iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/TS 12812-3:2017

(Main)

Core banking — Mobile financial services — Part 3: Financial application lifecycle management

Core banking — Mobile financial services — Part 3: Financial application lifecycle management

ISO/TS 12812-3:2017 specifies the interoperable lifecycle management of applications used in mobile financial services. As defined in ISO 12812‑1, an application is a set of software modules and/or data needed to provide functionality for a mobile financial service. This document deals with different types of applications which is the term used to cover authentication, banking and payment applications, as well as credentials. Clause 5 describes the basic principles required, or to be considered, for the application lifecycle management. Because several implementations are possible with impacts on the lifecycle, this document describes the different architectures for the location of the application and the impacts of the different scenarios regarding the issuance of the secure element when present (see Clause 6), the different roles for the management of the application lifecycle and the domains of responsibilities (see Clause 7). It also specifies functions and processes in the application lifecycle management (see Clause 8) and describes scenarios of service models and roles of actors (see Clause 9).

Opérations bancaires de base — Services financiers mobiles — Partie 3: Gestion du cycle de vie des applications financières

General Information

Status
Published
Publication Date
27-Mar-2017
ICS
03.060 - Finances. Banking. Monetary systems. Insurance
Technical Committee
ISO/TC 68/SC 9 - Information exchange for financial services
Drafting Committee
ISO/TC 68/SC 9 - Information exchange for financial services
Current Stage
9093 - International Standard confirmed
Start Date
29-Jul-2025
Completion Date
02-Aug-2025
Ref Project

Buy Standard

ISO/TS 12812-3:2017 - Core banking -- Mobile financial servicesISO/TS 12812-3:2017 - Core banking -- Mobile financial services
PreviousNext
Technical specification
ISO/TS 12812-3:2017 - Core banking -- Mobile financial services
English language
12 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


TECHNICAL ISO/TS
SPECIFICATION 12812-3
First edition
2017-03
Core banking — Mobile financial
services —
Part 3:
Financial application lifecycle
management
Opérations bancaires de base — Services financiers mobiles —
Partie 3: Gestion du cycle de vie des applications financières
Reference number
©
ISO 2017
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 2
5 Basic principles for application lifecycle management . 2
5.1 General . 2
5.2 Portability of MFSs . 2
5.3 Entities involved in the application lifecycle management . 3
5.4 Security and privacy . 3
5.5 Risk assessment . 3
5.6 Support of multiple applications and multiple MFSPs . 3
5.7 User Interface and branding. 3
5.8 Customer relationship management . 3
5.9 Common APIs . 4
5.10 Terms of service . 4
6 Location of the application . 4
6.1 General . 4
6.2 Different types of secure environments . 4
6.3 Scenarios for mobile proximate payments . 4
6.4 Scenarios for mobile remote payments . 5
6.4.1 General. 5
6.4.2 Payment credentials . 5
6.4.3 Application . 5
6.5 Scenarios for mobile banking . 5
7 Service management roles . 5
7.1 General . 5
7.2 MFSP domain roles . 6
7.3 SE provider domain roles . 7
8 Application lifecycle: functions and processes . 7
8.1 General . 7
8.2 Functions . 7
8.3 Processes . 8
9 Scenarios for service models . 9
9.1 General . 9
9.2 Scenario 1: UICC . 9
9.3 Scenario 2: Embedded secure element . 9
9.4 Scenario 3: Secure micro SD card .10
9.4.1 General.10
9.4.2 Secure micro SD card provided by the MFSP .10
9.4.3 Secure micro SD card provided by a third party .10
9.4.4 Secure micro SD card for contactless payment .10
9.5 Scenario 4: Trusted execution environment .10
9.6 Scenario 5: Mobile application located in the mobile device host .11
9.7 Scenario 6: Mobile application on a secured server .11
Bibliography .12
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO’s adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: w w w . i s o .org/ iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 68, Financial Services, Subcommittee
SC 7, Core Banking.
A list of all the parts in the ISO 12812 series can be found on the ISO website.
iv © ISO 2017 – All rights reserved

Introduction
The use of mobile devices to conduct financial services (i.e. payments and banking) is occurring
following the steady rise of the number of customers using the Internet for these services. As an
evolving market, mobile financial services are being developed and implemented on various bases
throughout the different regions of the world and also among the various providers of such services.
In these conditions, the purpose of the ISO 12812 series is to facilitate and promote interoperability,
security and quality of mobile financial services while making sure that stakeholders in the services
can benefit from the evolution, and service providers remain as commercially free and competitive as
possible to design their own implementations in pursuing their own business strategies. This document
addresses the interoperability only at the technical layer by considering the impact of new components
and/or interfaces induced by the introduction of a mobile device in financial services. The intentions of
the ISO 12812 series are:
a) to advance interoperability of mobile financial services globally by defining requirements based
on a common terminology and basic principles for the design and operation of mobile financial
services;
b) to define technical components and their interfaces, as well as roles that may be performed by
different actors in addition to mobile financial service providers (e.g. mobile network operators,
trusted service managers). These components and their interfaces, as well as roles, are defined
according to identified use cases. Future use cases may be considered during the maintenance of
the ISO 12812 series;
c) to identify existing standards on which mobile financial services should be based, as well as
possible gaps.
Standardization effort in this area is beneficial for a sound development of the mobile financial services
market because it will:
— facilitate and promote interoperability between the different components or functions building
mobile financial services;
— build a safe environment so that consumers and merchants can trust the service and allow the
mobile financial service providers to manage their risks;
— promote consumer protection mechanisms including fair contract terms, rules on transparency of
charges, clarification of liability, complaints mechanisms and dispute resolution;
— enable the consumer to choose from different providers of devices or mobile financial services
including the possibility to contract with several mobile financial service prov
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/TR 22126-2:2025(Main)
Financial services — Semantic technology — Part 2: OWL representation of the ISO 20022 metamodel and e-repository

This document is concerned with the representation of the ISO 20022 e-Repository contents in RDF and OWL by developing a case study around the ISO 20022 auth.016 sample message (hereafter simply referred to as “auth.016”). This includes: a) transformation of the sample message into an RDF instance graph; b) demonstrating a set of SPARQL rules that transform the auth.016 message into a FIX TradeCaptureReport(35=AE) message (hereafter simply referred to as “FIX AE”); c) expressing the metamodel, business components and message components exactly with a custom RDF vocabulary; d) representing those schemas as OWL schemas using OWL vocabulary when possible and annotation properties otherwise; e) creating instance graphs for the auth.016 sample messaging using the vocabulary of the business components and message components. This document also discusses the choices that arise in structuring RDF documents equivalent to documents in XML, and FIX Tag-Value format balancing considerations such as preserving the order of parts of the message versus creating graphs that are suitable for RDFS and OWL inference.

  • Technical report
    45 pages
    English language
    sale 15% off
ISO
ISO 18245:2023(Main)
Retail financial services — Merchant category codes

This document defines code values used to enable the classification of merchants into specific categories based on the type of business, trade or services supplied. Values are specified only for those merchant categories that are generally expected to originate retail financial transactions. It is not within the scope of this document to mandate the use of merchant category codes in any given situation.

  • Standard
    2 pages
    English language
    sale 15% off
ISO
ISO/TR 22126-3:2023(Main)
Financial services — Semantic technology — Part 3: Semantic enrichment of the ISO 20022 conceptual model

This document examines semantic enrichment to support the maintenance of the ISO 20022 conceptual model. It reports on existing and proposed practices to enrich a model: — in a repository, annotating repository concepts with metadata using semantic markup or constraints; — outside a repository, using references to repository concepts, such as the provenance of changes.

  • Technical report
    12 pages
    English language
    sale 15% off
ISO
ISO/TR 7340:2023(Main)
Reference data distribution in financial services

This document discusses the modes, related mainstream technologies, logical models, physical implementation models, data management (data storage and data security) and service quality control used in the reference data distribution in financial services. This document applies to the reference data distribution and transmission processes in financial services.

  • Technical report
    15 pages
    English language
    sale 15% off
ISO
ISO/TR 22126-5:2022(Main)
Financial services — Semantic technology — Part 5: Mapping from FIX Orchestra to the common model

This document reports on a study to map messages defined using FIX Orchestra into the ISO 20022 model.

  • Technical report
    6 pages
    English language
    sale 15% off
ISO
ISO 3531-3:2022(Main)
Financial services — Financial information eXchange session layer — Part 3: FIX session layer test cases

This document provides a set of mandatory and optional conformity tests applicable to all versions of the FIX session layer standard.

  • Standard
    15 pages
    English language
    sale 15% off
ISO
ISO 3531-2:2022(Main)
Financial services — Financial information eXchange session layer — Part 2: FIX session layer

This document provides the normative specification of the FIX session layer standard and its session profiles.

  • Standard
    79 pages
    English language
    sale 15% off
ISO
ISO 3531-1:2022(Main)
Financial services — Financial information eXchange session layer — Part 1: FIX tagvalue encoding

This document provides the normative specification of the FIX tagvalue encoding, which is one of the possible syntaxes for FIX messages.

  • Standard
    17 pages
    English language
    sale 15% off
ISO
ISO 5116-1:2021(Main)
Improving transparency in financial and business reporting — Harmonization topics — Part 1: European data point methodology for supervisory reporting

This document defines the Data Point Methodology for the creation of Data Point Models in the context of European supervisory reporting. Data Point Models are published by a European supervisory authority. To reflect the defined structures in a machine-readable form, they can be accompanied by an XBRL taxonomy. It is also possible to extend the described methodology to other environments.

  • Standard
    18 pages
    English language
    sale 15% off
ISO
ISO 5116-2:2021(Main)
Improving transparency in financial and business reporting — Harmonization topics — Part 2: Guidelines for data point modelling

This document provides guidelines for data point modelling for supervising experts. The main body consists of four sections. The interrogative form helps in choosing which section may best answer your question and lead you to a good understanding of the subject matter. After this first introductory section and the section containing terms and definitions, the main part starts to provide basic knowledge about different types of data models and data modelling approaches. The first and the second sections provide an overview of data models in general, in contrast to the third section that highlights the necessity of data modelling for supervisory data. This third section draws on the objectives and background information of the preceding sections. Furthermore, a paragraph classifies the Data Point Model introduced by the Eurofiling Initiative and elaborated by EIOPA and EBA, where many new terms related to DPM are introduced. Another paragraph explains the areas of application for the DPM. The third section concludes with a paragraph introducing a subset of the technical constrains that need to be considered in the creation process of the DPM. The fourth section gives step-by-step instructions on how to create a DPM. The paper concludes with remarks on the progress achieved so far, and provides an outlook on the software that is being developed at the moment to support you during the creation process.

  • Standard
    36 pages
    English language
    sale 15% off