ISO/TS 12812-2:2017
Current
The latest, up-to-date edition.
Core banking — Mobile financial services — Part 2: Security and data protection for mobile financial services
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
English
28-03-2017
ISO 12812-2:2017 describes and specifies a framework for the management of the security of MFS. It includes
- a generic model for the design of the security policy,
- a minimum set of security requirements,
- recommended cryptographic protocols and mechanisms for mobile device authentication, financial message secure exchange and external authentication, including the following:
- point-to-point aspects to consider for MFS;
- end-to-end aspects to consider;
- security certification aspects;
- generation of mobile digital signatures;
- interoperability issues for the secure certification of MFS,
- recommendations for the protection of sensitive data,
- guidelines for the implementation of national laws and regulations (e.g. anti-money laundering and combating the funding of terrorism (AML/CFT), and
- security management considerations.
In order to avoid the duplication of standardization work already performed by other organizations, this document will reference other International Standards as required. In this respect, users of this document are directed to materials developed and published by ISO/TC 68/SC 2 and ISO/IEC JTC 1/SC 27.
Committee |
ISO/TC 68/SC 9
|
DevelopmentNote |
Supersedes ISO/DIS 12812-2. (03/2017)
|
DocumentType |
Technical Specification
|
Pages |
56
|
ProductNote |
THIS STANDARD ALSO REFERS TO ISO 11568, ETSI EN 319 102, ISO 15782
|
PublisherName |
International Organization for Standardization
|
Status |
Current
|
Standards | Relationship |
IS/ISO/TS 12812 : Part 2 : 2017 | Identical |
PD ISO/TS 12812-2:2017 | Identical |
PD ISO/TS 12812-3:2017 | Core banking. Mobile financial services Financial application lifecycle management |
PD ISO/TS 12812-5:2017 | Core banking. Mobile financial services Mobile payments to businesses |
ISO/TS 12812-3:2017 | Core banking — Mobile financial services — Part 3: Financial application lifecycle management |
ISO/TS 12812-5:2017 | Core banking — Mobile financial services — Part 5: Mobile payments to businesses |
ISO/IEC 18031:2011 | Information technology Security techniques Random bit generation |
ISO/IEC 17065:2012 | Conformity assessment — Requirements for bodies certifying products, processes and services |
ISO/IEC 17025:2005 | General requirements for the competence of testing and calibration laboratories |
ISO 19092:2008 | Financial services — Biometrics — Security framework |
ISO/IEC 9796-3:2006 | Information technology — Security techniques — Digital signature schemes giving message recovery — Part 3: Discrete logarithm based mechanisms |
ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
ISO/TS 12812-4:2017 | Core banking — Mobile financial services — Part 4: Mobile payments-to-persons |
ISO 16609:2012 | Financial services — Requirements for message authentication using symmetric techniques |
ISO 12812-1:2017 | Core banking — Mobile financial services — Part 1: General framework |
ISO/TR 14742:2010 | Financial services Recommendations on cryptographic algorithms and their use |
ISO/IEC 18092:2013 | Information technology — Telecommunications and information exchange between systems — Near Field Communication — Interface and Protocol (NFCIP-1) |
ISO 22307:2008 | Financial services — Privacy impact assessment |
ISO/IEC 9796-2:2010 | Information technology Security techniques Digital signature schemes giving message recovery Part 2: Integer factorization based mechanisms |
ISO/IEC 24759:2017 | Information technology Security techniques Test requirements for cryptographic modules |
ISO 21188:2006 | Public key infrastructure for financial services Practices and policy framework |
ISO/TS 12812-3:2017 | Core banking — Mobile financial services — Part 3: Financial application lifecycle management |
ISO/TS 12812-5:2017 | Core banking — Mobile financial services — Part 5: Mobile payments to businesses |
ISO/IEC 29100:2011 | Information technology — Security techniques — Privacy framework |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.