iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/TS 12812-2:2017

(Main)

Core banking — Mobile financial services — Part 2: Security and data protection for mobile financial services

Core banking — Mobile financial services — Part 2: Security and data protection for mobile financial services

ISO 12812-2:2017 describes and specifies a framework for the management of the security of MFS. It includes - a generic model for the design of the security policy, - a minimum set of security requirements, - recommended cryptographic protocols and mechanisms for mobile device authentication, financial message secure exchange and external authentication, including the following: point-to-point aspects to consider for MFS; end-to-end aspects to consider; security certification aspects; generation of mobile digital signatures; - interoperability issues for the secure certification of MFS, - recommendations for the protection of sensitive data, - guidelines for the implementation of national laws and regulations (e.g. anti-money laundering and combating the funding of terrorism (AML/CFT), and - security management considerations. In order to avoid the duplication of standardization work already performed by other organizations, this document will reference other International Standards as required. In this respect, users of this document are directed to materials developed and published by ISO/TC 68/SC 2 and ISO/IEC JTC 1/SC 27.

Opérations bancaires de base — Services financiers mobiles — Partie 2: Sécurité et protection des données pour les services financiers mobiles

General Information

Status
Published
Publication Date
27-Mar-2017
ICS
03.060 - Finances. Banking. Monetary systems. Insurance
Technical Committee
ISO/TC 68/SC 9 - Information exchange for financial services
Drafting Committee
ISO/TC 68/SC 9 - Information exchange for financial services
Current Stage
9060 - Close of review
Start Date
04-Jun-2027
Ref Project

Buy Standard

ISO/TS 12812-2:2017 - Core banking -- Mobile financial servicesISO/TS 12812-2:2017 - Core banking -- Mobile financial services
PreviousNext
Technical specification
ISO/TS 12812-2:2017 - Core banking -- Mobile financial services
English language
56 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/TS
SPECIFICATION 12812-2
First edition
2017-03
Core banking — Mobile financial
services —
Part 2:
Security and data protection for
mobile financial services
Opérations bancaires de base — Services financiers mobiles —
Partie 2: Sécurité et protection des données pour les services
financiers mobiles
Reference number
ISO/TS 12812-2:2017(E)
©
ISO 2017

---------------------- Page: 1 ----------------------
ISO/TS 12812-2:2017(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/TS 12812-2:2017(E)

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Abbreviated terms . 4
5 Summary of the technical nature of the clauses . 5
6 Security management considerations . 7
6.1 General . 7
6.2 Three-layer model to manage security for mobile financial services. 8
6.2.1 Process layer . 9
6.2.2 Application layer .10
6.2.3 Infrastructure layer .10
7 Security principles and minimum requirements for mobile financial services .11
7.1 Security architecture aspects to be considered .11
7.2 Mobile financial services hardening techniques overview .13
7.2.1 General.13
7.2.2 Mobile device hardening techniques overview .13
7.2.3 Wireless networks hardening techniques overview .13
7.2.4 Secure remote management of mobile device components using OTA .14
7.2.5 Mobile financial applications hardening techniques .14
7.2.6 Platform security services .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 18245:2023(Main)
Retail financial services — Merchant category codes

This document defines code values used to enable the classification of merchants into specific categories based on the type of business, trade or services supplied. Values are specified only for those merchant categories that are generally expected to originate retail financial transactions. It is not within the scope of this document to mandate the use of merchant category codes in any given situation.

  • Standard
    2 pages
    English language
    sale 15% off
ISO
ISO/TR 22126-3:2023(Main)
Financial services — Semantic technology — Part 3: Semantic enrichment of the ISO 20022 conceptual model

This document examines semantic enrichment to support the maintenance of the ISO 20022 conceptual model. It reports on existing and proposed practices to enrich a model: — in a repository, annotating repository concepts with metadata using semantic markup or constraints; — outside a repository, using references to repository concepts, such as the provenance of changes.

  • Technical report
    12 pages
    English language
    sale 15% off
ISO
ISO/TR 7340:2023(Main)
Reference data distribution in financial services

This document discusses the modes, related mainstream technologies, logical models, physical implementation models, data management (data storage and data security) and service quality control used in the reference data distribution in financial services. This document applies to the reference data distribution and transmission processes in financial services.

  • Technical report
    15 pages
    English language
    sale 15% off
  • Draft
    15 pages
    English language
    sale 15% off
  • Draft
    15 pages
    English language
    sale 15% off
ISO
ISO/TR 22126-5:2022(Main)
Financial services — Semantic technology — Part 5: Mapping from FIX Orchestra to the common model

This document reports on a study to map messages defined using FIX Orchestra into the ISO 20022 model.

  • Technical report
    6 pages
    English language
    sale 15% off
ISO
ISO 3531-3:2022(Main)
Financial services — Financial information eXchange session layer — Part 3: FIX session layer test cases

This document provides a set of mandatory and optional conformity tests applicable to all versions of the FIX session layer standard.

  • Standard
    15 pages
    English language
    sale 15% off
  • Draft
    15 pages
    English language
    sale 15% off
ISO
ISO 3531-1:2022(Main)
Financial services — Financial information eXchange session layer — Part 1: FIX tagvalue encoding

This document provides the normative specification of the FIX tagvalue encoding, which is one of the possible syntaxes for FIX messages.

  • Standard
    17 pages
    English language
    sale 15% off
  • Draft
    17 pages
    English language
    sale 15% off
ISO
ISO 3531-2:2022(Main)
Financial services — Financial information eXchange session layer — Part 2: FIX session layer

This document provides the normative specification of the FIX session layer standard and its session profiles.

  • Standard
    79 pages
    English language
    sale 15% off
ISO
ISO 5116-2:2021(Main)
Improving transparency in financial and business reporting — Harmonization topics — Part 2: Guidelines for data point modelling

This document provides guidelines for data point modelling for supervising experts. The main body consists of four sections. The interrogative form helps in choosing which section may best answer your question and lead you to a good understanding of the subject matter. After this first introductory section and the section containing terms and definitions, the main part starts to provide basic knowledge about different types of data models and data modelling approaches. The first and the second sections provide an overview of data models in general, in contrast to the third section that highlights the necessity of data modelling for supervisory data. This third section draws on the objectives and background information of the preceding sections. Furthermore, a paragraph classifies the Data Point Model introduced by the Eurofiling Initiative and elaborated by EIOPA and EBA, where many new terms related to DPM are introduced. Another paragraph explains the areas of application for the DPM. The third section concludes with a paragraph introducing a subset of the technical constrains that need to be considered in the creation process of the DPM. The fourth section gives step-by-step instructions on how to create a DPM. The paper concludes with remarks on the progress achieved so far, and provides an outlook on the software that is being developed at the moment to support you during the creation process.

  • Standard
    36 pages
    English language
    sale 15% off
  • Draft
    36 pages
    English language
    sale 15% off
ISO
ISO 5116-3:2021(Main)
Improving transparency in financial and business reporting — Harmonization topics — Part 3: Mapping between DPM and MDM

This document aims to provide an introduction to the topic of creating a conceptual model for storing multidimensional data which is received as XBRL instances that follow the rules defined by European taxonomies published by the European Banking Authority (EBA) or by the European Insurance and Occupational Pensions Authority (EIOPA).

  • Standard
    52 pages
    English language
    sale 15% off
  • Draft
    52 pages
    English language
    sale 15% off
ISO
ISO 5116-1:2021(Main)
Improving transparency in financial and business reporting — Harmonization topics — Part 1: European data point methodology for supervisory reporting

This document defines the Data Point Methodology for the creation of Data Point Models in the context of European supervisory reporting. Data Point Models are published by a European supervisory authority. To reflect the defined structures in a machine-readable form, they can be accompanied by an XBRL taxonomy. It is also possible to extend the described methodology to other environments.

  • Standard
    18 pages
    English language
    sale 15% off
  • Draft
    18 pages
    English language
    sale 15% off