Page 87 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition
P. 87

ITU-T Focus Group Digital Financial Services
                                              Technology, Innovation and Competition



               4.13  International remittance/international money transfer (IMT)


               4.13.1  IMT sending

               A registered customer can initiate a send money request through the DFS platform to debit the transfer amount
               form the customer's account held in the DFS platform to the users in a different or the same service provider
               system of different countries. The service provider system can be a DFS platform, bank, or any other kind of
               payment system.
               An unregistered customer can also send money internationally via OTC.


               4.13.2  IMT receiving

               A customer can receive an international remittance via an IMT provider (or a specialist IMT broker who the
               service provider has partnered with), allowing e-Money to be credited into a customer’s account from an
               international source.





               5      System function


               5.1    Security and reliability

               The DFS vendor platform should ensure security from various aspects, such as applications, system, network,
               operation and maintenance, and privacy protection. Security features are provided based on security
               standardslocal laws and regulations.


               5.2    Identity management

               The DFS vendor platform should support the management of identity. Identity includes the end customer,
               business organization (e.g. agent or merchant), MMO, and service providers (e.g. vendors).
               With the financial services regulatory requirements, the capture of customer data, its storage, and management
               requires robust and rigorous processes fully compliant with the required international standards (i.e. PA-DSS,
               etc. for card payments). With the separation of Identity Management function (rather than having it embedded
               in the accounts), governed with the appropriate information control, this function is expected to be the master
               record for the capturing and managing all information related to the costumer’s identity, including:

               •    Processes for account registration and activation.
               •    Account data update.
               •    Account cancellation or blocking.

               •    Validation data capture and retrieval (physical or system capture).
               •    Validity management of data.
               •    Access to data for appropriately authorised users and systems.

               •    Performing the appropriate actions for registered services in case of any changes in the account status
                    or data.

               •    If a PIN or password is used to securely identify the user, the life cycle must be managed: Issuing, reissuing,
                    delivery, validation, blocking, unblocking, and deletion. Handling this securely is one of the hardest and
                    more expensive parts of any payment system.





                                                                                                       73
   82   83   84   85   86   87   88   89   90   91   92