1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Introduction
7 Typical scenarios for value-added services
7.1 User identity authentication
7.2 Subscription service
7.3 Payment for service
7.4 User information demonstration
7.5 Application interface to the external platform
7.6 Password retrieval
8 Threats to value-added services
8.1 Threats to user identity authentication
8.2 Threats to service subscription
8.3 Threats to service payment
8.4 Current examples of threats to user information
8.5 Threats to an application interface with an external platform
8.6 Threats to password retrieval
9 Protection measures
9.1 Basic protection measures
9.2 Protection measures for typical scenarios
Bibliography