Penetration Testing Service within the Scope of Trust Stamp
On June 6, 2017, with the Communiqué on Trust Stamp in Electronic Commerce published in the Official Gazette, the Trust Stamp application implemented by the Ministry of Trade was defined as an electronic sign that e-commerce sites comply with minimum security and service quality standards. The Union of Chambers and Commodity Exchanges of Turkey is authorized as the Trust Stamp provider. E-commerce service providers who want to have the Trust Stamp can make their applications through the relevant website of the Union of Chambers and Commodity Exchanges of Turkey https://www.guvendamgasi.org.tr/
The Trust Stamp is allocated to e-commerce service providers on an annual basis. Service providers are required to conduct the necessary penetration tests every year and meet the minimum conditions and measures in order to maintain the ownership of the Trust Stamp.
You can access the communiqué published on the Trust Seal application process and minimum requirements via the relevant link;
https://www.mevzuat.gov.tr/mevzuat?MevzuatNo=23634&MevzuatTur=9&MevzuatTertip=5
As Esbilgi Technologies, as a TSE approved Penetration Testing company, we provide penetration testing service within the scope of the Trust Stamp you need.
ESBILGI is authorized by TSE as a DDO Audit company with TS-004 code.
To get an audit offer, you can send an e-mail to info@esbilgi.com or contact us at 0 216 606 02 87.
Güven Damgasını Almak için Gerekli Şartlar nelerdir?
SSL
Güven Damgasına sahip olmak isteyen hizmet sağlayıcıların, kişisel veri ve ödeme bilgisi içeren her türlü işleminin internet sitesi, mobil site ve uygulamada EV SSL veya SSL ile gerçekleştirilmesi gerekmektedir.
Sızma testi
Güven Damgasına başvuracak hizmet sağlayıcıların, başvuruda bulunmadan en fazla üç ay önce TSE tarafından onaylanmış A sınıfı veya B sınıfı sızma testi firmalarından hizmet alarak sızma testlerini yaptırıp gerekli önlemleri almalı ve bu önlemleri aldığına dair doğrulama testlerini yaptırmalıdır.
Güven Damgasına sahip olan firmaların damgayı her yıl yenilemek için mutlaka yılda bir kez TSE onaylı A sınıfı veya B sınıfı sızma testi firmalarından hizmet alıp sızma testlerini yaptırması gerekmektedir.
E-commerce companies wishing to allocate Trust Stamps were categorized in three classes as low, medium and high transaction volume according to their transaction volumes in the last year for penetration tests.
o Low Trading Volume: 0 – 20.000 transaction
o Medium Trading Volume: 20.000 – 1.000.000 transaction
o High Trading Volume: 1.000.000 ve over processing
E-commerce service providers who will apply for the Trust Stamp must undertake to comply with the following legal obligations prior to application.
o Bank Cards and Credit Cards Law No. 5464
o Law No. 5651 on the Regulation of Publications on the Internet and Combating Crimes Committed through These Publications
o Law No. 6493 on Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions
o Law No. 6502 on Consumer Protection
o Law No. 6563 on the Regulation of Electronic Commerce
o Law No. 6698 on the Protection of Personal Data
The service provider to apply for the trust stamp takes measures against content that may adversely affect the physical, mental, moral, psychological and social development characteristics of children in the electronic commerce environment.
It provides or enables the provision of stock information, content, material, dimensions of the goods subject to electronic commerce, details regarding the use and warranty, if any, technical support and by whom these will be provided, visuals that make it possible to understand the actual dimensions, issues such as supply, cargo and delivery time, necessary information about the status of the order and cargo tracking until the order is delivered to the buyer.
Provides the opportunity to communicate with customer service so that the buyer can receive information about his/her order and communicate his/her requests and complaints through at least one of the internet-based communication methods and via telephone. It ensures that requests and complaints are managed and finalized effectively and that the buyer is informed about the issue.
If the service provider and intermediary service provider who wants to receive a trust stamp is bankrupt, the reputation must be restored.
What are the Documents Required for Trust Stamp Application?
• Safety test result
• Written statement
• Membership agreement
• EV SSL
• Tax Certificate
• Signature circular
• Criminal record certificate
• Decal.
References
Some of our customers who prefer us in the field of Information Security and Cyber Security.