- Privacy & Security
- Security
- Security Initiatives
Security Initiatives
Efforts to provide safe and secure services
As part of its efforts to provide robust services, LY Corporation addresses the vulnerabilities of applications by conducting such measures as vulnerability examinations through dedicated internal organizations and third-party institutions. In addition, it holds secure programming trainings for engineers with the aim of preventing application vulnerabilities. The trainings are positioned among important trainings for both strengthening the abilities of engineers and achieving compliance with international cybersecurity standards, and have been mandated for all engineers in the company.
The services that have been provided by LINE Corporation are operated through the LINE Security Bug Bounty Program, a program that publicly solicits service vulnerability discoveries and pays rewards to those who report them, in order to quickly discover vulnerabilities in LINE messenger app or related websites, and to provide secure service to the users.
Related links
System for sharing information with external organizations
In order to keep abreast of new threats to information security, LY Corporation is cooperating with the following organizations and continues to grasp the latest technological trends.
| Through close collaboration with CSIRT, LY Corporation strives to solve social issues commonly faced by the member companies of CSIRT. | |
| By sharing information on cybercrime, LY Corporation works to identify the roots of threats in cyberspace, reduce and nullify the threats, and prevent future incidents from occurring. | |
| LY Corporation contributes to inter-organizational collaborations during incidents from a technical standpoint. |
Countermeasures against phishing websites and unauthorized use
LY Corporation responds to phishing as part of the incident response related to information security of the companies of the LY Corporation Group. In collaboration with related companies and agencies, phishing is detected at an early stage and unauthorized websites are disabled on an ongoing basis.
To prepare for instances where a third-party gains knowledge of a user's ID or password, LY Corporation conducts countermeasures to prevent fraudulent logins and mitigates damage should such logins occur. At the same time, it works to raise awareness among Japanese Internet users on managing login IDs in a secure manner and has preventive measures in place that anticipate a certain level of improper access.
Related links
- LINE Safety Center (Japanese only)
- How to Avoid Being Hijacked – LINE's Guidebook for All (Japanese only)
- Securer Use of LINE (LINE Corporation) (Japanese only)
- Yahoo! JAPAN Security Center (Japanese only)
- Yahoo! JAPAN ID Guide (Japanese only)
Thorough education on security
LY Corporation provides the following training programs adapted to the employees' duties and job titles.
| Training for new hires | This online learning targets all new employees, both new graduates and mid-career hires (including temporary and subcontract employees). New hires learn general information security knowledge and countermeasures as well as internal rules on information management. |
|---|---|
| Training for newly appointed managers | This online training helps newly appointed managers acquire necessary knowledge related to information security. |
| Training for engineers | The secure programming training targets newly hired engineers in charge of programming. In addition, update training is provided once a year to all the engineers in the company to supplement new technical knowledge. |
| Targeted attack response drill | Training is conducted at least once a year at each Group company to improve incident response capabilities by sending training e-mails that simulate targeted attacks to the employees of each company. |
| Incident drills | This virtual training is conducted once a year with employees engaged in services in each Group company. The employees learn the measures to be taken when information security incidents occur. |
In addition, in the event of incidents, LY Corporation provides emergency e-learning programs to all employees as necessary to quickly raise security awareness.
LY Corporation also provides educational materials such as e-learning programs as necessary for its Group companies to acquire the information security knowledge necessary for their operations.
*Z Holdings Corporation, Yahoo Japan Corporation, and PayPay Corporation provide an e-learning program on information security for all their employees, including temporary and subcontract employees, once every three months. (As of September 30, 2023)