Page 18 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition
P. 18
ITU-T Focus Group Digital Financial Services
Technology, Innovation and Competition
A key feature of this ecosystem is communication between the customer and the back-end services through a
variety of communication media. In advanced systems, these interactions may occur directly over IP networks,
but in many cases, and in the vast legacy systems in use, other methods of connectivity are employed, including
short message service (SMS), unstructured supplementary service data (USSD), or cellular voice (via interactive
voice response (IVR)).
Security vulnerabilities can be present and capitalized on by adversaries at any of the many interfaces between
these parties. Security must therefore be a primary design and implementation consideration within every
connected component of the system in order to ensure end-to-end security. In the optimal functioning of
the ecosystem, each principal would be independently secure, i.e., they would not rely on trusting any other
party in the system. For end-to-end security, it is necessary that critical information be encrypted to ensure
confidentiality of DFS transactions. Transactions themselves must be authenticated following best practice
from the global payments industry.
2.2 Security planes and layers
With reference to the security architecture set out in [ITU-T X.805] and referenced earlier in this document,
we consider the security layers for DFS:
• The infrastructure security layer is comprised of various pieces of hardware, including the equipment of
MNO and DFS operators, networking connections, and mobile devices.
• The applications security layer includes all software elements of the system and mobile devices.
• The services security layer includes all subcontractors’ services, such as the Internet, leased transport
lines, content providers, etc.
Similarly, the three security planes as defined in [ITU-T X.805] are interpreted for DFS as follows:
• The end user security plane defines the rules for the customer: How to choose the mobile device; how
to treat it; how to repair it; and how to be careful when downloading applications to the mobile device.
Agent training to provide this information to the customer would also fall within the end user plane.
• The management security plane defines the rules for the O&M of the system by the DFS operator’s staff
(instructions, regulations, access, etc.).
• The control security plane relates to the operation of controlling systems and signals, such as: Measurement
procedures; synchronization; transaction monitoring; etc.
When considering these security layers and planes, the end-to-end system may be represented as a matrix
forming the intersection of the three security layers with the three security planes. However, since both the
management and control security planes represent service elements under the control of a single entity – the
service provider/operator – we may consider these security planes as merged. The result is a simplified cross
reference, as illustrated in Figure 3, which represents the responsibilities across each layer of:
• Personnel of service providers and subcontractors,
• Subscribers (end users).
4
