Committed to connecting the world

Digital Financial Services Security Clinic - EACO


The International Telecommunication Union organized an online Digital Financial Services Security Clinic jointly with the East African Communications Organization (EACO) on 6 July 2022 from 10h00 to 12h15 East African Time (EAT).​

The main objectives of the DFS Security Clinic are to share the findings and recommendations from the FIGI Security Infrastructure and Trust working group for regulators and DFS providers with regards to addressing security challenges for digital finance. ​

Target Audience: The DFS Security Clinic was intended for IT security professionals and policymakers from the telecom/ICT regulators, DFS providers, Central Banks and Mobile Network Operators.


​10:00 - 10:45
​Managing threats to the DFS ecosystem and securing mobile payment applications

This session focused on the best practices that Digital Financial Services (DFS) regulators could adopt as technical regulation to set minimum security baselines for DFS providers and developers and which can also be audited thereafter by the regulator to verify compliance. 
Related Reports/Regulatory Guidance:
​10:45 - 11:10
​Mitigating SS7 vulnerabilities

This session focused on the recommendations to be adopted by DFS regulators and mobile network operators to mitigate SS7 vulnerabilities.
Related Reports/Regulatory Guidance:
​11:10 - 11:50
​Addressing SIM swap fraud and related risks

This session focused on the guidance and recommendations for regulators and providers to mitigate SIM vulnerabilities like SIM swaps, SIM recycling, and attacks on SIMs like binary over the air attacks. The session also covered how the Central Bank and Telecom regulator could coordinate on addressing security risks to the DFS ecosystem.
Related Reports/Regulatory Guidance:
​11:50 - 12:15
​Next steps: adoption of security recommendations from FIGI by EACO

This session was led by EACO and was a discussion on the next steps for EACO to adopt the recommendations that have been shared by ITU during the previous sessions and collaboration with ITU on implementing these recommendations going forward.