💵
ITU DFS Security Assurance Framework
  • Acronyms
  • Executive Summary
  • Introduction
  • ITU-T Recommendation X.805 Overview
  • DFS Provider Business Models
  • Elements of DFS ecosystem
  • Security threats
  • DFS Security Assurance Framework
    • Risk assessment methodology
      • Assessment of DFS security vulnerabilities, threats and mitigation Measures
  • DFS security vulnerabilities, threats and mitigation Measures In order to systematical
    • Account and Session Hijacking
    • Attacks against systems and platforms
    • Code Exploitation Attacks
    • Data Misuse
    • Denial of Service Attacks
    • Insider Attacks
    • Man-in-the-middle and social engineering attacks
    • Compromise of DFS Infrastructure
    • Compromise of DFS Services
    • SIM attacks
    • Unauthorized access to DFS data
    • Malware
    • Rogue Devices
    • Unauthorised Access to Mobile Devices
    • Unintended Disclosure of Personal Information
    • Zero-Day Attacks
    • Attacks against credentials
Powered by GitBook
On this page
  • Affected entity: Mobile User
  • Affected entity: DFS Provider
  • Affected entity: DFS Provider, Third-Party Provider
  1. DFS security vulnerabilities, threats and mitigation Measures In order to systematical

Unauthorised Access to Mobile Devices

Threats is characterized as specific attacks against mobile devices from adversaries.

Affected entity: Mobile User

Risk: impersonation and data loss/fraudulent transactions

  • Vulnerability: Inadequate user authentication on the device (SD: Data Confidentiality)

Affected entity: DFS Provider

Risk: DFS user account takeover

  • Vulnerability: Overly permissive access to the DFS infrastructure (SD: Authentication)

Risk: Failed transaction executon

Affected entity: DFS Provider, Third-Party Provider

  • Vulnerability: Inadequate transaction verification (SD: Non-Repudiation)

PreviousRogue DevicesNextUnintended Disclosure of Personal Information

Last updated 2 years ago