Page 41 - Digital Financial Services security assurance framework
P. 41
8�15 Threat: Rogue Devices
We consider the threat that unauthorized devices can present to DFS network infrastructure.
Affected Entity Risks and vulnerabilities Controls
The risks of fraud and data modification C110: MNOs should monitor devices used to connect to
occur because of the following vulnera- or otherwise access the DFS system to ensure that such
MNO bility devices have the latest patches, updated antivirus software,
- Insecure devices connected to the DFS are scanned for rootkits and key loggers, and do not sup-
infrastructure (SD: Data Integrity) port network extenders.
8�16 Threat: Unauthorised Access to Mobile Devices
This set of threats is characterized as specific attacks against mobile devices from adversaries.
Affected Entity Risks and vulnerabilities Controls
The risk of impersonation and data loss/
fraudulent transactions occur because
of the following vulnerabilities:
- Inadequate user authentication on the C111: Mobile devices should automatically lock after a
device (SD: Data Confidentiality) period of inactivity, forcing device authentication to be
performed to unlock the device before it is used for DFS
transactions.
Mobile User/ C112: Use Strong PINs, remote data wipe, PIN lock, use
biometric authentication (e.g., fingerprint, iris) when such
Device
device features are available.
- Outdated application software ver- C113: Device manufacturers must ensure that critical
sions making devices susceptible to updates are available for consumers to directly acquire or
malware (SD: Data Confidentiality are made available to the network provides to be pushed
to users.
The risk of DFS user account takeover C114: Before authenticating DFS users, when possible, val-
occurs because of the following vulner- idate the IMSI, device, and location, and IP address of the
DFS Provider ability: user to establish their identity and to prevent unauthorized
- Overly permissive access to the DFS access to the network infrastructure.
infrastructure (SD: Authentication)
The risk of denied transactions occurs C115: Payment service providers should ensure that com-
because of the following vulnerability: panion general-purpose reloadable cards linked to DFS
Third-Party Pro-
vider - Inadequate transaction verification accounts require the use of EMV chips with cardholder ver-
(SD: Non-Repudiation) ification methods, such as PINs or biometrics, when practi-
cal, and that all transactions result in an alert to customers.
8�17 Threat: Unintended Disclosure of Personal Information
We characterize this set of threats as those resulting in user data being inadvertently exposed.
Affected Entity Risks and vulnerabilities Controls
The risk of exposure of personally iden- C116: DFS providers should ensure that customer data in
tifiable information occurs because of production environments is not used in test environments
DFS Provider the following vulnerability: unless anonymized according to best practices. Conversely,
- Inadequate oversight and controls in test data should not be migrated to the product.
test environments (SD: privacy)
Digital Financial Services Security Assurance Framework 39
