35.240.40 – IT applications in banking – PDF Standards Store ?u= Wed, 06 Nov 2024 01:33:39 +0000 en-US hourly 1 https://wordpress.org/?v=6.7.1 ?u=/wp-content/uploads/2024/11/cropped-icon-150x150.png 35.240.40 – IT applications in banking – PDF Standards Store ?u= 32 32 ISO/TS 23635:2022 ?u=/product/publishers/iso/iso-ts-236352022/ Wed, 06 Nov 2024 01:33:39 +0000 Blockchain and distributed ledger technologies - Guidelines for governance
Published By Publication Date Number of Pages
ISO 2022-02 36
]]> This document provides guiding principles and a framework for the governance of DLT systems.

The document also provides guidance on the fulfilment of governance, including risk and regulatory contexts, that supports the effective, efficient, and acceptable use of DLT systems.

]]> ISO/TS 23258:2021 ?u=/product/publishers/iso/iso-ts-232582021/ Wed, 06 Nov 2024 01:33:33 +0000 Blockchain and distributed ledger technologies - Taxonomy and Ontology
Published By Publication Date Number of Pages
ISO 2021-11 36
]]> This document specifies a taxonomy and an ontology for blockchain and distributed ledger technologies (DLT). The taxonomy includes a taxonomy of concepts, a taxonomy of DLT systems and a taxonomy of application domains, purposes and economy activity sections for use cases. The ontology includes classes and attributes as well as relations between concepts.

The audience includes but is not limited to academics, architects, customers, users, tool developers, regulators, auditors and standards development organizations.

]]> ISO/TS 23029:2020 ?u=/product/publishers/iso/iso-ts-230292020/ Wed, 06 Nov 2024 01:33:27 +0000 Web-service-based application programming interface (WAPI) in financial services
Published By Publication Date Number of Pages
ISO 2020-02 60
]]> This document defines the framework, function and protocols for an API ecosystem that will enable online synchronised interaction. Specifically, the document:

— defines a logical and technical layered approach for developing APIs, including transformational rules. Specific logical models (such as ISO 20022 models) are not included, but they will be referenced in the context of specific scenarios for guidance purposes;

— will primarily be thought about from a RESTful design point of view, but will consider alternative architectural styles (such as WebSocket and Webhook) where other blueprints or scenarios are offered;

— defines for the API ecosystem design principles of an API, rules of a Web-service-based API, the data payload and version control;

— sets out considerations relevant to security, identity and registration of an API ecosystem. Specific technical solutions will not be defined, but they will be referenced in the context of specific scenarios for guidance purposes;

— defines architectural usage beyond query/response asynchronous messaging towards publish/subscribe to support advanced and existing business models.

This document does not include:

— a specific technical specification of an API implementation in financial services;

— the development of JSON APIs based on the ISO 20022 specific message formats, such as PAIN, CAMT and PACS;

— a technical specification that is defined or determined by specific legal frameworks.

]]> ISO/TR 9564-4:2004 ?u=/product/publishers/iso/iso-tr-9564-42004/ Wed, 06 Nov 2024 01:19:54 +0000 Banking — Personal Identification Number (PIN) management and security — Part 4: Guidelines for PIN handling in open networks
Published By Publication Date Number of Pages
ISO 2004-03 12
]]> ISO/TR 9564-4:2004 provides guidelines for personal identification number PIN handling in open networks, presenting finance industry best-practice security measures for PIN management and the handling of financial card originated transactions in environments where issuers and acquirers have no direct control over management, or where no relationship exists between the PIN entry device and the acquirer prior to the transaction.

]]> ISO/TR 23576:2020 ?u=/product/publishers/iso/iso-tr-235762020/ Wed, 06 Nov 2024 01:16:31 +0000 Blockchain and distributed ledger technologies — Security management of digital asset custodians
Published By Publication Date Number of Pages
ISO 2020-12 42
]]> This document discusses the threats, risks, and controls related to:

— systems that provide digital asset custodian services and/or exchange services to their customers (consumers and businesses) and management of security when an incident occurs;

— asset information (including the signature key of the digital asset) that a custodian of digital assets manages.

This document is addressed to digital asset custodians that manage signature keys associated with digital asset accounts. In such a case, certain specific recommendations apply.

The following is out of scope of this document:

— core security controls of blockchain and DLT systems;

— business risks of digital asset custodians;

— segregation of customer's assets;

— governance and management issues.

]]> ISO/TR 23455:2019 ?u=/product/publishers/iso/iso-tr-234552019/ Wed, 06 Nov 2024 01:16:27 +0000 Blockchain and distributed ledger technologies — Overview of and interactions between smart contracts in blockchain and distributed ledger technology systems
Published By Publication Date Number of Pages
ISO 2019-09 50
]]> This document provides an overview of smart contracts in BC/DLT systems; describing what smart contracts are and how they work. It also discusses methods of interaction between multiple smart contracts. This document focuses on technical aspects of smart contracts. Smart contracts for legally binding use and applications will only be briefly mentioned in this document.

]]> ISO/TR 23249:2022 ?u=/product/publishers/iso/iso-tr-232492022/ Wed, 06 Nov 2024 01:16:23 +0000 Blockchain and distributed ledger technologies – Overview of existing DLT systems for identity management
Published By Publication Date Number of Pages
ISO 2022-05 44
]]> This document provides an overview of existing DLT systems for identity management, i.e. the mechanisms by which one or more entities can create, receive, modify, use and revoke a set of identity attributes.

This document covers the following topics:

—    Managing identity for individuals, organizations, things (IoT & objects), functions and processes and other entities including within and across DLT systems.

—    Description of the actors and their interactions and common interfaces.

—    Architectures.

—    Existing relevant standards and frameworks.

]]> ISO/TR 23244:2020 ?u=/product/publishers/iso/iso-tr-232442020/ Wed, 06 Nov 2024 01:16:22 +0000 Blockchain and distributed ledger technologies — Privacy and personally identifiable information protection considerations
Published By Publication Date Number of Pages
ISO 2020-05 24
]]> This document provides an overview of privacy and personally identifiable information (PII) protection as applied to blockchain and distributed ledger technologies (DLT) systems.

]]> ISO/TR 19038:2005 ?u=/product/publishers/iso/iso-tr-190382005/ Wed, 06 Nov 2024 01:14:10 +0000 Banking and related financial services — Triple DEA — Modes of operation — Implementation guidelines
Published By Publication Date Number of Pages
ISO 2005-06 62
]]> ISO/TR 19038:2005 provides the user with technical support and details for the safe and efficient implementation of the Triple Data Encryption Algorithm (TDEA) modes of operation for the enhanced cryptographic protection of digital data. The modes of operation described therein are specified for both enciphering and deciphering operations. The modes described in this Technical Report are implementations of the block cipher modes of operation specified in ISO/IEC 10116 using the Triple DEA algorithm (TDEA) specified in ISO/IEC 18033-3.

The TDEA modes of operation may be used in both wholesale and retail financial applications. The use of ISO/TR 19038:2005 provides the basis for the interoperability of products and facilitates the development of application standards that use the TDEA modes of operation. This Technical Report is intended for use with other ISO standards using DEA.

]]> ISO/TR 17944:2002 ?u=/product/publishers/iso/iso-tr-179442002/ Wed, 06 Nov 2024 01:13:35 +0000 Banking — Security and other financial services — Framework for security in financial systems
Published By Publication Date Number of Pages
ISO 2002-08 20
]]> ISO/TR 17944:2002 provides a framework for standards dealing with security that are deemed necessary for the financial industry. It consists of an inventory of the key security issues which arise in the financial industry and, for each of these issues, the titles of the relevant existing standards are given.

]]>