The International Telecommunication Union (ITU) is pleased to invite you to the live webinar "Episode 4: Securing the USSD and STK Infrastructure for Mobile Payments" taking place on 28 May 2025 from 15:00 – 16:00 CEST via Zoom. This webinar is the fourth in our series on digital financial service security, organized as part of the ITU DFS Security Lab activities.
Building on discussions about SS7 and mobile payment app security in previous episodes, this session focuses on the security of Unstructured Supplementary Service Data (USSD) and SIM Toolkit (STK), critical technologies for mobile financial services, particularly in diverse markets. A key highlight will be the newly established Recommendation ITU-T X.1456: Security guidelines for digital financial service (DFS) applications based on unstructured supplementary service data (USSD) and subscriber identification module tool kit (STK), exploring the recommendations for securing mobile payments.
USSD is a key access method for digital finance in regions with limited smartphone access. It allows users to manage finances via simple menu-based interactions on basic phones, making it vital for financial inclusion. Despite the simplicity, USSD and STK face unique security challenges. Addressing these is essential for protecting users and ensuring the integrity of the mobile payment ecosystem.
This webinar will cover:
- Key vulnerabilities and attack vectors targeting USSD and STK and the evolving threat landscape for these technologies.
- Mitigation strategies and best practices aligned with ITU-T X.1456.
- Emerging technologies for USSD encryption.
Target Audience
This webinar is intended for IT professionals in telecommunications, financial services and fintech sectors, policymakers and regulatory bodies involved in digital financial services.
Panelists:
Moderator
Project Officer
ITU-T
| | 
Manager of Information Security Directorate of ICT & Research
|
We invite all participants to join the ITU DFS security knowledge-sharing platforms on Slack and GitBook before the webinar. See instructions below:
Instructions for joining the ITU DFS security knowledge sharing platform:
The Knowledge Sharing Platform consists of two main components: a GitBook workspace and a Slack channel. The GitBook workspace is a collaborative platform for sharing and refining ITU DFS security recommendations, while the Slack channel facilitates real-time communication and idea discussions among the collaborators.
Links to the GitBook workspace and Slack channel
- Step 1: Send a request to join the platform by emailing your name, institution and job title to: dfssecuritylab@itu.int
- Step 2: After approval, you will receive an invitation to join GitBook, "Accept Invitation" in the email
- Step 3: Sign up for a GitBook account or sign in with an existing account
- Step 4: Access the link in the email to access the DFS Security Guidelines GitBook
- Step 5: After your email approval, you will receive an invitation to join the ITUDFSsecurity workspace, Click "Join Now" in the email
- Step 6: Sign up for a slack account or sign in with an existing account
- Step 7: Join the itudfssecurity Slack workspace for collaboration and discussions
