Committed to connecting the world

AI for Good Global Summit

Digital Financial Services Security Lab

​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​SecurityLab.jpg

The Digital Financial Services (DFS) Security Lab hosted at the International Telecommunication Union was established in 2020 as  part of the activities of the Financial Inclusion Global Initiative (FIGI).

The DFS Security Lab supports regulators in emerging economies to build confidence and trust in the use of digital financial services by providing the following services:

Knowledge Transfer Programme for Developing Countries

The Lab has a knowledge transfer programme for regulators to verify the security assurance of mobile payment applications based on Android, iOS, and USSD.​​ Its scope of activities includes:

DFS App Security Test

​The DFS Security Lab provides security testing services specifically for regulators overseeing Digital Financial Services (DFS) applications. The lab tests that DFS apps operating on iOS, Android, STK (SIM Toolkit), or USSD (Unstructured Supplementary Service Data) platforms, comply with the minimum app security best practices.

The DFS Security Lab's objective is to assist regulators in fostering a secure and reliable digital financial services environment. By testing and identifying vulnerabilities and proposing improvements.

Cyberresilience Assesment Toolkit

​The Cyber Resilience Toolkit aids DFS regulators and stakeholders, especially in emerging economies, to evaluate and enhance the cyber resilience of critical infrastructure in the DFS sector. It supports preparedness against cyber threats, encourages best practices for defense, and helps improve overall cybersecurity posture​

Strong Authentication resources

​The lab provides resources for developers to test stronger passwor​dless authentication. The lab provides resources for the following strong authentication protocols:

Knowledge Sharing Platform

The ITU Knowledge Sharing Platform for Digital Finance Security aims to enhance collaboration in developing and implementing security guidelines for Digital Financial Services (DFS). Its objectives include updating the DFS security assurance framework, sharing implementation experiences and challenges across jurisdictions, and facilitating direct peer-to-peer communication on DFS security issues.