ISO-12812: Within the year 1996, the most recent versatile phones of the time permitted us to form calls on the move, play straightforward diversions (of the wind and stepping stool kind), and text messages to our family and companions. Nowadays, we are able to utilise them to get to the Web, make video calls, take photographs, video record, offer assistance to explore goals on an outline, pay for administrations and merchandise, send cash to each other, permit us to manage an account, and the list is, for all intents and purposes, unending with numerous other applications.
Introduction – ISO-12812
ISO 12812 primarily targets industries in dire need of attention. Possible paraphrases: There is a need for systems and rules that govern international or global activities. The international community requires mechanisms and standards to manage and oversee various operations. – From a global perspective, it is important to establish frameworks and policies that control and regulate different aspects.
- Prioritizing Consumer Protection:
- We’re placing a high priority on safeguarding consumers through the ISO-12812 standards for mobile financial services, covering mobile money, payments, and banking. These standards, though in draft form, have been made public to ensure transparency.
- Focus on Versatile Money:
- Our discussion revolves around Versatile Money, encompassing aspects like Mobile Installments (individual and person-to-business transactions). The aim is to adapt to the modern trend where mobile devices have become the primary means for financial transactions, replacing traditional methods.
- Growing User Base:
- The increasing reliance on mobile devices for financial services, such as payments and banking, has led to a steady rise in users for Web, GSM, Mobile Data, and Mobile Financial Services. Today, more people prefer the convenience of mobile platforms over conventional approaches.
The key is to perceive that sedimentary things put away within the consumer’s intellect and blocking the oxidational kind of straightforwardness will now not be the case. Presently, shoppers would presently or will have at the very least all the data accessible sometime recently, getting into the kind of trap or comfort trade as customers without numerous complaints.
ISO-12812 : Outlook
Make it easy and encourage coordination among the distinct aspects or features of constructing financial services for mobile devices. Governance, transparency, and accountability, as well as e-governance applications, models, successes, limitations, and potential, along with citizens’ charters and institutional measures, are being compiled and organized for application within an industry that currently lacks regulations. This is a significant initiative.
- Dynamic Evolution of Payments:
- The payment industry is undergoing constant evolution, witnessing the emergence and adoption of mobile financial services by providers globally.
- Consumer Safeguards at the Forefront:
- Ensuring consumer protection is a priority, with a focus on equitable terms in agreements, transparent communication of fees, and clear explanations of responsibilities outlined in regulations.
- Potential Unleashed by Mobile Devices:
- The potential for advancing Mobile Financial Services is evident, primarily driven by the widespread availability of mobile devices.
- Comprehensive Scope of Mobile Financial Services:
- Termed as Mobile Financial Services, this goes beyond the device itself, encompassing a range of services provided on mobile platforms.
enabling the consumer to choose from different providers of devices, interfaces, or mobile financial services, including the possibility to contract with several mobile financial service providers for services on the same device or different services from different service providers, or the ability to migrate services from one device to another (portability).
What Is It – Little Details
When any organisation decides to implement ISO 12812, the first international standard for mobile financial services, as it expands its financial services business and platforms, The company has to embark on a project to gain ISO 12812 certification. This, in turn, gives confidence, peace of mind, and international recognition. The standard is divided into five parts, covering the areas below.
- ISO 12812-1 General Framework and Common Terminology – This defines the general framework of mobile financial services (payment and banking services involving a mobile device).
- ISO 12812-2 Security and Data Protection – A Security Framework including an analysis of vulnerabilities, threats and countermeasures for the operation of MFSs.
- ISO 12812-3 Application Management – ISO/TS 12812-3:2017 specifies the interoperable lifecycle management of applications used in mobile financial services. As defined in ISO 12812-1, an application is a set of software modules and/or data needed to provide functionality for a mobile financial service.
- ISO 12812-4 Mobile Payments to Persons (P2P) – This document provides comprehensive requirements and practices involved in mobilizing the transfer of funds as well as specific use cases for the implementation of interoperable mobile payments to persons. The great debate over titles- what is a person?
- ISO 12812-5 Mobile Payments to Business – It focuses on mechanisms by which a person (“consumer”, “payer” or “business”) uses a mobile device to initiate a payment to a business entity (“merchant” or “payee”). Such a payment may use the traditional merchant point of interaction (POI) system, where the manner of settling the payment follows well-established merchant services paradigms.
a collection of definitions that are widely accepted among global participants in the finance industry. Our aim is to present a visual representation of the various efforts towards standardisation in the realm of mobile financial services. The latest ISO standard emphasises the importance of creating a secure setting, instilling confidence in both customers and merchants, and enabling MFS providers to assume their risk management responsibilities.
Who Should Care
It is crucially important that stakeholders enjoy the benefits of changes in services while service providers maintain their competitiveness and autonomy to pursue their own business goals. The ISO 12812 standard focuses on technical interoperability, specifically examining the implications of incorporating mobile devices into financial services by incorporating new components and interfaces. The ISO framework has been enriched with a new standard that surfaced in 2017.
- Comprehensive Framework:
- The standard comprises five components, with the first component establishing the overall framework for mobile financial services.
- Enhancing Operational Efficiency:
- The primary goal of this proposal is to simplify and advance the interoperability, security, and quality of financial operations on mobile devices, specifically focusing on banking and payment transactions.
- Diverse Transaction Sources:
- Transactions are not limited to traditional banking establishments; they may originate from Banking as a Service or Banking as Platform providers, utilizing mobile devices as the primary transactional tool.
- Ensuring Security and Legitimacy:
- To ensure the safety and legitimacy of signatures, it’s crucial to separate individuals’ identification in the system from their private and confidential identity information.
- Message Integrity Preservation:
- Preserving the authenticity of the system and thwarting any attempts at fraudulence requires ensuring that messages remain unaltered during transmission.
Nevertheless, it is permissible for them to be included in encapsulated messages created by intermediaries. This approach is consistent with the appropriate procedure for safeguarding the accuracy and security of transmitted information. The ISO 20022 Data Dictionary was designed to cater to a vast range of financial service asset classes. The security deficiency of the mentioned problem is quite significant due to the absence of any existing security measures within its apparatus.
ISO 12812-Part 2 directly references data at rest, data in transit, HMAC, encryption, tamper-resistant key material storage, keys to encrypt keys, channel security for general protection and encryption of sensitive information within the messages themselves, and keys that encrypt other keys. The weakness of each component varies, and attackers will always strike vulnerabilities with the highest expected payoff, which is the sad reality of the matter and the reason why we need all these standards, policies, procedures, and frameworks.
- Digital Payments in a Nutshell:
- In today’s digital payment landscape, transactions are essentially bits and bytes of information traversing information technology networks. This data encompasses various attributes like currency, amount, and party information, passing through multiple components such as computers, communication channels, software, and users, each susceptible to potential attacks and requiring vigilant defense.
- Holistic Data Protection:
- With the complexity of modern payment systems, developers and engineers face the challenge of protecting numerous components simultaneously. The solution lies in a robust data protection framework that extends from the user interface to the very data storage, allowing the internet to serve as the conduit for payments.
- Framework for Secure Transactions:
- A comprehensive data protection framework becomes imperative to safely utilize the web and the internet. Without such safeguards, the security of each network node a transaction passes through becomes uncertain. This underscores the need for a security framework that spans the entire spectrum, ensuring the security of the underlying data.
- Global Security Standard:
- Recognizing the global nature of technology, it is essential to establish a security framework that avoids guidance based on the country of origin, which could hinder international commerce. Addressing national cybersecurity concerns should align with an international standard that balances risk versus security, fostering a secure and globally accessible digital payment ecosystem.
Only part 1 is formally an international standard, as parts 2 through 5 could not gain sufficient support to be accepted as full standards but instead were pushed through to publication as technical specifications, which is a classification that addresses work still under technical development or where it is believed that there will be a future, but not immediate, possibility of agreement on an international standard.
Advancing Secure Financial Services Globally
Fintech companies can chart a path to sustainable growth, foster unwavering customer trust, safeguard financial integrity, and spearhead continuous innovation, propelling the industry into a new era of financial empowerment and technological advancement.
- Expanding Horizons in Intellectual Property:
- The evolving landscape of intellectual property, technical locks, and liability policies is opening up new avenues. Congratulations on the progress made in these areas.
- Challenges in Cash Transfers and Remittances:
- Acknowledging the unique challenges in cash transfers and remittances, your dedication to addressing fundamental issues is commendable.
- Identity Concerns in Payments:
- Recognizing the nature of payments and the need for robust identification, it’s crucial to balance the requirement for participant identification with use cases involving low-value or less-sensitive payments.
- Read-Only Access and User Consent:
- Ensuring flexibility in transaction information access, especially for less-sensitive payments, by allowing read-only access to third parties with user consent is a thoughtful approach.
- Inclusivity Through Mobile Phones:
- Patrice Hertzog’s vision of bringing secure financial services to a broader audience, considering that more people have mobile phones than bank accounts globally, is both visionary and inclusive.
- Clarifying Standards Terminology:
- The debate around referring to the suite of 12812 publications as standards or technical standards is an important discussion. Clear terminology ensures accurate communication and understanding in this critical domain.
#Any information extracted from any site/blog/post – remains their proprietary and all credit accordingly remains with them. The idea here is to simplify and cascade the information further.
Conclusion – The ISO-12812 standard marks a positive step forward, yet there’s still much ground to cover in establishing essential safeguards and intricacies. It remains imperative that every actor or system involved in the payment process is distinctly identifiable to others. While the work is ongoing, it appears to be a necessary endeavor and aligns with the current needs of the industry. However, it’s noteworthy that this may not be the case if payment schemes already define identifier syntax and semantics, such as primary account numbers (PANs) for credit cards or Bitcoin account identifiers. The expectation is to support scheme-specific identifiers, particularly in cases where global identifiers are required and are not scheme-specific.
Points to Note:
it’s time to figure out when to use which tech—a tricky decision that can really only be tackled with a combination of experience and the type of problem in hand. So if you think you’ve got the right answer, take a bow and collect your credits! And don’t worry if you don’t get it right.
Feedback & Further Questions
Do you have any burning questions about Big Data, AI & ML, Blockchain, FinTech, Theoretical Physics, Photography or Fujifilm(SLRs or Lenses)? Please feel free to ask your question either by leaving a comment or by sending me an email. I will do my best to quench your curiosity.
Books & Other Material referred
- AILabPage (group of self-taught engineers/learners) members’ hands-on field work is being written here.
- Referred online materiel, live conferences and books (if available)
============================ About the Author =======================
Read about Author at : About Me
Thank you all, for spending your time reading this post. Please share your opinion / comments / critics / agreements or disagreement. Remark for more details about posts, subjects and relevance please read the disclaimer.