This document discusses mobile financial services and the growing use of mobile phones. It provides statistics on the rising number of mobile phone and payment card users worldwide. It then discusses how mobile phones are integrated into people's daily lives and routines. The document proposes a model for mobile information and financial services that combines mobile banking, mobile payments, and near field communication technologies. It outlines some of the security measures needed for mobile payment systems, including authentication, data integrity, and privacy.
We, at Tribalnets,
- Build communities through offering a range of international and national money transfer and virtual banking services to users.
- Secure electronic transaction systems for use via mobile and web.
- Alternative, affordable and innovative payment method that uses the existing mobile networks.
About Us
Tribalnets is run by Didier Marissal, experienced CEO & Chairman of business service and consulting. Its employees comprise of Experienced, multinational team from the banking and telecoms world, Developers with banking background –Fortis, Swift, Mastercard, Visa and a network of mobile financial service specialists.
This document provides an overview of mobile financial services in Latin America and tips for accelerating mobile payments adoption. It finds that 22% of operators in Latin America currently offer mobile financial services, with 55% planning to do so. The outlook for mobile payments in Latin America is strong, with users projected to grow from 8.5 million in 2012 to 22.3 million in 2016. Developing a strong mobile payments portfolio and considering factors like each country's unique context are important. Tips for accelerating adoption include focusing on customer experience through awareness, easy signup/use, and relevant services.
This document discusses bringing your own device (BYOD) security and Cidway's solutions. It addresses:
- BYOD as a reality for many companies as personal devices enter the workplace
- Different corporate strategies for BYOD ranging from not allowing to having agreed policies
- Key questions around BYOD like who pays for data/devices, compliance, security, applications access
- Cidway's mobile authentication application that allows authentication without intruding on devices
- A mobile launcher application that protects access to corporate data, not the device itself
- Potential issues with requiring employees to purchase their own devices for work (BYOD 2.0)
E-banking involves using electronic channels to access banking services without time or geographic limitations. It allows customers to perform transactions online or via mobile devices. Key developments included the growth of the internet in the 1980s, ICICI Bank launching online banking in India in 1997, and the introduction of technologies like ATMs, telephone banking, internet banking, SMS banking, WAP banking, and television banking. Security and privacy are primary concerns in e-banking.
Smart Cards & Devices Forum 2012 - Mobile ID usnadňuje život jak uživatelům, ...OKsystem
Mobile ID allows users to access online services and authenticate transactions using their mobile phone instead of passwords. It works by storing digital signatures on the SIM card that are used to authenticate the user. When a service requires authentication, the user confirms by entering a PIN on their phone. This signature is then verified by a trusted third party. Mobile ID provides strong authentication through a separate channel from the data, protecting against phishing. It allows users to access multiple services using the same authentication method on their mobile device.
Rational Unified Process
Uwierzytelnianie mobile
in Action
Accumulate Mobile Everywhere
This document discusses Accumulate, a company that provides mobile security, payment, and banking services. It was founded in 2004 and has over 60 million installed applications. Their solutions offer strong authentication using factors like biometrics, behavior recognition, and mobile device identifiers. They also allow for secure mobile transactions and banking through features such as digital signatures and push notifications. Accumulate invites organizations to test their full-stack mobile services platform.
Entrust IdentityGuard Mobile is a family of identity applications that leverage existing mobile devices for greater security, including transaction verification, one-time-passcode (OTP) authentication and embedded mobile application security.
And Entrust IdentityGuard Mobile is available on today's leading smartphone platforms, including the Apple iPhone, Google Android, RIM BlackBerry, Microsoft Windows Mobile and Symbian.
We, at Tribalnets,
- Build communities through offering a range of international and national money transfer and virtual banking services to users.
- Secure electronic transaction systems for use via mobile and web.
- Alternative, affordable and innovative payment method that uses the existing mobile networks.
About Us
Tribalnets is run by Didier Marissal, experienced CEO & Chairman of business service and consulting. Its employees comprise of Experienced, multinational team from the banking and telecoms world, Developers with banking background –Fortis, Swift, Mastercard, Visa and a network of mobile financial service specialists.
This document provides an overview of mobile financial services in Latin America and tips for accelerating mobile payments adoption. It finds that 22% of operators in Latin America currently offer mobile financial services, with 55% planning to do so. The outlook for mobile payments in Latin America is strong, with users projected to grow from 8.5 million in 2012 to 22.3 million in 2016. Developing a strong mobile payments portfolio and considering factors like each country's unique context are important. Tips for accelerating adoption include focusing on customer experience through awareness, easy signup/use, and relevant services.
This document discusses bringing your own device (BYOD) security and Cidway's solutions. It addresses:
- BYOD as a reality for many companies as personal devices enter the workplace
- Different corporate strategies for BYOD ranging from not allowing to having agreed policies
- Key questions around BYOD like who pays for data/devices, compliance, security, applications access
- Cidway's mobile authentication application that allows authentication without intruding on devices
- A mobile launcher application that protects access to corporate data, not the device itself
- Potential issues with requiring employees to purchase their own devices for work (BYOD 2.0)
E-banking involves using electronic channels to access banking services without time or geographic limitations. It allows customers to perform transactions online or via mobile devices. Key developments included the growth of the internet in the 1980s, ICICI Bank launching online banking in India in 1997, and the introduction of technologies like ATMs, telephone banking, internet banking, SMS banking, WAP banking, and television banking. Security and privacy are primary concerns in e-banking.
Smart Cards & Devices Forum 2012 - Mobile ID usnadňuje život jak uživatelům, ...OKsystem
Mobile ID allows users to access online services and authenticate transactions using their mobile phone instead of passwords. It works by storing digital signatures on the SIM card that are used to authenticate the user. When a service requires authentication, the user confirms by entering a PIN on their phone. This signature is then verified by a trusted third party. Mobile ID provides strong authentication through a separate channel from the data, protecting against phishing. It allows users to access multiple services using the same authentication method on their mobile device.
Rational Unified Process
Uwierzytelnianie mobile
in Action
Accumulate Mobile Everywhere
This document discusses Accumulate, a company that provides mobile security, payment, and banking services. It was founded in 2004 and has over 60 million installed applications. Their solutions offer strong authentication using factors like biometrics, behavior recognition, and mobile device identifiers. They also allow for secure mobile transactions and banking through features such as digital signatures and push notifications. Accumulate invites organizations to test their full-stack mobile services platform.
Entrust IdentityGuard Mobile is a family of identity applications that leverage existing mobile devices for greater security, including transaction verification, one-time-passcode (OTP) authentication and embedded mobile application security.
And Entrust IdentityGuard Mobile is available on today's leading smartphone platforms, including the Apple iPhone, Google Android, RIM BlackBerry, Microsoft Windows Mobile and Symbian.
AXSionics Internet Passport: a smartcard which holds your biometry and enables you to authenticate yourself and to validate a transaction on Internet. No risk of identity theft, all your information is kept on your card.
The document discusses the design of a mobile payment system using QR codes in Zimbabwe. It aims to provide a more secure and cost-effective alternative to current mobile payment methods like USSD, which have vulnerabilities. The proposed system has three parts: a QR code for identification, a Qpay Android app, and a payment server. The QR code would be scanned by the app to process encrypted payments via a HTTPS connection to the server. The system is designed to address security issues through authentication management, session management, certification management, and key management components. It is argued that QR code payments could provide a fast and simple bridge from physical goods to digital payments for micropayments, though mobile platform diversity poses challenges.
CPP contactless and mobile payments white paper 2011CPPGroup Plc
This document discusses the emergence of contactless payments via cards and mobile phones in the UK. It notes that contactless payments are growing in popularity due to their convenience for low-value, frequent transactions. The successful rollout of contactless payments on London's transit system indicates wider adoption of contactless cards in the UK. Additionally, advances in mobile payment platforms and the increasing use of smartphones is expected to enable contactless mobile payments. However, the document notes that loss, theft, or data security issues present risks that the industry has not fully addressed regarding contactless payments.
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System IJECEIAES
Contactless payments devised for NFC technology are gaining popularity. Howbeit, with NFC technology permeating concerns about arising security threats and risks to lessen mobile payments is vital. The security analysis of NFC-enabled mobile payment system is precariously imperative due to its widespread ratification. In mobile payments security is a prevalent concern by virtue of the financial value at stave. This paper assays the security of NFC based mobile payment system. It discusses the security requirements, threats and attacks that could occur in mobile payment system and the countermeasures to be taken to secure pursuance suitability.
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
The document discusses strong authentication solutions from Gemalto for enterprises. It describes Gemalto's secure personal devices that are used by billions of individuals worldwide, including SIM cards, credit cards, and e-passports. It then discusses the evolution of the authentication market towards mobility and cloud computing. The document promotes Gemalto's Protiva strong authentication service, which provides a flexible authentication solution that can be deployed both on-premise or as a hosted cloud service. It describes features such as user on-boarding, device fulfillment, and easy billing models.
Holger Haljand from EMT AS / TeliaSonera Estonia gave a presentation on Estonia's experience with electronic, digital and mobile identification. Estonia has implemented ID cards, mobile ID using SIM cards, and digital signatures to enable widespread e-government, e-banking, e-voting and other online services. Mobile ID offers a simple, convenient authentication method without needing readers or software. Lessons from Estonia show that usability and a strong ecosystem of online services are key to high adoption of mobile ID. The future of identification lies in mobile solutions that can be used across more devices and countries.
Mobile payment-security-risk-and-responseDESMOND YUEN
Presentation from 2018 RSA Conference
Mobile Payment Ecosystem
Mobile Payment Risk Analysis
How to build secured mobile system
QR Code, NFC, Smart card, RFID
e-banking refers to financial services delivered over the internet or wireless networks to customers. The document discusses customers' expectations of e-banking which include convenience, pricing, intuitive experience, access anytime and safe data security. It also discusses businesses' security expectations which are to align with goals, assist with compliance and defend against threats. Some challenges mentioned are that security is not always a core function, there are many changes with minimal downtime and a demanding business environment where trust is key.
World of digital banking author muthu sivaMuthu Siva
This document provides a high-level strategic comparison of digital banking features and services across 13 major banks from different regions. It summarizes key information for each bank such as registration requirements, activation times, available features, payment options, security measures, technical compatibility, customer support and areas for improvement. The author indicates they will release updated versions of this comparison paper every three months.
SmartCard Forum 2009 - New trends in smart-cards technologyOKsystem
Gemalto introduced smart card and biometric authentication solutions. It discussed using fingerprints for biometric authentication on computers due to user acceptance and technology maturity. Combining biometrics with smart cards provides multifactor authentication with a portable device linked to the user, improving security and convenience. Existing implementations include matching biometrics on or off the smart card. Limitations include operating system support, but workarounds exist and the ultimate solution is a smart card using PKI with both a PIN and biometrics for authentication.
This document discusses two-factor authentication in the banking sector, specifically evaluating its performance for automated teller machines (ATMs). It provides background on ATMs, including a brief history of their development from the late 1960s onward. It describes how two-factor authentication works for ATM transactions, requiring both the physical ATM card and a personal identification number (PIN). The document examines different factors of authentication and classifications of factors into things the user has, knows, and is (biometrics).
Managing & Securing the Online and Mobile banking - Chew Chee SengKnowledge Group
Mobile devices are increasingly used for both personal and work purposes. As mobile connectivity grows, security risks have also increased, necessitating new authentication methods. One-time passwords (OTPs), which have been used for over 25 years, are now obsolete and insecure due to vulnerabilities like man-in-the-middle attacks targeting SMS OTPs. New solutions using public key infrastructure (PKI) certificates on mobile devices can eliminate these attacks by uniquely identifying devices for two-factor authentication. Mobile PKI provides a secure authentication method that leverages the ubiquity of mobile phones and can be used across multiple applications and services.
This document summarizes a research paper that proposes a two-factor authentication protocol for secure mobile payments. The protocol uses transaction identification codes (TICs) and SMS messages for authentication. TICs are one-time passwords issued by banks to users. The protocol encrypts and stores TIC lists on users' phones. During a transaction, the user selects a TIC which is verified by the bank. An SMS is also sent to the user for confirmation. The protocol aims to securely authenticate both the user and transaction using the user's mobile device and banking information.
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...Axel Nennker
Mobile wallets are not only for payments. Mobile wallets will only be successfull if they incorporate loyalty programs, coupons, keys, online identity. The APIs and data must be open. A mobile wallet is not owned by the wallet operator but by the wallet user.
This slide deck describes the architecture of the mobile wallet and the eco system the mobile wallet is embedded in.
This architecture was developed in a project of Telekom Innovation Laboratories.
The mobile wallet is
open to all cards/services.
Multiple cards for Identity, Payment, Loyalty, Coupons, …
Provide framework to support major “standards”.
User centric.
Privacy build-in.
Support mobile and web.
Open to all operators.
The document describes FinCBS Inc's FinCloud cloud computing portal. It discusses FinCloud's acquisition model, business model, access models, and technical capabilities. It allows for the deployment of cloud-based facilities without the cost and complexity of managing complex systems. The document outlines FinCloud's capabilities for various types of online transactions and digital delivery of products/services. It also provides details on FinCloud's customer registration process, account numbers, passwords, payment options, and supported domains/customer types.
The document discusses the 3-D Secure protocol, which was created by Visa in 2001 to add security to online credit card transactions. It does this through an authentication step where the cardholder authenticates themselves with their card-issuing bank during the transaction. The protocol uses XML messages over SSL and a three-domain model including the issuer, acquirer, and interoperability domains. It provides advantages like reduced fraud and increased customer satisfaction but also has disadvantages like potential for phishing and incompatibility with some mobile browsers. Overall, the 3-D Secure protocol has become an industry standard despite some limitations.
The document discusses India's Information Technology Act of 2000. It was enacted to provide legal recognition for electronic commerce and transactions. Some key points:
- The Act recognizes electronic documents and digital signatures authenticated through asymmetric cryptographic techniques. It defines electronic signatures and establishes a framework for digital signature certificates.
- It aims to facilitate e-governance and outlines offenses related to illegal access or damage of computer systems, data theft, cyber terrorism, and cyber pornography.
- Certifying Authorities are licensed and regulated to issue digital signature certificates according to standards. Various cyber crimes are described along with their sections under the IT Act or IPC.
A superset of the slides I presented on voice biometrics at SxSW Interactive. The session (in conjunction with CSIdentity was to raise awareness VB as a physical and behavioral biometric.
ConfidentID Mobile User Authentication is a biometric-enabled authentication solution that uses multiple factors such as biometrics, passwords, and device location to securely identify customers conducting mobile or online banking transactions. It provides stronger authentication than single-factor options to reduce fraud and identity theft. Financial institutions can customize the authentication levels required based on transaction risk levels to balance security with convenience. The solution utilizes the capabilities of smartphones and tablets to deliver advanced authentication without additional hardware.
The project sets sight on authenticating the conventional Credit card transaction system. In the prevailing system though the Credit card paves a convenient mode of transactions, it is subjected to more jeopardy. As technology extends its limit, the way of hacking and cracking also goes along the road. In out proposed system, in every transaction with the Credit card a handshaking signal is achieved with the cardholder. The handshaking method is achieved by transferring the transaction time and the purchase details to the mobile of the cardholder by means of a GSM modem. From the acknowledgement and authentication received from the cardholder’s mobile further transaction proceeds. The system used the MCU for the security issues between the Mobile and the Card. Reports can also be generated for every successful authentication.
AXSionics Internet Passport: a smartcard which holds your biometry and enables you to authenticate yourself and to validate a transaction on Internet. No risk of identity theft, all your information is kept on your card.
The document discusses the design of a mobile payment system using QR codes in Zimbabwe. It aims to provide a more secure and cost-effective alternative to current mobile payment methods like USSD, which have vulnerabilities. The proposed system has three parts: a QR code for identification, a Qpay Android app, and a payment server. The QR code would be scanned by the app to process encrypted payments via a HTTPS connection to the server. The system is designed to address security issues through authentication management, session management, certification management, and key management components. It is argued that QR code payments could provide a fast and simple bridge from physical goods to digital payments for micropayments, though mobile platform diversity poses challenges.
CPP contactless and mobile payments white paper 2011CPPGroup Plc
This document discusses the emergence of contactless payments via cards and mobile phones in the UK. It notes that contactless payments are growing in popularity due to their convenience for low-value, frequent transactions. The successful rollout of contactless payments on London's transit system indicates wider adoption of contactless cards in the UK. Additionally, advances in mobile payment platforms and the increasing use of smartphones is expected to enable contactless mobile payments. However, the document notes that loss, theft, or data security issues present risks that the industry has not fully addressed regarding contactless payments.
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System IJECEIAES
Contactless payments devised for NFC technology are gaining popularity. Howbeit, with NFC technology permeating concerns about arising security threats and risks to lessen mobile payments is vital. The security analysis of NFC-enabled mobile payment system is precariously imperative due to its widespread ratification. In mobile payments security is a prevalent concern by virtue of the financial value at stave. This paper assays the security of NFC based mobile payment system. It discusses the security requirements, threats and attacks that could occur in mobile payment system and the countermeasures to be taken to secure pursuance suitability.
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
The document discusses strong authentication solutions from Gemalto for enterprises. It describes Gemalto's secure personal devices that are used by billions of individuals worldwide, including SIM cards, credit cards, and e-passports. It then discusses the evolution of the authentication market towards mobility and cloud computing. The document promotes Gemalto's Protiva strong authentication service, which provides a flexible authentication solution that can be deployed both on-premise or as a hosted cloud service. It describes features such as user on-boarding, device fulfillment, and easy billing models.
Holger Haljand from EMT AS / TeliaSonera Estonia gave a presentation on Estonia's experience with electronic, digital and mobile identification. Estonia has implemented ID cards, mobile ID using SIM cards, and digital signatures to enable widespread e-government, e-banking, e-voting and other online services. Mobile ID offers a simple, convenient authentication method without needing readers or software. Lessons from Estonia show that usability and a strong ecosystem of online services are key to high adoption of mobile ID. The future of identification lies in mobile solutions that can be used across more devices and countries.
Mobile payment-security-risk-and-responseDESMOND YUEN
Presentation from 2018 RSA Conference
Mobile Payment Ecosystem
Mobile Payment Risk Analysis
How to build secured mobile system
QR Code, NFC, Smart card, RFID
e-banking refers to financial services delivered over the internet or wireless networks to customers. The document discusses customers' expectations of e-banking which include convenience, pricing, intuitive experience, access anytime and safe data security. It also discusses businesses' security expectations which are to align with goals, assist with compliance and defend against threats. Some challenges mentioned are that security is not always a core function, there are many changes with minimal downtime and a demanding business environment where trust is key.
World of digital banking author muthu sivaMuthu Siva
This document provides a high-level strategic comparison of digital banking features and services across 13 major banks from different regions. It summarizes key information for each bank such as registration requirements, activation times, available features, payment options, security measures, technical compatibility, customer support and areas for improvement. The author indicates they will release updated versions of this comparison paper every three months.
SmartCard Forum 2009 - New trends in smart-cards technologyOKsystem
Gemalto introduced smart card and biometric authentication solutions. It discussed using fingerprints for biometric authentication on computers due to user acceptance and technology maturity. Combining biometrics with smart cards provides multifactor authentication with a portable device linked to the user, improving security and convenience. Existing implementations include matching biometrics on or off the smart card. Limitations include operating system support, but workarounds exist and the ultimate solution is a smart card using PKI with both a PIN and biometrics for authentication.
This document discusses two-factor authentication in the banking sector, specifically evaluating its performance for automated teller machines (ATMs). It provides background on ATMs, including a brief history of their development from the late 1960s onward. It describes how two-factor authentication works for ATM transactions, requiring both the physical ATM card and a personal identification number (PIN). The document examines different factors of authentication and classifications of factors into things the user has, knows, and is (biometrics).
Managing & Securing the Online and Mobile banking - Chew Chee SengKnowledge Group
Mobile devices are increasingly used for both personal and work purposes. As mobile connectivity grows, security risks have also increased, necessitating new authentication methods. One-time passwords (OTPs), which have been used for over 25 years, are now obsolete and insecure due to vulnerabilities like man-in-the-middle attacks targeting SMS OTPs. New solutions using public key infrastructure (PKI) certificates on mobile devices can eliminate these attacks by uniquely identifying devices for two-factor authentication. Mobile PKI provides a secure authentication method that leverages the ubiquity of mobile phones and can be used across multiple applications and services.
This document summarizes a research paper that proposes a two-factor authentication protocol for secure mobile payments. The protocol uses transaction identification codes (TICs) and SMS messages for authentication. TICs are one-time passwords issued by banks to users. The protocol encrypts and stores TIC lists on users' phones. During a transaction, the user selects a TIC which is verified by the bank. An SMS is also sent to the user for confirmation. The protocol aims to securely authenticate both the user and transaction using the user's mobile device and banking information.
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...Axel Nennker
Mobile wallets are not only for payments. Mobile wallets will only be successfull if they incorporate loyalty programs, coupons, keys, online identity. The APIs and data must be open. A mobile wallet is not owned by the wallet operator but by the wallet user.
This slide deck describes the architecture of the mobile wallet and the eco system the mobile wallet is embedded in.
This architecture was developed in a project of Telekom Innovation Laboratories.
The mobile wallet is
open to all cards/services.
Multiple cards for Identity, Payment, Loyalty, Coupons, …
Provide framework to support major “standards”.
User centric.
Privacy build-in.
Support mobile and web.
Open to all operators.
The document describes FinCBS Inc's FinCloud cloud computing portal. It discusses FinCloud's acquisition model, business model, access models, and technical capabilities. It allows for the deployment of cloud-based facilities without the cost and complexity of managing complex systems. The document outlines FinCloud's capabilities for various types of online transactions and digital delivery of products/services. It also provides details on FinCloud's customer registration process, account numbers, passwords, payment options, and supported domains/customer types.
The document discusses the 3-D Secure protocol, which was created by Visa in 2001 to add security to online credit card transactions. It does this through an authentication step where the cardholder authenticates themselves with their card-issuing bank during the transaction. The protocol uses XML messages over SSL and a three-domain model including the issuer, acquirer, and interoperability domains. It provides advantages like reduced fraud and increased customer satisfaction but also has disadvantages like potential for phishing and incompatibility with some mobile browsers. Overall, the 3-D Secure protocol has become an industry standard despite some limitations.
The document discusses India's Information Technology Act of 2000. It was enacted to provide legal recognition for electronic commerce and transactions. Some key points:
- The Act recognizes electronic documents and digital signatures authenticated through asymmetric cryptographic techniques. It defines electronic signatures and establishes a framework for digital signature certificates.
- It aims to facilitate e-governance and outlines offenses related to illegal access or damage of computer systems, data theft, cyber terrorism, and cyber pornography.
- Certifying Authorities are licensed and regulated to issue digital signature certificates according to standards. Various cyber crimes are described along with their sections under the IT Act or IPC.
A superset of the slides I presented on voice biometrics at SxSW Interactive. The session (in conjunction with CSIdentity was to raise awareness VB as a physical and behavioral biometric.
ConfidentID Mobile User Authentication is a biometric-enabled authentication solution that uses multiple factors such as biometrics, passwords, and device location to securely identify customers conducting mobile or online banking transactions. It provides stronger authentication than single-factor options to reduce fraud and identity theft. Financial institutions can customize the authentication levels required based on transaction risk levels to balance security with convenience. The solution utilizes the capabilities of smartphones and tablets to deliver advanced authentication without additional hardware.
The project sets sight on authenticating the conventional Credit card transaction system. In the prevailing system though the Credit card paves a convenient mode of transactions, it is subjected to more jeopardy. As technology extends its limit, the way of hacking and cracking also goes along the road. In out proposed system, in every transaction with the Credit card a handshaking signal is achieved with the cardholder. The handshaking method is achieved by transferring the transaction time and the purchase details to the mobile of the cardholder by means of a GSM modem. From the acknowledgement and authentication received from the cardholder’s mobile further transaction proceeds. The system used the MCU for the security issues between the Mobile and the Card. Reports can also be generated for every successful authentication.
The document provides an overview of mobile commerce (m-commerce). It defines m-commerce as conducting commerce using mobile devices such as mobile phones or PDAs. The document then discusses the m-commerce framework and various applications of m-commerce like mobile financial applications, mobile advertising, and product location/shopping. It also describes different models of mobile payment and security issues in m-commerce, highlighting the need to protect information, integrity, and identification. Finally, the document briefly discusses some limitations of m-commerce.
Finacle Digital Commerce solution leverages the power of digital money to unlock new revenue streams, extend distribution reach, and foster customer loyalty for financial institutions, telecom service providers, and retailers.
Rubik Financial provides banking technology solutions to over 340 financial institutions. It has 75 employees across offices in Australia, Singapore, Dubai, and Indonesia. Rubik's main product lines include phone and mobile banking, internet banking and security, card and payments systems, and receivables and recoveries systems. Rubik's goal is to deliver its "Bank-in-a-Box" technology platform as a flexible, low-cost, and hosted solution to meet all of a financial institution's banking system needs.
This document discusses electronic and mobile banking. It provides an overview of how electronic banking allows customers to access banking services through electronic channels without time or geographic limitations. Mobile banking allows customers to perform banking transactions through a mobile device like checking balances and transferring funds. The document then outlines the evolution of electronic and mobile banking from early online services in the 1980s to modern services. It discusses the advantages for banks, businesses, and customers in using these services and some potential disadvantages like security and fraud risks. Finally, the document discusses regulations and adoption of these services in India.
This document discusses optimizing mobile electronic signatures. It describes the GSMA's mIdentity program which aims to promote the development of identity solutions on mobile. The program identifies opportunities for mobile identity and stimulates industry activity and scaling of services. The document also discusses Moldcell's launch of a mobile ID program in Moldova in partnership with the GSMA and government. It outlines best practices for maximizing the opportunity of mobile identity by developing diverse services, facilitating access, and driving adoption among both users and service providers.
The document describes Monolex Telecom's mobile commerce enablement suite, which includes MTEL CASH and the Mobile Commerce Network (MCN) to allow clients to offer mobile payment and money transfer services. The suite provides a turnkey solution including a hosted platform, integration with multiple processors, and private label mobile apps and portals. The goal is to create interoperability for mobile payments worldwide through the MCN clearinghouse network.
This document discusses mobile payments and the mobile commerce ecosystem. It outlines different types of mobile payments such as mobile money, mobile banking, mobile ticketing, and mobile shopping that can be enabled through technologies like NFC, electronic wallets, SMS/USSD, and mobile apps. A variety of players are involved including mobile operators, handset manufacturers, payment networks, banks, credit card companies, technology innovators, and application vendors. While the technology is still developing, factors like standardization, interoperability, handset availability, and customer awareness will influence when mobile payments see widespread adoption.
This document discusses mobile payments and their potential impact. It covers topics like what mobile payments are, their effect on the payments value chain, barriers to adoption, and payment options. While mobile payments are in early stages, they may significantly change the payments landscape by converging payment mechanics, disrupting existing players, and providing access to the unbanked. However, barriers like security concerns, fragmentation, and a lack of ROI for merchants could slow widespread adoption.
A Secure Account-Based Mobile Payment Protocol with Public Key CryptographyIDES Editor
The way people do the business and transactions
are changing drastically with the advent of Information
Technology. The customer wants to access information, goods
and services any time and in any place on his mobile device.
Receiving financial data, trade on stock exchanges, accessing
balances, paying bills and transfer funds using SMS are done
through mobile phones. Due to involvement of valuable
financial and personal information, the mobile phones are
vulnerable to numerous security threats. Most common activity
in M-Commerce is the payment to the merchant using a mobile
phone. In this paper we present a secure account–based
payment protocol which is suitable for M-commerce to transfer
the payment from wireless networks based on public key
cryptography. Based on author knowledge, this is a first kind
of protocol which applies public key cryptography to mobile
network and satisfies all the security requirements of the
properties provided by standard protocols for wired networks
such as SET and iKP.
The BFS industry track touched upon analyze and digitize as themes. Included "Achieving Data Leadership & Deeper Timely Insights" and "mPayments" as two areas for customer talks, points of view and panel discussions. Chaired by M.V. Ramana Murthy, VP & Head, BFS, TCS
DigiPay began its journey in the year of 2019
under the umbrella of Peerbits, a leading mobile
application development company. DigiPay has
come up with several digital financial solutions
such as Mobile Money, Agency Banking,
Automated Fuel Solution, Parking Solution, etc.
This document discusses current trends in the fin-tech industry, including:
1) It outlines the history and expansion of banking services and the role of technology in banking over time, from telegraphs to modern internet, mobile, and app-based banking.
2) Key trends covered include bitcoin and blockchain technology, peer-to-peer lending, and use of big data and analytics for insights like customer segmentation.
3) The goals of fin-tech are also mentioned as making banking more convenient and accessible, increasing market share through new services, automating processes, ensuring regulatory compliance and security of transactions.
presentation give you idea about the the recent trends in financial sector services from different financial tool which are being used by investment institution
The document discusses banking technology trends and challenges in Islamic finance. It notes that technological changes are bringing faster speeds, more personalized experiences, and new tools that allow everyone to be a content creator. This is shaping three critical trends in banking: technology changes, behavioral changes, and business model changes. The document also summarizes some key challenges in Islamic finance technology and outlines areas of strategic focus going forward, including core banking products and mobile banking.
PayNet provide white labelled digital banking platform to enable use case like Deposits, Lending and Payments
We have ready-to-use modules :
- Prepaid cards
- Loan Management and Origination
- Digital Account Opening
- Customer On-boarding
- Open API Platform
- Digital Wallets
- Payments and Collections
- Loyalty Module
- Corporate and Mobile Banking
Held in Bali, Indonesia, the “Mobile Banking and Payments for Emerging Asia Summit 2012” gathered many thought leaders from the telecommunications and banking industries; unveiling the potential of mobile channels penetrating Asia’s emerging markets. Spire Research and Consulting was honored to be invited as a post-conference workshop leader at this prestigious event.
Representing Spire Research and Consulting, Jeffery Bahar, Deputy Chief Executive Officer and Yap Far Loon, Business Development Director, Telecommunication, led a post-conference workshop in the “Mobile Banking and Payments for Emerging Asia Summit 2012” held in Bali, Indonesia. The event brought together many eminent industry experts and marketers from the telecommunications and banking industries – highlighting the potential of mobile banking and payments in emerging economies.
Read more about the event coverage here:
http://www.spireresearch.com/newsroom/events/spire-joins-mobile-banking-and-payments-for-emerging-asia-summit-2012-as-workshop-leader/
Mobile Payments Convergence Van Dyke Nokia World Dec 2007mykahina
Presentation on the emerging trends of mobility and the future of consumer payments and banking. Presented in Amsterdam, Innovation Stream, Nokia World 4 Dec 2007
The document summarizes an employment opportunity for a Driver & Administrative Assistant position with the Competitiveness Enhancement and Enterprise Development Project II (CEED II) located in Chisinau, Moldova. Main responsibilities include driving CEED II team members and consultants throughout Moldova using a project vehicle, assisting with basic office administration tasks and event organization, and assisting the project team leader. Qualifications sought include a valid driver's license, prior driving or office experience, strong interpersonal and communication skills, and fluency in Romanian and Russian with some English skills preferred.
The USAID CEED II project is seeking a part-time internet marketing and social media consultant to help develop and implement a marketing strategy for a new Moldova tourism website. The consultant will be responsible for developing content for social media platforms, overseeing paid advertising campaigns, building links to other websites, and suggesting ways to drive traffic to the site. The ideal candidate will have experience with internet marketing, social media platforms, photography, journalism, and the tourism industry. They must be able to commit 5 days per month for at least 12 months.
Asociația Producătorilor și exportatorilor de Vinuri din Moldova organizează I ediție a evenimentului de promovare "Vernisajul Vinului". La acest eveniment participă companiile vinicole membre ale Asociației, și producătorii care arată succese remarcabile, prin vinurile lor, pe piata locala si pietele externe.
Proiectul USAID CEED II Vă invită la Masa Rotundă “Piața resurselor financiare: oferte și posibilități” ce va avea loc pe 06 decembrie 2011, ora 09. 00, la LEOGRAND Hotel, sala Begonia (str. Mitropolit Varlaam, 77). Veți afla despre ofertele curente, posibilitățile de accesare a resurselor financiare prin produse speciale și surse alternative pe piata RM.
The document outlines Mexico's public policy to develop the IT-ITES sector by fostering its growth through key national initiatives and programs like PROSOFT, highlighting Mexico's competitive advantages in the global IT market such as its large pool of human capital and geographic proximity to the US market. It also provides an analysis of Mexico's IT industry profile and achievements in expanding IT exports and the number of IT companies and clusters over the past decade.
This document outlines the mission, vision, and 3-year goals of QLab, an organization that supports the competitiveness and maturation of Moldova's ICT sector. QLab's mission is to actively transfer knowledge to contribute to economic growth through enhancing the ICT sector. Its vision is to become the main counterpart for businesses and government on ICT research and innovation. Over 3 years, QLab aims to train one third of private IT companies and specialists, triple the output of the education system in IT, and improve processes and certification for private companies in strategic areas.
This document discusses challenges with current ICT education and strategies for improving student outcomes. It argues that ICT curriculums teach irrelevant subjects and use outdated teaching methods, leaving graduates unprepared for the workforce. As a result, students are disillusioned, companies struggle to find qualified employees, and economic growth lags. The document proposes adopting a teaching approach based on cognitive science and learning principles. This includes using a story-centered apprenticeship model with expert mentors and experiential learning. The goal is to provide students with both technical and soft skills training through focused, sequential courses with business context and participatory multimedia learning.
The document outlines Singapore's ICT capacity building plan from cradle to grave. It aims to address the projected need for 170,000 ICT jobs and 25,000 related jobs by 2015. The plan starts early by nurturing secondary school students' interest in ICT through extracurricular activities. It helps working professionals upgrade their skills and guides career development using the National Infocomm Competency Framework. It also empowers seniors with ICT knowledge and a sense of self-worth through the Silver Infocomm Day. The overarching goal is to develop ICT manpower from an early age, continuously upgrade skills, and ensure no one is left behind.
The document discusses the role of ICT certification in Europe. It provides an overview of the European Qualifications Framework and related initiatives like the Bologna Process and Europass that aim to create a common understanding and structure for qualifications. It also describes the European e-Competence Framework that defines e-competences and competence levels. Finally, it maps out the organizations involved in ICT certification in Romania and their relationships.
The document discusses Slovenia's Export Association of Slovenian ICT (ZITex) and its eGovernment Competence Center. ZITex was established in 2008 and has 70 member companies that work to increase ICT exports from Slovenia by 100% in 5 years. The eGovernment Competence Center within ZITex promotes Slovenian eGovernment solutions internationally and supports projects in areas like public finances, taxes, social affairs, and more. It aims to improve cooperation with government institutions and participate in international exhibitions and conferences. The document then provides examples of successful Slovenian eGovernment solutions for areas like businesses, travel documents, public registers, and etaxes.
George Brashnarov gave a presentation on country branding and IT competitiveness. He discussed how a country's brand image affects its business, trade, tourism, and diplomatic relations. A positive brand opens doors while a negative one requires overcoming stereotypes. He analyzed Moldova's positioning compared to other countries and highlighted the importance of understanding a country's image, collaborating between sectors to define a national strategy and story, and producing innovative initiatives.
George Brashnarov gave a presentation on country branding and IT competitiveness. He discussed how a country's brand image affects its business, trade, tourism, and diplomatic relations. Countries with positive reputations find success globally more easily, while those with negative stereotypes face more challenges. He analyzed data on IT competitiveness rankings of countries in Central and Eastern Europe. Brashnarov concluded countries must strategically promote their real strengths through coordination among stakeholders to effectively develop or alter their national brands over the long term.
The document discusses challenges for developing a successful information society. It outlines the Europe 2020 agenda and the Digital Agenda for Europe, which includes 7 priority areas such as digital single market, faster internet access, and digital skills. It also discusses foresight as a tool to develop visions of the future. The document presents CeGD's 7 pillar model for a sustainable information society development, including policy environment, legal framework, ICT business solutions, and research. It stresses the importance of including stakeholders in all steps from vision to policy to services.
This document summarizes IBM's perspective on cloud computing in 2011 and beyond. It discusses how cloud computing leverages existing technologies like virtualization, automation, and standardization to provide benefits like low costs, flexibility, simplicity, and rapid provisioning. IBM positions itself as focusing on enterprise clients and industries, with cloud services that are optimized, integrated, and managed. Examples are given of how governments and educational institutions are using the cloud to increase efficiency, collaboration, and access to resources.
Starting a business is like embarking on an unpredictable adventure. It’s a journey filled with highs and lows, victories and defeats. But what if I told you that those setbacks and failures could be the very stepping stones that lead you to fortune? Let’s explore how resilience, adaptability, and strategic thinking can transform adversity into opportunity.
[To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
This presentation is a curated compilation of PowerPoint diagrams and templates designed to illustrate 20 different digital transformation frameworks and models. These frameworks are based on recent industry trends and best practices, ensuring that the content remains relevant and up-to-date.
Key highlights include Microsoft's Digital Transformation Framework, which focuses on driving innovation and efficiency, and McKinsey's Ten Guiding Principles, which provide strategic insights for successful digital transformation. Additionally, Forrester's framework emphasizes enhancing customer experiences and modernizing IT infrastructure, while IDC's MaturityScape helps assess and develop organizational digital maturity. MIT's framework explores cutting-edge strategies for achieving digital success.
These materials are perfect for enhancing your business or classroom presentations, offering visual aids to supplement your insights. Please note that while comprehensive, these slides are intended as supplementary resources and may not be complete for standalone instructional purposes.
Frameworks/Models included:
Microsoft’s Digital Transformation Framework
McKinsey’s Ten Guiding Principles of Digital Transformation
Forrester’s Digital Transformation Framework
IDC’s Digital Transformation MaturityScape
MIT’s Digital Transformation Framework
Gartner’s Digital Transformation Framework
Accenture’s Digital Strategy & Enterprise Frameworks
Deloitte’s Digital Industrial Transformation Framework
Capgemini’s Digital Transformation Framework
PwC’s Digital Transformation Framework
Cisco’s Digital Transformation Framework
Cognizant’s Digital Transformation Framework
DXC Technology’s Digital Transformation Framework
The BCG Strategy Palette
McKinsey’s Digital Transformation Framework
Digital Transformation Compass
Four Levels of Digital Maturity
Design Thinking Framework
Business Model Canvas
Customer Journey Map
How MJ Global Leads the Packaging Industry.pdfMJ Global
MJ Global's success in staying ahead of the curve in the packaging industry is a testament to its dedication to innovation, sustainability, and customer-centricity. By embracing technological advancements, leading in eco-friendly solutions, collaborating with industry leaders, and adapting to evolving consumer preferences, MJ Global continues to set new standards in the packaging sector.
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....Lacey Max
“After being the most listed dog breed in the United States for 31
years in a row, the Labrador Retriever has dropped to second place
in the American Kennel Club's annual survey of the country's most
popular canines. The French Bulldog is the new top dog in the
United States as of 2022. The stylish puppy has ascended the
rankings in rapid time despite having health concerns and limited
color choices.”
How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...Aleksey Savkin
The Strategy Implementation System offers a structured approach to translating stakeholder needs into actionable strategies using high-level and low-level scorecards. It involves stakeholder analysis, strategy decomposition, adoption of strategic frameworks like Balanced Scorecard or OKR, and alignment of goals, initiatives, and KPIs.
Key Components:
- Stakeholder Analysis
- Strategy Decomposition
- Adoption of Business Frameworks
- Goal Setting
- Initiatives and Action Plans
- KPIs and Performance Metrics
- Learning and Adaptation
- Alignment and Cascading of Scorecards
Benefits:
- Systematic strategy formulation and execution.
- Framework flexibility and automation.
- Enhanced alignment and strategic focus across the organization.
Storytelling is an incredibly valuable tool to share data and information. To get the most impact from stories there are a number of key ingredients. These are based on science and human nature. Using these elements in a story you can deliver information impactfully, ensure action and drive change.
Navigating the world of forex trading can be challenging, especially for beginners. To help you make an informed decision, we have comprehensively compared the best forex brokers in India for 2024. This article, reviewed by Top Forex Brokers Review, will cover featured award winners, the best forex brokers, featured offers, the best copy trading platforms, the best forex brokers for beginners, the best MetaTrader brokers, and recently updated reviews. We will focus on FP Markets, Black Bull, EightCap, IC Markets, and Octa.
𝐔𝐧𝐯𝐞𝐢𝐥 𝐭𝐡𝐞 𝐅𝐮𝐭𝐮𝐫𝐞 𝐨𝐟 𝐄𝐧𝐞𝐫𝐠𝐲 𝐄𝐟𝐟𝐢𝐜𝐢𝐞𝐧𝐜𝐲 𝐰𝐢𝐭𝐡 𝐍𝐄𝐖𝐍𝐓𝐈𝐃𝐄’𝐬 𝐋𝐚𝐭𝐞𝐬𝐭 𝐎𝐟𝐟𝐞𝐫𝐢𝐧𝐠𝐬
Explore the details in our newly released product manual, which showcases NEWNTIDE's advanced heat pump technologies. Delve into our energy-efficient and eco-friendly solutions tailored for diverse global markets.
Zodiac Signs and Food Preferences_ What Your Sign Says About Your Tastemy Pandit
Know what your zodiac sign says about your taste in food! Explore how the 12 zodiac signs influence your culinary preferences with insights from MyPandit. Dive into astrology and flavors!
SATTA MATKA SATTA FAST RESULT KALYAN TOP MATKA RESULT KALYAN SATTA MATKA FAST RESULT MILAN RATAN RAJDHANI MAIN BAZAR MATKA FAST TIPS RESULT MATKA CHART JODI CHART PANEL CHART FREE FIX GAME SATTAMATKA ! MATKA MOBI SATTA 143 spboss.in TOP NO1 RESULT FULL RATE MATKA ONLINE GAME PLAY BY APP SPBOSS
Building Your Employer Brand with Social MediaLuanWise
Presented at The Global HR Summit, 6th June 2024
In this keynote, Luan Wise will provide invaluable insights to elevate your employer brand on social media platforms including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok. You'll learn how compelling content can authentically showcase your company culture, values, and employee experiences to support your talent acquisition and retention objectives. Additionally, you'll understand the power of employee advocacy to amplify reach and engagement – helping to position your organization as an employer of choice in today's competitive talent landscape.
Discover timeless style with the 2022 Vintage Roman Numerals Men's Ring. Crafted from premium stainless steel, this 6mm wide ring embodies elegance and durability. Perfect as a gift, it seamlessly blends classic Roman numeral detailing with modern sophistication, making it an ideal accessory for any occasion.
https://rb.gy/usj1a2
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
The 10 Most Influential Leaders Guiding Corporate Evolution, 2024.pdfthesiliconleaders
In the recent edition, The 10 Most Influential Leaders Guiding Corporate Evolution, 2024, The Silicon Leaders magazine gladly features Dejan Štancer, President of the Global Chamber of Business Leaders (GCBL), along with other leaders.
The 10 Most Influential Leaders Guiding Corporate Evolution, 2024.pdf
Mobile Financial Services
1. Moldova ICT summit
18-19 May, 2011
March 2011
Mobile Financial Services
Evgeny Bondarenko
Deputy General director
Intervale, Russia
Vice–Chairman ITU-D SG2
Vice-Rapporteur Q17-3/2
E-mail: bondarenko@intervale.ru
3. Payment and mobile services market volume
Payment card users worldwide Mobile services users worlwide
1,3 billion
1,6 billion 2003
2008
2,4 billion 2006
3,1 billion 2008
5,3 billion 2010
According to Edgar Dunn & Company, 2007-2008 and ITU-D surways
3
4. Is there a life without mobile phone?
60%*1 take the mobile phone to bed
72%*2 use the mobile phone as the alarm-clock
73%*2 use the mobile phone instead of the watch
33%*2 fear that they lose the mobile
phone rather than the wallet
*1 BBDO survey 3,000 users worldwide
*2 5,500 Nokia users
4
5. Resume
• The penetration rate of mobile services and NGN networks is
very high
• The only worldwide spread mass retail non-cash mean of
payment is bank card mainly branded by international payment
systems
• Limited penetration rate of existing payment systems due to
necessity of sufficient investments in payment infrastructure
(Bank branches, kiosks, POS terminals, etc.)
• Low security level due to technological imperfection of business
schemes. Lots of low volume fraud the losses shift to the market
participants.
5
6. The Mobile Phone for Clients
Account management Information services
Mobile marketing Subscription
Asset Management Bank Authentication
Money transfer MVNO NFC
6
8. Mobile information and financial services
= +
Mobile information Mobile banking M-commerce
and financial
services
8
9. Mobile Banking Services
Most convenient
Most available
Most secure
If powered by Mobile Operator capabilities
9
10. Mobile Banking
Mobile banking provides innovative and secure way of remote
access to traditional banking services:
• Personalized information
• Various Notifications
• Subscription and Service Requests
• Channel for personalized or special offers
• Banking services
• Account management
• Transaction policies definition
• Remittances
• Currency conversion
• Transaction requests
• Payments
• Bill payments
• Top ups
10
11. M-commerce
= +
M-commerce Mobile payments NFC
11
12. Operator-oriented model
Users
Merchant Merchant Merchant
Mobile
Operator
Mobile
Service
Provider
(MSP)
Bank Bank Bank Bank
Issuer Issuer Acquirer Acquirer
Payment
System
12
13. Bank-oriented model
Users
Merchant Merchant Merchant
MSP Payment
Gate
Bank
Bank
MSP
Acquirer
Bank
Payment
System
13
16. Security
System of user identification and
authentication provides security of
Mobile Payment System transactions. This
solution, consisting of software-hardware
modules and based on communication
security principles, provides synergy of
wireless communication and international
payment systems secure technologies;
16
17. Security
Confidentiality (encoded messages
between Agency and Client)
Integrity of data
Impossibility of refusal and
attributing of authorship of
transaction
Multifactor authentication
(establishment of authority)
– Knows something
– Owns something
Geneva, 30 March 2011
17
18. ITU-T X-805 Recommendation.
Eight Security Dimensions
• Limit & control access to
network elements, services & Access Control
• Provide Proof of Identity
applications
• Examples: shared secret,
• Examples: password, ACL,
firewall
Authentication PKI, digital signature, digital
certificate
• Prevent ability to deny that an
activity on the network Non-repudiation
• Ensure confidentiality of data
occurred • Example: encryption
• Examples: system logs,
Data Confidentiality
digital signatures
• Ensure data is received as
• Ensure information only flows Communication Security sent or retrieved as stored
from source to destination • Examples: MD5, digital
• Examples: VPN, MPLS, L2TP signature, anti-virus software
Data Integrity
Availability
• Ensure network elements, • Ensure identification and
services and application network use is kept private
available to legitimate users Privacy • Examples: NAT, encryption
• Examples: IDS/IPS, network
redundancy, BC/DR
ITU-T X.805 Security Architecture for Systems Providing End-to-End Communications
19. ITU-T X.805 Recommendation.
Secured Platform: Three Security Layers
3 - Applications Security Layer:
Applications Security
• Network-based applications accessed by end-
THREATS users
Destruction
• Examples:
Services Security
Corruption – Basic applications (e.g. FTP, web
VULNERABILITIES
Removal access)
Disclosure – Fundamental applications (e.g. email)
Vulnerabilities can exist Interruption – High-end applications (e.g. e-
in each Layer Infrastructure Security
ATTACKS commerce, e-government, e-learning,
e-health, etc.)
1 - Infrastructure Security Layer: 2 - Services Security Layer:
• Fundamental building blocks of networks • Services Provided to End-Users
services and applications • Examples:
• Examples: – Basic IP transport
– Individual routers, switches, servers – IP support services (e.g., AAA, DNS,
– Point-to-point WAN links DHCP)
– Value-added services: (e.g. VPN, VoIP,
– Ethernet links QoS)
• Each Security Layer has unique vulnerabilities, threats
• Infrastructure security enables services security that enables applications security
ITU-T X.805 Security Architecture for Systems Providing End-to-End Communications
20. ITU-T Y.2740 Recommendation.
Four Security Levels of Mobile Payment System
Security Level
Security Dimension
Level 1 Level 2 Level 3 Level 4
Access Control The access to every system component shall be granted only as provided by the System personnel or end-user access level.
In-person connection to services where
The authentication in personal data with obligatory
the System is Single-factor identification is used.
Multi-factor authentication at the
Authentication ensured by the NGN authentication at the Multi-factor authentication at the
System services usage
data transfer System services usage System services usage.
environment Obligatory usage of a Hardware
Cryptographic Module.
The impossibility of a transaction initiator or participant to deny his or her actions upon their completion is ensured by legally
Non-repudiation stated or reserved in mutual contracts means and accepted authentication mechanisms. All system personnel and end-user
actions shall be logged. Event logs shall be change-proof and hold all actions of all users.
Data confidentiality At data transfer, their confidentiality is ensured
by the data transfer environment At message transfer data
(communications security), and by the confidentiality is ensured by
Data integrity mechanism of data storage together with the additional message encryption
means of system access control – at data together with data transfer
storage and processing. protocols that ensure the security
of the data being transferred by
The implementation of the Level 3
the interoperation participants
requirements with the obligatory usage
(including data integrity
Privacy is ensured by the absence of sensitive of hardware cryptographic and data
verification); at data storage and
data in the messages being transferred as well security facilities on the Client’s side
processing their confidentiality,
as by the implementation of the required (Hardware Cryptographic module).
integrity and privacy are ensured
mechanisms of data storage and the System
Privacy by additional mechanisms of
access control facilities.
encryption and masking together
The System components must not have latent
with well-defined distribution of
possibilities of unauthorized data acquisition and
access in concordance with
transfer.
privileges and permissions.
The delivery of a message to the addressee is ensured as well as the security against unauthorized disclosure at time of
Communication security transfer over the communications channels. It is ensured by the NGN communications providers.
It ensures that there is no denial of authorized access to the System data and services. Availability is assured by the NGN
Availability communications providers as well as the service providers
Geneva, 30 March 2011
ITU-T Y.2740 Security requirements for mobile remote financial transactions 20
21. ITU-T Y.2741 Recommendation.
Architecture of MPS
Client Mobile Merchant
operator
-Security
provider
Issuer Acquirer
-Client
authentication
iMAP -Service provider aMAP
(MSP)
Geneva, 30 March 2011
ITU-T Y.2741 Architecture of secure mobile financial transactions 21
23. Successful main implemented projects
Mobile banking and M-commerce bank–oriented models
• Gazprombank (Java , Windows Mobile and iPhone
applet,SMS)
• Halyk-bank (STK applet, Java, Windows Mobile and
iPhone applet, SMS)
• Raiffeisen Bank Russia (Java and Windows Mobile
applet, SMS)
• Rosbank (Java, Windows Mobile and iPhone applet,
SMS)
• Sberbank (Java and Windows Mobile applet, SMS)
Operator-oriented models
• MTS (STK applet, Java , Windows Mobile and iPhone
applet, SMS, bank account)
• Megafon (WAP, operator account)
23
25. Summary
• Currently, the penetration rate of mobile services and NGN networks
development allows to organize new types of services not only directly
associated with the main purpose of networks.
• NGN networks may become a new infrastructure for convenient and safe
conduction of financial transactions.
• Information and financial services based on NGN networks include not
only mobile banking and mobile commerce services and in addition thereto
may become “infrastructure” basis for providing public services to
individual customers.
25
27. About Intervale
Intervale Ltd. Subsidiary
Mobile services solutions developer and
mobile financial transaction provider
Head Office – Moscow, Russia SmartCardLink
Mobile Service Provider
Intervale Kazakhstan Ltd. Moscow, Russia
Representative office and Mobile Service
Provider
Kazakhstan
Intervale Europe Ltd. Mobile Payments Ltd.
Representative office Mobile Service Provider
Czech Republic and mobile financial
transaction provider
Intervale Ukraine Ltd. Belarus
Representative office
Ukraine
Year of foundation – 1999
Customers – banks, processing companies,
mobile operator in Russia, CIS and Europe
27
28. The Intervale solution
The solution is taken as a
basis for the standards
being developed within ITU
(the leading United Nations agency
for information and
communication technology
issues)
in collaboration with ISO
and UPU
28