security ecosystem of digital wallets

Report

Post on 23-Jan-2018

121 Views

Category:

Technology

1 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Security Ecosystem for Digital Wallets

BY -

SAUMYA VISHNOI

Who am I ? Information Security profession – about 6 years of experience

Ex- PCI QSA

Audited multiple wallet environments

Currently working with a Fintech organization

Disclaimer

All the information, discussion and views

presented in the talk are

personal !!!

What is Digital Wallet ?

Digital Wallet

A digital application that works like a wallet ----

you add money into it and then you can spend the money out of it

Types of Digital wallet

Closed loop

Semi-open loop

Open loop

How safe are wallets ?

RBI(Reserve Bank of India)

Regulatory Controls RBI Payment and Settlement Act 2007

RBI PSS Audit – CISA audit – external

Internal Audit

AML controls (Anti- Money Laundering )

Fraud management

Penalty clause

Basically Risk Management !!!

PSS Audit – CISA audit – external • External ISMS audit by a qualified CISA professional

•Submission of the audit report to RBI

•RBI review and approve/or send back with comments.

•Once approved --- RBI license is issued

•Internal audit schedule and review

•audit and risk committee responsibility

•Yearly external audit exercise and report submission to RBI

AML controls (Anti- Money Laundering )

• Required to be compliant to Prevention of Money Laundering Act, 2002

•KYC and non-KYC accounts

•Balance limitations

•Regular monitoring for suspicious behavior

•AML training to employees

Fraud Management• Establishment of Fraud team

•Regular monitoring for suspicious behavior

•Assisting law enforcement agencies in Investigating fraud incidents

•Blacklisting mechanism

•Blocking/Unblocking account

•Customer awareness

Penalty Clause Section 30 of PSS Act --- Power of Reserve Bank to impose fine

Section 31 of PSS Act --- Power to compound offences

Nature of offence -- Breach of provisions of the act.

Non- compliance of directions

Violations of tem and conditions of authorization

Amount of Penalty – Depends upon the nature of offence, with a min of 5 Lakhs

Trust

top related

virtual wallets
Documents
payments for ecosystem services and food security
Documents
freshwater ecosystem management and environmental...
Documents
forests, ecosystem services and food security
Environment
security and the iot ecosystem
Business
an ecosystem approach to water and food security
Documents
plant genetic resources for food security and ecosystem
Documents
security of mobile payments and digital wallets
Documents
the 7 kinds of security - application security | veracode 7...
Documents
wallets alpha
Documents
mobile wallets
Documents
water security and ecosystem services
Documents
ecosystem-based adaptation and food security ·...
Documents
payment wallets
Education
security token offering white paper securing the blockchain...
Documents
android security: taming the complex ecosystem · the...
Documents
the alevo ecosystem energy storage supercomputing cyber...
Documents
security metrics for the android ecosystem...
Documents
ecosystem services, food security and nutrition
Technology
bitcoin hardware wallets security
Engineering