4�5�14  Are there technical controls in place to limit   Are certificates and other cryptographic information
            exposure of internal DFS systems addresses (like   protected by operating system controls?
            database IP addresses?                             4�6�3   Are digital signatures used to identify third
            4�5�15  Does the DFS provider have a mechanism in   party providers that connect to the DFS systems?
            place to securely store cryptographic keys?        4�6�4   Are the cryptographic libraries used by the
            4�5�16  Does the MNO enforce use of the Personal   operating system or by the application correct-
            Unlock Key on SIM cards to reduce the risk associat-  ly designed and implemented and are they up to
            ed with stolen SIMs that are used for DFS?         date? Do the cryptographic libraries support strong
            4�5�17  Does the MNO have a firewall in place to   cryptographic ciphersuites  and  do  they  prevent  or
            detect and protect against external SS7 based      discourage use of weak ciphersuites? Are hashing
            attacks? For example (firewall protection against   algorithms used that have not been deprecated and
            subscriber traffic interception, unauthorized USSD   are adequate digest lengths supported? (Anything
            and SM use)                                        less than SHA512 is considered weak today. MD5 and
            4�5�18  Does the MNO operator have controls        SHA1 have been broken.) For symmetric encryption
            in  place  to  limit  access  to  MAP  tracing  and  use  of   ciphers, are strong ciphers used and are adequate
            protocol analysers on the internal network? (SMS   key lengths supported? (For example, AES is
            and USSD messages are transmitted in plain text in   considered secure to use while 3-DES is no longer
            the MAP protocol)                                  a preferred cipher because of the SWEET-32 attack,
            4�5�19  Has MNO implemented the SS7 and diame-     and it is encouraged to move away from it to AES
            ter signaling controls to protect against SS7 vulnera-  as soon as possible.) - For public-key encryption,
            bilities?                                          are key lengths chosen to be an appropriate size for
            4�5�20  Has the use of known weak ciphers been     the public key algorithm being used? Are the criteria
            discontinued? Has the deployment been prepared     used for selecting cryptographic algorithms and key
            for new ciphers?                                   sizes based on public and well-examined standards?
            4�5�21  Is the DFS provider performing input valida-  (For example, NIST 800-57 special publication has
            tion checks?                                       guidelines on minimum key sizes for each algorithm
            4�5�22  Is the DFS provider performing user transac-  and how long this key size is good for)
            tion geo-velocity checks before transaction process-  4�6�5   Are the encryption algorithms and keys used
            ing?                                               are strong enough to protect customer PINs and
            4�5�23  Is there adequate monitoring of traffic for   data?
            internet facing DFS applications?                  4�6�6   Are there processes that limit the data
            4�5�24  Is there regular penetration testing of the   shared with third parties when transactions are being
            DFS systems?                                       performed?
            4�5�25  Is TLS encryption used secure? i.e., v.12 or   4�6�7   Are there security guidelines followed when
            higher (July 2020) Does the app use latest versions   disposing of DFS related data?
            of TLS?  Does the app use any deprecated TLS       4�6�8   Do  event logs  contain  customer-sensitive
            version?                                           data such as PINs?
            4�5�26  Is transaction validation performed using   4�6�9   Does the application or underlying operat-
            secure OTP?                                        ing system provide support for remote wipes of DFS
                                                               data or of the mobile device, and are there mecha-
            4�6  Privacy & Confidentiality                     nisms in place to ensure that data is encrypted in the
            4�6�1   Are digital signatures used by DFS appli-  event of device loss or theft?
            cations or by third-party providers? Are the digital   4�6�10  Has all sensitive consumer data been
            signatures based on sufficiently strong cryptograph-  encrypted by the application or the operating
            ic algorithms and key sizes? Are the implementa-   system?  Are  unencrypted  versions  of  the  data
            tions of the cryptographic algorithms secure and up   accessible in the device, for example, in temporary
            to date and do they provide sufficient randomness?   buffers or in memory? Is all information sent over a
            (For example, strong digital signature algorithms   network connection encrypted with a strong encryp-
            include RSA, DSA, and ECDSA. Elliptic-curve cryp-  tion cipher? (See C17 for more discussion of what
            tographic algorithms can use shorter keys to provide   comprises a strong encryption cipher.)
            equivalent security to other ciphers.)             4�6�11   Have strong encryption ciphers and integrity
            4�6�2   Are procedures in place to assure the trust-  protection mechanisms such as message authentica-
            worthiness and protection of private and secret keys?   tion codes been used for data stored on the device



           22    Digital Financial Services security audit guideline