Committed to connecting the world

Search
AI for Good Global Summit

Advancing the Digital Payment & Financial Inclusion Agenda Across the Eastern Caribbean

​​​​​​​​​​​​​​​​​The International Telecommunication Union (ITU) recently participated in a regional financial inclusion technical workshop series hosted by the UNCDF-EU-OACP​. The workshop series targeted Eastern Caribbean financial sector regulators, policymakers, and related stakeholders, with a focus on enhancing their skills and knowledge on critical topics.

The first workshop, held in January 2023, covered two central themes:​

  • Regulating, Licensing, and Supervising Virtual Assets (January 17th & 18th, 2023)
  • Cybersecurity for Mobile and Digital Payment Services (January 19th, 2023)

​The Cybersecurity for Mobile and Digital Payment Services session featured participation from the ITU, providing valuable insights and expertise on the Security of Digital Financial Services through a platform of technical, in-depth presentations, peer-exchange, and closed-door discussions, the workshop had the objective of building participants' technical capacity. ​



Programme



​​​Thursday, 19 January 2023

​9:00 - 9:05
Opening Remarks ​
Introduction of the Cybersecurity for mobile and digital payment services
9:05 - 10:50​Addressing Security Risks for Digital Finance (Technical Presentation – Part 1)​

Technological advances are creating an entirely new risk ecosystem in which the risks are interconnected and continuously evolving. When unmanaged, risks can easily spread across multiple aspects of the ecosystem, compromising the business reputation along with customer trust. This session discussed the digital finance security assurance framework that digital finance regulators and providers can implement for managing the threats and vulnerabilities to the digital finance ecosystem as well as the security audit guidelines to assess whether the security controls implemented are providing adequate protection. A mobile payment app security guideline was also shared which can be adopted as a technical guideline or regulation to establish minimum security baselines for developers and digital finance providers to adopt security best practices and international security standards.  

Speakers:
  • "Introduction to DFS Security Lab" Vijay Mauree, Programme Coordinator, Standardization Bureau, ITU ​[Presentation]
  • "Implementing the DFS security assurance framework and security audit for DFS" Arnold Kibuuka, Project Officer, Standardization Bureau [Presentation]
  • "Introduction to EU-LAC Digital Alliance and the EU Cybernet which offer partnership and dialogue around Cybersecurity"  Liina Areng, Regional Program Lead at EU Cybernet
  • "Cybersecurity risks ecosystem and approach to public-private partnerships in digital finance" Johan Rosén, Head of Risk Control in Digital Banking & IT Department at Swedbank
  • Annie Bertrand, Regional Harmonization Specialist, UNCDF
Related Reports:​
​10:50 - 11:00
 ​Coffee Break
​11:00 - 13:00
Addressing Security Risks for Digital Finance (Technical Presentation – Part 2​)

This session highlighted the vulnerabilities to USSD and STK and Android based mobile payment applications. Threats like Man in the middle attacks that could impact digital financial services and the SIM jacker vulnerability in SIM Cards would be discussed. The session also provided and an overview of the security tests that can be undertaken in the DFS Security Lab at ITU.  It also intended to focus on the recommendations for DFS regulators and providers to adopt to mitigate vulnerabilities in the telecom network such as SS7, SIM related fraud like SIM swaps, SIM recycling, and attacks on SIMs like binary over the air attacks. The session also provided insights on how the Central Bank and Telecom regulator could collaborate and work together to address security risks to the DFS ecosystem.

Related Reports:
Speakers:​
  • "Using the DFS security assurance framework"  Venkatesen Mauree, Programme Coordinator, Standardization Bureau, ITU 
  • ITU DFS Security Recommendations (SIM Swap and SS7 security recommendations & DFS consumer competence framework, MOU) Arnold Kibuuka, Project Officer, Standardization Bureau, ITU [​Presentation]
  • Annie Bertrand, Regional Harmonization Specialist, UNCDF
​13:00- 14:30
Lunch Break 
14:30 - 15:00​
ITU Application of Standards Exercise 

This session led by ITU was to support policymakers to apply global standards for cybersecurity for mobile money and digital finance as part of an interactive, in-person activity. 
15:00 - 17:00​Cybersecurity Simulation Exercise 

Building on the previous exercise, this session was intended to provide a Cybersecurity for financial services simulation exercise for policymakers, to consider breaches, actions and communication plans in the event of cyber threats across the financial sector. Participants from both the financial sector and telecommunication sectors were welcome to join in this simulation activity. 

​​​​.



© ITU All Rights Reserved

Back to top