Page 7 - FIGI Digital Financial Services security assurance framework
P. 7
8.12 Threat: Unauthorized access to DFS data ..................................................................34
8.13 Threat: Malware .................................................................................................................... 37
8.14 Threat: Zero-Day Attacks .................................................................................................38
8.15 Threat: Rogue Devices .......................................................................................................39
8.16 Threat: Unauthorised Access to Mobile Devices .....................................................39
8.17 Threat: Unintended Disclosure of Personal Information.......................................39
9 Template for application security best practices �������������������������������������������������� 40
9.1 Device and Application Integrity .................................................................................. 40
9.2 Communication Security and Certificate Handling ............................................... 40
9.3 User Authentication .............................................................................................................41
9.4 Secure Data Handling .........................................................................................................41
9.5 Secure Application Development...................................................................................41
10 DFS Security Incident management ��������������������������������������������������������������������������42
Annex 1 Detailed DFS ecosystem infrastructure and threats ���������������������������������������43
Digital Financial Services Security Assurance Framework 5
