Simoun Ung
Chairman, AmCham Security Disaster Resource Group Committee
Vice Chairman, Bastion Payment Systems Corporation
 Approved by BSP 1 AUG 2013
 Board approved migration plan must be
submitted to BSP no later than 1 FEB 2014, six
months...
 Enhanced information-technology risk
management (ITRM) framework;
 Updates I.T. related portions of current Manual
of R...
 The new regulation covers:
 All banks;
 Non-bank financial institutions;
 Electronic money issuers;
 Other non-bank ...
 Requires overall alignment of IT governance
and models with overall business strategy and
risk management/mitigation;
 ...
 Establishment of an overall IT risk mitigation
strategy, customized to the threats likely to face
the institution:
 Inf...
 3 DES: Triple Data
Encryption Algorithm
applied thrice to each
data block
 Requires implementation
of end-to-end Triple...
 EMV: Europay,
MasterCard and Visa
originated standard for
integrated circuit cards
 EMV Chip cards must be
implemented ...
 Cloud security and its affect on our services
and security;
 Payment Card Industry Data Security
Standards (PCI DSS)
 ...
Enhanced bank security requirements of BSP Circular 808
Enhanced bank security requirements of BSP Circular 808
Upcoming SlideShare
Loading in …5
×

Enhanced bank security requirements of BSP Circular 808

1,929
-1

Published on

The Bangko Sentral ng Pilipinas recently issued a circular requiring all BSP supervised institutions to implement 3DES and EMV in particular, along with reporting framework for improving IT security in general.

Published in: Economy & Finance, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,929
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
48
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Enhanced bank security requirements of BSP Circular 808

  1. 1. Simoun Ung Chairman, AmCham Security Disaster Resource Group Committee Vice Chairman, Bastion Payment Systems Corporation
  2. 2.  Approved by BSP 1 AUG 2013  Board approved migration plan must be submitted to BSP no later than 1 FEB 2014, six months from circular date  Compliance required no later than 1 JAN 2015
  3. 3.  Enhanced information-technology risk management (ITRM) framework;  Updates I.T. related portions of current Manual of Regulations for Banks (MORB);  Aims to strengthen the retail electronic payment infrastructure of the nation;  Aims to enhance protection against ATM and credit card fraud.
  4. 4.  The new regulation covers:  All banks;  Non-bank financial institutions;  Electronic money issuers;  Other non-bank entities subject to BSP supervision or regulation.
  5. 5.  Requires overall alignment of IT governance and models with overall business strategy and risk management/mitigation;  Requires maintenance of a risk identification and assessment process to continually look at threats and address them;
  6. 6.  Establishment of an overall IT risk mitigation strategy, customized to the threats likely to face the institution:  Information security;  Project management, acquisition and  change management;  I.T. operations;  I.T. outsourcing and vendor management;  Electronic products and services.
  7. 7.  3 DES: Triple Data Encryption Algorithm applied thrice to each data block  Requires implementation of end-to-end Triple DES for all ATMs by 1JAN2015  New ATMs installed should be Triple DES compliant
  8. 8.  EMV: Europay, MasterCard and Visa originated standard for integrated circuit cards  EMV Chip cards must be implemented by 1JAN 2017;  Implementation plans must be submitted by 1FEB2014, six months from date of circular.
  9. 9.  Cloud security and its affect on our services and security;  Payment Card Industry Data Security Standards (PCI DSS)  Card Not Present Transactions;  EMV Security and Organized Criminal Groups;  ATM Security and Organized Criminal Groups;  Other threats
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×