JSTAT

Terms and Conditions

J/Secure Compliance Test Terms and Conditions

J/Secure Compliance Test Terms and Conditions

 

Article 1.  Definitions

The following terms, as used herein, have the following meanings:

 

“3-D Secure”

An e-commerce protocol that enables the secure processing of payment card transactions in remote environments.

“3-D Secure Compliance Testing”

A test conducted by Vendor for the evaluation by VISA to confirm Vendor product is compliant with 3-D Secure Specification.

“ACS”

The acronym for “Access Control Server”, meaning a server that exists in the issuer domain and performs payer authentication.

“Compliance Letter(s)”

A document issued by JCB to Vendor in accordance with Article 6 to recognize that the ACS/MPI that has been submitted for the J/Secure Compliance Test complies with J/SecureTM Specification.

“Certificates”

Certificates installed in tested ACS/MPI such as SSL server certificates, signing certificates and root certificates.

“J/Secure Compliance Test(s)”

A test conducted by Vendor for the evaluation by JCB to confirm Vendor product is compliant with J/SecureTM Specification.

“Intellectual Property Rights”

Patents, copyrights, trademarks rights, design rights and trade secrets, and all other forms of intellectual property rights, and registrations of and application to apply for, any of the foregoing as may be exercised in any part of the world.

“JCB”

JCB Co., Ltd., a corporation organized and existing under the laws of Japan and having its principal office at 5-1-22, Minami Aoyama, Minato-ku, Tokyo, Japan.

“JCB Party”

Collectively, JCB, its subsidiaries, affiliates, related companies, agents, representatives, contractors, and each of their respective officers and employees.

“JCB Root Certificate(s)”

The J/Secure CA public key signed by its private key in the form of a self-signed certificate.

“JCB Program Marks”

The JCB logo mark and/or the JCB logotype and/or any other trademark or trade name of JCB.

“J/SecureTM

JCB payer authentication service based on 3-D Secure.

“J/Secure CA”

The acronym for “J/Secure Certificate Authority”, meaning a certificate authority that exists in interoperability domain and issues selected certificates required by J/SecureTM.

“J/SecureTM Specification”

Any document designated by JCB as a brand manager, and other technical information and materials related thereto provided by JCB, pursuant to the J/SecureTM Specifications License Agreement that has been executed between Vendor and JCB.

“JSTAT”

The acronym for “J/Secure Test Automation Tool”, meaning a remote-access test facility, established by JCB, which provides an environment for Vendors to test ACS/MPI for compliance with J/SecureTM Specification.

“MPI”

The acronym for “Merchant Server Plug-In”, meaning a plug-in software that exists in the acquirer domain, which incorporated into merchant’s web storefront. It provides functions related to J/SecureTM on behalf of a merchant.

“Requirements”

Collectively, all the requirements imposed by JCB, including, test regulations and test procedures, determined and provided by JCB by any method of communication, including e-mail and website.

“Test Information”

Any data provided by JCB by any method of provision, including e-mail and website, to Vendor for the purpose of usage in J/Secure Compliance Test(s), including test procedures, test card information and merchant information.

“Test Logs”

XML messages recorded in JSTAT as the results of conducting J/Secure Compliance Test.

“Test Scripts”

Test scenarios defining (i) XML messages sent from/to JSTAT, and (ii) expected values for validating XML messages sent from tested ACS/MPI.

“Test Results”

Results of each Test Script to be produced after comparing XML messages sent from tested ACS/MPI against the specific standards defined in the Test Scripts.

“Vendor”

A vendor of ACS/MPI who applied for the J/Secure Test Compliance Test.

“Visa”

VISA International Service Association, a corporation incorporated in the State of Delaware, United States of America.

 

Article 2.  Purpose of this J/Secure Compliance Test Terms and Conditions

2.1  The Purpose of this J/Secure Compliance Test Terms and Conditions (this “Terms and Conditions”) is to set forth the terms and conditions of J/Secure Compliance Test(s) and Compliance Letter(s) for the ACS/MPI developed by Vendor.  JCB reserves the right to amend, alter or supplement this Terms and Conditions from time to time.  When this Terms and Conditions is amended, altered, supplemented or revised and distributed, Vendors shall adhere to, and comply with the entire contents of such amended, altered, supplemented version(s).

 

2.2  The procedures and details with respect to (i) Vendor’s conduct of the J/Secure Compliance Test(s); and (ii) JCB’s grant/refusal of issuance of Compliance Letter(s), shall be in accordance with the terms and conditions of this Terms and Conditions (as amended from time to time) and the Requirements.

 

Article 3.  Purpose of J/Secure Compliance Test

The purpose of J/Secure Compliance Test is to test whether the ACS/MPI developed by Vendor is compliant with J/Secure Specification.

 

Article 4.  J/Secure Compliance Test(s) Procedures

4.1   The following conditions are prerequisite for J/Secure Compliance Test(s):

(i)  Vendor shall cause ACS/MPI to have been recognized compliant to the 3-D Secure protocol version 1.0.2 by Visa (the “Visa Recognition(s)”);

(ii)  Vendor shall apply for the J/Secure Compliance Test with all information submitted for the application being true and correct; and

(iii)  Vendor shall receive approval from JCB to conduct J/Secure Compliance Test.

 

4.2  By using JSTAT, Vendor shall conduct J/Secure Compliance Test(s) on ACS/MPI that it wishes to obtain Compliance Letter(s) in accordance with this Terms and Conditions and the Requirements.

 

4.3  Vendor shall submit material that is required for the J/Secure Compliance Test(s) in accordance with the Requirements.

 

4.4  JCB Party may require Vendor to cease conduct of the J/Secure Compliance Test even after Vendor has started to conduct the J/Secure Compliance Test, in the event Vendor breaches any of this Terms and Conditions (including prerequisites provided in Article 4.1) or at any time JCB considers necessary.

 

Article 5.  JSTAT and Test Information

5.1  JCB shall permit Vendor to use JSTAT (by authenticating itself with its key identification (“Tester ID”) and its specific password (“Password”) supplied to JCB Party during the application) and Test Information for the limited purpose of conducting the J/Secure Compliance Test(s) and for the limited period determined by JCB.

 

5.2  Vendor shall not conduct the Test Scripts other than as determined by JCB.

 

5.3  Vendor acknowledges and agrees that JCB Party shall not warrant or purport to warrant, nor provide any guarantee with regards to JSTAT nor Test Information including the structuring, quality or function thereof.

 

5.4  If JSTAT is damaged, destroyed or invalidated resulting from J/Secure Compliance Test conducted by Vendor, Vendor shall indemnify JCB accordingly.

 

5.5  When Vendor completes the conduct of the relevant J/Secure Compliance Test or when JCB Party requires Vendor to cease the conduct of the J/Secure Compliance Test as provided in Article 4.4, Vendor shall immediately stop the use of JSTAT and Test Information.

 

5.6  JCB may stop the operation of JSTAT due to disaster, maintenance, or at anytime JCB considers it necessary.  Vendor acknowledges and agrees that JCB shall not be liable for any damages that may be caused by the stopping of the operation of JSTAT.

 

5.7  Vendor shall not perform stress tests using JSTAT.

 

5.8  Vendor shall be responsible for managing Tester ID and Password, and the Vendor shall not disclose the Tester ID or Password to any third party.

 

Article 6.  Issuance of Compliance Letter and JCB Root Certificate(s)

6.1  If JCB determines that, by analyzing and evaluating the results of the J/Secure Compliance Test(s), the ACS/MPI which Vendor has submitted for J/Secure Compliance Test complies with the standards established by JCB, JCB shall issue Compliance Letter(s) that recognize that the relevant ACS/MPI complies with J/Secure Specification. Compliance Letter(s) shall be valid only for ACS/MPI that is identical to the one submitted for J/Secure Compliance Test(s).

 

6.2  JCB shall provide Vendor with JCB Root Certificate(s) for the ACS/MPI for which Compliance Letter(s) has been issued to Vendor and Vendor agrees that such JCB Root Certificate(s) can only be provided to its customer who purchased, rented, leased or transferred the ACS/MPI for which the Compliance Letter(s) has been issued.

 

Article 7.  Rights and Obligations of Vendor

7.1  Upon receipt of the Compliance Letter(s) from JCB provided for in Article 6, Vendor shall acquire the right to perform the following acts in accordance with the terms and conditions specified in this Terms and Conditions, the Requirements and the Compliance Letter(s):

(i)  Publicly announce that the ACS/MPI for which Compliance Letter(s) has been issued is in compliance with J/SecureTM Specification and use JCB’s logo, trademark or trade name for the limited purpose of such announcement stipulated in this paragraph 7.1(i);

(ii)  Sell, rent, lease or transfer the ACS/MPI that is identical to the one for which Compliance Letter(s) has been issued to a third party for the purpose of making J/Secure transactions; and

(iii)  Provide the relevant JCB Root Certificate(s) only for customers who buy, rent or lease the ACS/MPI or customers to whom the ACS/MPI are transferred pursuant to the previous paragraph 7.1(ii), provided that Vendor shall keep a complete and accurate record of information that will identify customers who receive JCB Root Certificate(s) including their names and contacts, and provide JCB Party with these information at any time as requested by JCB Party.

 

7.2  If Vendor revises, modifies or otherwise changes the ACS/MPI for which Vendor has received the Compliance Letter(s), Vendor shall inquire whether retesting is required by VISA and take 3-D Secure Compliance Testing to receive VISA Recognition if retesting is required by VISA, prior to the report to JCB.  Then Vendor shall submit a prescribed report form in accordance with the Requirements.  When JCB requires retesting, Vendor shall apply for J/Secure Compliance Test again.

 

7.3  JCB shall have the right to change the terms and conditions of the J/Secure Compliance Test(s) or issuance of Compliance Letter(s) at its discretion.  Vendor shall retest ACS/MPI in accordance with the changed terms and conditions without delay upon demand by JCB.

 

7.4  If JCB notifies Vendor that Vendor is required to retest, the relevant Compliance Letter(s) shall cease to be valid unless otherwise approved by JCB in writing.

 

7.5  If Visa Recognition(s) ceases to be valid after Vendor applies for J/Secure Compliance Test, Vendor shall immediately notify JCB thereof.

 

7.6  If there are any changes in the information described in the Application Form, Vendor shall submit a prescribed change request form to JCB in accordance with the Requirements.

 

Article 8.  Fee

8.1  Vendor shall pay to JCB an amount specified by the Requirements as the fee for the J/Secure Compliance Test(s) for each ACS/MPI to be tested by transferring to an account of a financial institution designated by JCB on or before the last day of the month following the date on which JCB notifies Vendor of the results of the analysis and evaluation of the J/Secure Compliance Test(s).  Vendor shall bear the expenses required for such transfer and other expenses required for payment, such as consumption tax.

 

8.2  The fee provided for in Article 8.1 shall not, for any reason, include the fee or expenses arising from any additional J/Secure Compliance Test, which is necessary and required if the ACS/MPI fails the J/Secure Compliance Test.  If JCB determines that the additional J/Secure Compliance Test is necessary, Vendor shall pay to JCB the fee and expenses for such test under the same terms and conditions as those provided for in Article 8.1 in an amount to be separately determined by JCB.

 

8.3  The fee provided for in Article 8.1 shall not include the fee or expenses that arise if JCB determines that retest is necessary as provided for in Article 7.2 or 7.3.  If JCB determines that the retest is necessary, Vendor shall pay to JCB the fee and expenses for the retest under the same terms and conditions as those provided for in Article 8.1 in an amount to be separately determined by JCB.

 

8.4  JCB shall not, for any reason, be required to refund any fee or expenses received from Vendor provided for in Article 8.1 through 8.3.

 

Article 9.  No Warranty or Guarantee by JCB Party

9.1  Even if Vendor has obtained Compliance Letter(s) for ACS/MPI, Vendor acknowledges and agrees that JCB Party shall not warrant or purport to warrant, nor provide any guarantee with regards to such ACS/MPI, including that:

(i)  Any of Vendor’s products other than ACS/MPI which is identical to the one Vendor has submitted for J/Secure Compliance Test(s) and for which Compliance Letter(s) has been issued;

(ii)  ACS/MPI has functionality, quality, performance, merchantability or fitness for the purposes of payer authentication contemplated by J/Secure or other version of payer authentications; and/or

(iii)  ACS/MPI which Vendor has submitted for J/Secure Compliance Test(s) and for which Compliance Letter(s) has been issued or J/Secure is not infringing any Intellectual Property Rights or other rights of Vendor or a third party.

 

9.2  Vendor shall not, expressly or impliedly, represent, warrant or guarantee to any third parties, that any of JCB Party warranted or purported to warrant, or provided any guarantee, as stipulated in Article 9.1 above.

 

9.3  Vendor acknowledge that JCB Party shall completely and absolutely rely on Vendor’s Tester ID and Password for Vendor’s identification for the J/Secure Compliance Test(s), and that JCB Party shall not be held liable to Vendor nor any third party for the misuse, infringement or any unlawful use of the said Tester ID and/or Password of Vendor.

 

Article 10.  Liability for ACS/MPI

10.1  Vendor shall be wholly liable for ACS/MPI that has been recognized compliant with J/SecureTM Specification by JCB with the Compliance Letter(s) and JCB Party shall never be liable for such ACS/MPI and any claim whatsoever against Vendor, its officers, employees, customers, business partners, or any third parties made by any customers, business partners, or any third parties, irrespective of the reasons therefore.

 

10.2  Vendor agrees to indemnify and hold harmless JCB Party in respect of all damages including claims, demands, losses, liabilities or expenses whatsoever suffered or incurred by it respectively arising out of or in connection with ACS/MPI, the J/Secure Compliance Test, the Compliance Letter, this Terms and Conditions and any matters related thereto.

 

Article 11.  Damages

11.1  JCB Party’s liability to Vendor shall be limited to damages for its failure to perform its obligations stipulated by this Terms and Conditions up to the relevant fee Vendor paid to JCB for the relevant J/Secure Compliance Test in accordance with Article 8.

 

11.2  JCB Party’s liability for damages set forth in Article 11.1 shall not include any of following damages:

(i)  Any consequential damages, including but not limited to, loss of business, revenue, goodwill, anticipated savings;

(ii)  Any damages due to acts of God or other force majeure;

(iii)  Any damages due to reasons attributable to Vendor, its officers, employees or affiliates thereto; nor

(iv)  Any direct nor indirect damages to Vendor, its officers, employees, customers, business partners, or any third parties with regard to use or result of use of JSTAT or Test Information.

 

11.3  Except as set forth in Articles 11.1 and 11.2, JCB Party shall not, in any event, be liable for any damages to Vendor with respect to Compliance Test(s), issuance of Compliance Letter(s) by JCB or any other related matters thereto.

 

Article 12.  Intellectual Property Rights

12.1  Except for Vendor’s right to use of JCB’s logo, trademark or trade name pursuant to paragraph 7.1(i), Vendor shall not use JCB Program Marks and/or any JCB Intellectual Property Rights.  If the Compliance Letter(s) received by Vendor is terminated, Vendor’s right to use JCB’s logo, trademark or trade name pursuant to Articles 7.1 shall cease to be valid.

 

12.2  When JCB issues Compliance Letter(s) to Vendor, JCB Party shall be entitled to use Vendor’s logo, trademark or trade name, and to announce Vendor’s name, name of ACS/MPI, or other related information determined by JCB Party in a way determined by JCB Party including but not limited to displaying these information on website(s).  If all of the Compliance Letter(s) received by Vendor is terminated, JCB Party’s right to use Vendor’s logo, trademark or trade name based on this Article 12.2 shall cease to be valid.

 

12.3  When JCB issues Compliance Letter(s) to Vendor, JCB Party shall be entitled to use Test Logs to conduct test(s) to ascertain the interoperability of other Vendor’s ACS/MPI against the Vendor’s ACS/MPI.  If the Compliance Letter received by Vendor is terminated, JCB Party’s right to use Test Logs based on this Article 12.3 shall cease to be valid.

 

Article 13.  Confidentiality

13.1  Confidential Information hereunder means any information that is:

(i)  Designated as confidential by the disclosing party (hereinafter the “Disclosing Party”, whereby if JCB Party discloses any information, JCB Party shall be deemed as the Disclosing Party with respect to that information) and disclosed in a tangible form (including electronic media such as e-mail, magnetic media and website) such as technical data, drawings, or other related documents; or

(ii)  Disclosed orally with notice of such confidentiality and subsequently designated as confidential in writing within fourteen (14) days of such disclosure by the Disclosing Party.

 

13.2  In connection with Article 13.1, the following items are deemed to be the Confidential Information that is disclosed by JCB Party to Vendor, and Vendor shall comply with and be subject to all the obligations of Article 13:

(i)  Any information posted on JSTAT, including but not limited to, Test Scripts, and Test Information; and

(ii)  Any information displayed on JSTAT as the result of the testing of ACS/MPI, including but not limited to, Test Results and Test Logs.

 

13.3  Neither party shall disclose or divulge to any third party confidential information without the prior written consent of the Disclosing Party.  Provided, however, that this provision shall not apply to any of the following cases:

(i)  Such information is already available to the public at the point when the other party (hereinafter the “Receiving Party”, whereby if JCB Party receives any Confidential Information, that JCB Party shall be deemed as the Receiving Party with respect to that information) receives such information from the Disclosing Party;

(ii)  Such information becomes available to the public after the Receiving Party receives such information from the Disclosing Party, due to a reason not attributable to the Receiving Party;

(iii)  The Receiving Party have already had such information when it received such information from the Disclosing Party; or

(iv)  The Receiving Party comes to know such information from a duly authorized third party under no obligation of confidentiality.

 

13.4  Both parties shall manage the confidential information with the due care of a good manager to comply with the obligation of confidentiality set forth in this Article 13.

 

13.5  Both parties may disclose the confidential information only to their officers and employees who need to know such confidential information, and shall impose the obligation of confidentiality set out herein on such officers and employees.

 

13.6  Both parties shall take measures to ensure any of their officers and employees to whom confidential information has been disclosed maintain the obligation of confidentiality set out herein even after their retirement.

 

13.7  Neither party may duplicate the confidential information without the written consent of the other party.  If either party duplicates the confidential information pursuant to this Article 13.7, such party shall indicate the copyright to such confidential information on such duplicates.

 

13.8  Both parties shall immediately return or dispose of the confidential information and any duplicates thereof when the other party so demands.  If a party disposes of such information and duplicates, such party shall notify the other party thereof.

 

Article 14.  Termination of Compliance Letter(s)

14.1  Upon giving notice to Vendor, JCB may terminate any or all of the Compliance Letter(s) issued to Vendor upon any breach of this Terms and Conditions or the Requirements.

 

14.2  If any of the Visa Recognition(s) ceases to be valid, Vendor shall immediately notify JCB thereof and any Compliance Letter(s) shall automatically cease to be valid.

 

14.3  If ACS/MPI, for which a Compliance Letter has been issued, is revised, modified or otherwise changed and JCB notifies the Vendor that retesting is required, the relevant Compliance Letter(s) shall cease to be valid.

 

14.4  If any Compliance Letter(s) ceases to be valid, Vendor shall automatically lose the rights provided for in Article 7.1.

 

14.5  If any Compliance Letter(s) ceases to be valid, Vendor shall return to JCB, or disposes of, the Compliance Letter, pursuant to JCB’s instruction and Vendor shall not use the relevant JCB Root Certificate(s) by itself nor provide the same for any third party.  If Vendor disposes of Compliance Letter(s) pursuant to JCB’s instruction, immediately after Vender completes to dispose of such Compliance Letter(s), Vendor shall notify JCB thereof.

 

Article 15.  Governing Law and Jurisdiction

This Terms and Conditions shall be governed by, and shall be interpreted in accordance with, the laws of Japan.  With respect to any dispute or settlements relating to this Terms and Conditions, the Compliance Letter(s) or any other matter related thereto the Tokyo District Court shall have the exclusive jurisdiction as the court of first instance.

 

Article 16.  Survival of Obligations

The provisions of Articles 9, 10, 11, 12, 13 and 15 shall survive and continue to be effective upon the invalidation of any of the Compliance Letter(s).

 

Do you accept terms and conditions set by JCB ?
Accept       Dont Accept


Copyright 2005 JCB Co., Ltd. All Rights Reserved. v1.0      Thu, 26 Nov 2020 20:11:12 GMT