Page 34 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition
P. 34
ITU-T Focus Group Digital Financial Services
Technology, Innovation and Competition
3.8 External service providers
Role within the ecosystem
External providers allow for the interfacing between carrier-based mobile money systems and provide the
basis for connecting with back-end financial systems. Other roles that can be assumed by these external
providers include operating the IT system or performing customer support, and, in some cases, they may
interface directly between DFS systems. If providers are performing these latter roles, then in addition to the
vulnerabilities and recommended mitigations listed below, they may also be acting in roles more associated
with IT service providers and network operations, in which case the vulnerabilities discussed under those roles
must also be considered.
Security threats and vulnerabilities
Non-repudiation
Without the use of digital signatures on data processed and stored in the external service provider network,
non-repudiation is not a property that can be provided.
Data confidentiality
Data is subject to exposure if encryption is not rigorously employed within and between provider networks.
Threats arise from information that is retrieved from outside the provider’s network perimeter (i.e., the
external network), while the insider threat exists within the network perimeter (i.e., the internal network).
Additionally, data can be exposed if systems within the provider network are infected with malware, which
can be transmitted both over the network and through malicious peripheral devices attached to host systems
(e.g., malicious USB flash drives, or keyloggers installed in a keyboard). Such devices can exfiltrate data from
the provider environment back to the adversary.
Data integrity
An attacker who is able to gain access to external provider databases, e.g. through compromising software
vulnerabilities, has the ability to tamper with financial data and sensitive provider information. In particular,
the interfaces between networks provide a potential point of entry for an adversary and must be closely
monitored. Additionally, data at rest is only as secure as the protections put in place on the hosts and servers
storing this information. A server on which security updates are not rigorously updated can be victimized by
malware and rootkits. All machines facing a public network interface are potentially subject to network-based
exploit, including “zero-day” attacks that have never previously been seen. Systems can also be compromised
through other I/O interfaces such as CD/DVD drives, USB ports, and other peripheral interfaces where devices
can potentially inject malicious code and data.
Recommendations for mitigation strategies
R19 – Employ strong cryptography practices to assure confidentiality and integrity of data as it enters the
provider network and as it is processed and stored within this environment. Ensuring that data is encrypted
as it enters the network mitigates external threats to confidentiality, while ensuring that all sensitive consumer
data such as PINs and passwords are encrypted within the internal network and while at rest mitigates internal
threats against this data.
R20 – Keep systems up to date and monitored against malicious threats from outside code and employ
robust input validation routines on external-facing services. Such measures may include the use of virus and
malware detection software on systems, robust filtering within provider networks, and blacklisting known-
malicious apps prior to their download by customers.
20
