietor
No additional information is required when applying for Pay-easy.
(7) Konbini
Payment methods: convenience_store
Available for corporation
andsole_proprietor
The following information is required when applying for Merpay:
Field | Type | Optional | Description |
---|---|---|---|
shared_payment_method_data.open_time | string | false | Opening time of Seller Merchant's customer service |
shared_payment_method_data.close_time | string | false | Closing time of Seller Merchant's customer service |
convenience_store.expected_number_of_payments | integer | false | Seller Merchant's expected number of transactions per month |
(8) 7-Eleven
Payment methods: seven_eleven
Available for corporation
only
For 7-Eleven payment, there is a screening process to ensure that the site and operation are in line with the regulations set by 7-Eleven. To enable 7-Eleven payments, your site must meet all the following requirements.
The expected review time is approximately one to two months after applying.
During the review process, both 7-Eleven and the KOMOJU Support Team may contact your user individually for confirmation or suggestions.
The following information is required when applying for 7-Eleven:
Field | Type | Optional | Description |
---|---|---|---|
shared_payment_method_data.open_time | string | false | Opening time of Seller Merchant's customer service |
shared_payment_method_data.close_time | string | false | Closing time of Seller Merchant's customer service |
seven_eleven.no_direct_delivery_from_producer | checkbox | false |
|
seven_eleven.no_ticket_sales | checkbox | false |
|
seven_eleven.correct_flow_for_order_items | checkbox | false |
|
seven_eleven.delivery_within_two_months | checkbox | false |
|
seven_eleven.all_items_are_cheaper_than_konbini_limit | checkbox | false |
|
seven_eleven.display_sales_permit_number | checkbox | false |
|
seven_eleven.order_fee_is_displayed | checkbox | false |
|
seven_eleven.no_international_transaction | checkbox | false |
|
seven_eleven.provided_info_matches_sctl | checkbox | false |
|
seven_eleven.sctl_page_has_phone_number | checkbox | false |
|
seven_eleven.product_pages_are_public | checkbox | false |
|
seven_eleven.have_sold_as_regular_price | checkbox | false |
|
seven_eleven.site_is_public | checkbox | false |
|
seven_eleven.note | string | true |
|
9. (Test environment only) Simulate the Live application status
Once you complete the merchant application and at least one Owned Payment Method application, you'll be able to simulate the result of KOMOJU's review.
(1) Simulate Merchant Application status
Request Live Application: Simulate Status API to simulate whether the merchant application will be accepted
or declined
.
(2) Simulate Owned Payment Method Application status
Request Live Application: Simulate Payment Method Status API to simulate the status (accepted
or declined
) of an Owned Payment Method application.
Updated 4 days ago