Abstract

This Uganda Standard describes and specifies a framework for the management of the security of MFS. It includes a) a generic model for the design of the security policy, b) a minimum set of security requirements, c) recommended cryptographic protocols and mechanisms for mobile device authentication, financial message secure exchange and external authentication, including the following: - point-to-point aspects to consider for MFS - end-to-end aspects to consider - security certification aspects - generation of mobile digital signatures d) interoperability issues for the secure certification of MFS, e) recommendations for the protection of sensitive data, f) guidelines for the implementation of national laws and regulations (e.g. anti-money laundering and combating the funding of terrorism (AML/CFT), and g) security management considerations. This standard was published on 2017-12-12.