标准编号:ISO 23195:2021
中文名称:第三方支付服务信息系统的安全目标
英文名称:Security objectives of information systems of third-party payment services
发布日期:2021-06
标准范围
This document defines a common terminology to be used in the context of third-party payment (TPP). Next, it establishes two logical structural models in which the assets to be protected are clarified. Finally, it specifies security objectives based on the analysis of the logical structural models and the interaction of the assets affected by threats, organizational security policies and assumptions. These security objectives are set out in order to counter the threats resulting from the intermediary nature of TPPSPs offering payment services compared with simpler payment models where the payer and the payee directly interact with their respective account servicing payment service provider (ASPSP).
立即下载标准文件