ITU-T Focus Group Digital Financial Services
                                              Technology, Innovation and Competition



               5      Conclusion

               It is clear that the security of payment transactions rests on the safe and secure transmission of data between
               users and payment providers. We thus strongly recommend the development and implementation of end-to-
               end security techniques to ensure data stays confidential and has integrity protection from the time it leaves
               the user’s handset until it is delivered to its destination.

               Mobile devices increasingly contain additional hardware to improve data security; we recommend that DFS
               providers make use of these technologies to assure the security of information on the mobile device platform.

               Best practices for data handling within DFS provider systems and network, such as the maintenance of audit
               logs, the use of least privilege, and assuring data confidentiality, are essential to ensuring the security of data
               and increasing its resistance to data breach attacks. The development of security benchmark assessments and
               regular testing of defences to protect against new attacks is vital to assuring the continued security of stored
               data in these environments.


































































                                                                                                       25