Page 5 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition

P. 5

Table of Contents

Table of Contents iii

Executive Summary xi

I Security Aspects of Digital Financial Services (DFS) 1

1 Introduction 2

2 Recommendation ITU-T X.805 Security Management Standard 2
2.1 Security stakeholders in the DFS ecosystem 3
2.2 Security planes and layers 4
2.3 X.805 Security dimensions and Y.2740 security levels 5

3 Components of DFS ecosystem 7
3.1 Mobile device hardware 7
3.2 DFS application (software) 8
3.3 Mobile phone operating system 11
3.4 Mobile phone SIM card 13
3.5 Mobile network: Base station and link to handset 14
3.6 Mobile network: Network operations 17
3.7 DFS operator services 19
3.8 External service providers 20

4 Guidelines for protecting data confidentiality, integrity and availability 21
4.1 Policies and access control 21
4.2 Systems development 22
4.3 Audit and response 23

5 Conclusion 25

II Identity and Authentication 27

Executive summary 28

1 Introduction 30
1.1 Context 30
1.2 The UN and the 17 sustainable development goals (SDG) 30
1.3 Legal identity, digital identity, and DFS 31

2 What is digital identity? 32
2.1 Core definition 32
2.2 Derived digital identities 33
2.3 Level of assurance 34
2.4 Digital identity architectures 34
2.5 Types of digital identity 35

3 Technology supporting digital identity 37
3.1 Identification technologies 38

iii

1 2 3 4 5 6 7 8 9 10