Page 10 - Technical report on SS7 vulnerabilities and mitigation measures for digital financial services transactions
P. 10

Abbreviations and acronyms









                      BTS          Base Transceiver Station for 2G/3G also know as cell tower
                      CISO         Chief Information Security Officer
                      DFS          Digital Financial Service
                      eNodeB       Base station for LTE a.k.a cell tower (LTE radio access element)
                      ENISA        European Union Agency for Network and Information Security
                      GTP          GPRS Tunnelling Protocol
                      GSMA         GSM Association
                      HLR & VLR      Home / Visitor Location Register, the central database that holds the telco’s
                                   subscriber’s information, both native and roaming subscribers.
                      IMEI           International Mobile Equipment Identity; An identifier used by the telecom
                                   network to uniquely identify a UE.
                      IMSI & TMSI     International Mobile Subscriber Identity; The mobile subscriber unique identifier,
                                   used internally in the telecom network.
                      LTE            Long Term Evolution, the fourth generation of cellular networks more commonly
                                   known as 4G
                      MAP            Mobile Application Part, an SS7 protocol that defines the signalling required
                                   for mobile, e.g. roaming, calling, SMS etc.
                      MO-SMS       Mobile Originated SMS, an SMS sent from the UE to the network.
                      MO-USSD      Mobile Originated USSD transaction, a USSD transaction initiated by the UE.
                      MSISDN       Mobile Station International Subscriber Directory Number
                      MT-SMS       Mobile Terminated SMS, an SMS sent from the network to the UE.
                      MT-USSD        Mobile Terminated USSD transaction, a USSD transaction initiated by the mobile
                                   network to a specific UE
                      MOU          Memorandum of Understanding
                      OTP          One Time Password.
                      POP          Post Office protocol
                      PIN          Personal Identification Number
                      SMS          Short Messaging Service
                      SS7            Signalling System No. 7—The signalling protocol used for interconnection between
                                   telecom networks and between internal sub components of each telecom network
                                   (land and mobile networks alike)
                      STK          Sim Tool Kit
                      Telco        Telecom Operator
                      UE             User Equipment, the user’s end device, in our case the mobile phone (feature
                                   or smart)
                      USSD         Unstructured Supplementary Service Data




           8 • Technical report on SS7 vulnerabilities and mitigation measures for digital financial services transactions
   5   6   7   8   9   10   11   12   13   14   15