1. Home
  2. Moldova standards
  3. STM
  4. St ISO TS 12812-2-2017

ISO TS 12812-2-2017 PDF

St ISO TS 12812-2-2017

Name in English:
St ISO TS 12812-2-2017

Name in Russian:
Ст ISO TS 12812-2-2017

Description in English:

Original standard ISO TS 12812-2-2017 in PDF full version. Additional info + preview on request

Description in Russian:
Оригинальный стандарт ISO TS 12812-2-2017 в PDF полная версия. Дополнительная инфо + превью по запросу
Document status:
Active
Format:
Electronic (PDF)
Delivery time (for English version):
1 business day
Delivery time (for Russian version):
365 business days
SKU:
stiso29932
Choose Document Language:
€25

Full title and description

ISO/TS 12812-2:2017 — Core banking — Mobile financial services — Part 2: Security and data protection for mobile financial services. This technical specification defines a security management framework, security requirements and recommended cryptographic and authentication mechanisms to protect mobile financial services (MFS) and sensitive data in mobile banking scenarios.

Abstract

Provides a framework for managing security of mobile financial services, including a generic model for security policy design, a baseline set of security requirements, suggested cryptographic protocols and mechanisms for device authentication, secure financial-message exchange and external authentication, guidance on certification and mobile digital signatures, recommendations for protecting sensitive data, and considerations for compliance with national laws such as AML/CFT.

General information

  • Status: Published (confirmed current).
  • Publication date: March 2017 (Edition 1, 2017-03).
  • Publisher: International Organization for Standardization (ISO).
  • ICS / categories: 03.060 (Banking, core banking and financial services).
  • Edition / version: Technical Specification, Edition 1 (ISO/TS 12812-2:2017).
  • Number of pages: 56.

Scope

Specifies a management framework and practical guidance to secure mobile financial services (MFS). The scope covers design of security policies, minimum security requirements, cryptographic and authentication mechanisms for mobile devices and message exchange, considerations for point-to-point and end-to-end security, certification and interoperability issues, protection of sensitive data, security management practices, and guidance for aligning implementations with national regulatory requirements (e.g., AML/CFT).

Key topics and requirements

  • Generic model for designing MFS security policies and governance.
  • Baseline/minimum security requirements for mobile financial services implementations.
  • Recommended cryptographic protocols and mechanisms for device authentication and secure message exchange.
  • Guidance on external authentication methods and generation of mobile digital signatures.
  • Point-to-point and end-to-end security considerations for MFS.
  • Security certification, interoperability and conformance issues for MFS components.
  • Recommendations for protection and lifecycle management of sensitive data on mobile devices and back-end systems.
  • Security management controls and alignment with national laws and AML/CFT requirements.

Typical use and users

Used by banks and core-banking vendors, mobile payment and fintech providers, system integrators, security architects, application developers for financial services, certification bodies, auditors and regulators who design, implement, evaluate or certify security for mobile banking and mobile payment solutions.

Related standards

Part of the ISO 12812 series (see related parts such as ISO 12812-1, ISO/TS 12812-3, ISO/TS 12812-4 and ISO/TS 12812-5) and references work from ISO/TC 68 (banking) and ISO/IEC JTC 1/SC 27 (IT security techniques). For the series overview see listings of ISO 12812 parts.

Keywords

mobile financial services, MFS, mobile banking, security framework, data protection, cryptography, device authentication, digital signature, interoperability, AML/CFT, ISO/TS 12812-2:2017

FAQ

Q: What is this standard?

A: A technical specification from ISO that defines security and data protection requirements and guidance specifically for mobile financial services within the core-banking context (ISO/TS 12812-2:2017).

Q: What does it cover?

A: It covers a security management framework, minimum security requirements, recommended cryptographic and authentication mechanisms, points for secure message exchange, certification and interoperability considerations, protection of sensitive data and guidance for legal/regulatory alignment (e.g., AML/CFT).

Q: Who typically uses it?

A: Banks, payment-service providers, fintech vendors, core-banking implementers, security architects, auditors, conformity assessment bodies and regulators involved in mobile payments or mobile banking systems.

Q: Is it current or superseded?

A: The published Technical Specification is the 2017 edition (Edition 1) and, per ISO review records, this publication was reviewed and confirmed in 2025 and therefore remains current in its confirmed form.

Q: Is it part of a series?

A: Yes — it is Part 2 of the ISO 12812 series on core banking — mobile financial services; other parts in the series address general framework, lifecycle management and specific payment flows.

Q: What are the key keywords?

A: Mobile financial services, mobile banking security, data protection, cryptography, device authentication, digital signatures, interoperability, AML/CFT, ISO TS 12812-2.