đź’µ
ITU DFS Security Assurance Framework
  • Acronyms
  • Executive Summary
  • Introduction
  • ITU-T Recommendation X.805 Overview
  • DFS Provider Business Models
  • Elements of DFS ecosystem
  • Security threats
  • DFS Security Assurance Framework
    • Risk assessment methodology
      • Assessment of DFS security vulnerabilities, threats and mitigation Measures
  • DFS security vulnerabilities, threats and mitigation Measures In order to systematical
    • Account and Session Hijacking
    • Attacks against systems and platforms
    • Code Exploitation Attacks
    • Data Misuse
    • Denial of Service Attacks
    • Insider Attacks
    • Man-in-the-middle and social engineering attacks
    • Compromise of DFS Infrastructure
    • Compromise of DFS Services
    • SIM attacks
    • Unauthorized access to DFS data
    • Malware
    • Rogue Devices
    • Unauthorised Access to Mobile Devices
    • Unintended Disclosure of Personal Information
    • Zero-Day Attacks
    • Attacks against credentials
Powered by GitBook
On this page

Acronyms

API

Application Programming Interface

DFS

Digital Financial Services

GW

Gateway

HCE

Hosted Card Emulation

HLR

Home Location Register

HSM

Hardware Security Module

IMEI

International Mobile Equipment Identity

IMSI

International Mobile Subscriber Identity

ISO

International Organization for Standardization

ITU

International Telecommunication Union

ITU FG DFS

ITU Focus Group on Digital Financial Services

IVR

Interactive Voice Response

MFA

Multi-Factor Authentication

MNO

Mobile Network Operator

MSC

Mobile Switching Centre

MSISDN

Mobile Station International Subscriber Directory Number

MST

Magnetic Secure Transmission

MVNO

Mobile Virtual Network Operator

NFC

Near Field Communication

OS

Operating System

OTP

One Time Password

OWASP

Open Web Application Security Project

PA-DSS

Payment Application Data Security Standard

PCI-DSS

Payment Card Industry Data Security Standard

POS

Pont of Sale

PSD2

Payment Services Directive 2

QR Code

Quick Response Code

RP

Relying Party

SCA

Strong Customer Authentication

SE

Secure Element - A formally certified, tamper-resistant, stand-alone integrated circuit often referred to as a “chip” as defined by the European Payments Council or other recognized standards authority.

SIM

Subscriber Identity Module

SMS

Short Messaging Service

STK

SIM Toolkit

TEE

Trusted Execution Environment

TPP

Third-Party (Payment Service) Providers

TSP

Token Service Provider

UICC

Universal Integrated Circuit Card

URL

Uniform Resource Locator

USSD

Unstructured Supplementary Service Data

NextExecutive Summary

Last updated 1 year ago