Custom print

OB-2.2.6

Past version: Effective from 01 Dec 2018 to 30 Jun 2021
To view other versions open the versions tab on the right

Where any of the elements of authentication or the authentication code is used through a multi-purpose device including mobile phones and tablets, the AISP and PISP must adopt security measures to mitigate the risk resulting from the multi-purpose device being compromised. The mitigating measures must include each of the following:

(a) the use of separated secure execution environments through the software installed inside the multi-purpose device; and
(b) mechanisms to ensure that the software or device has not been altered by the payer or by a third party or mechanisms to mitigate the consequences of such alteration where this has taken place.
Added: December 2018