The Security, Infrastructure, and Trust Working Group is led by ITU and is composed of four workstreams:
- Security
- Distributed Ledger Technology for Financial Inclusion (DLT-FI)
- Quality of Service
- Trust
The main activities of the Security, Infrastructure, and Trust Working Group are:
- DFS Application Security: Conduct systematic research to investigate the security of USSD, STK toolkit and biometrics use in DFS to develop best practices for developers and security measures and controls for mitigating such risks
- Establish lab/sandbox in ITU for security testing of DFS applications
- Infrastructure Security: Develop security measures to mitigate the risk of SS7 vulnerabilities and other cybersecurity-related threats which could impact the DFS provider network and payment system infrastructure
- Security Assurance Framework for DFS: Develop tools to assess DFS provider security compliance, for user confidence, with respect to safeguarding the privacy of customer data, preventing fraud in DFS and resilience of the DFS system to cyber attacks
- Develop regulatory and policy guidelines to address digital fraud and protect the privacy of consumer data in Digital Financial Services to create trust in consumer use of DFS (i.e. address cases of social engineering, Ponzi schemes, data security, and privacy issues).
- Investigate distributed ledger technology security in DFS
- Undertake research to investigate KPIs for QoS monitoring based on FG DFS report on QoS, and develop a technical and regulatory toolkit on QoS measurement for telecom regulators
- Investigate interoperable authentication technologies for securing DFS
- Organize workshops on topics of interest to the Security, Infrastructure and Trust Working group to disseminate the outputs for adoption by DFS stakeholders
Link to access the meeting documents.