Is electronic money coming of age?
IT security is a critical matter in the assessment of the reliability of e-money systems.
As a consequence of this, the European Central Bank (ECB) has recently issued a report, which will be used by the Central Banks within the European Monetary System to assess the overall reliability and technical security of e-money schemes in the Euro area.
The ECB issued its initial "Report on Electronic Money" in 1998. This sought to address matters such as monetary policy effects and regulatory concerns, covering matters as varied as protection of customers and merchants, the functioning of payment systems, stability of financial markets and protection against criminal abuse.
Indeed, Central Banks within European Monetary Union Countries and under the oversight of the ECB, have to ensure that all relevant e-money systems comply with the requirements set out in the report. The report entitled "Electronic Money Systems Security Objectives" (EMSSO), focuses what features the Central Banks within the Euro system will expect to be found with respect to security within e-money systems under their supervision.
The report, produced after detailed industry consultation, provides detailed risk analysis for e-money systems and security criteria for withstanding the risks and threats within the environment in which e-money services may conceivably operate.
It widely encompasses the security objectives covering hardware and software e-money systems. Perhaps, the most important feature of the report is that the risk analysis and security objective definitions are based on Common Criteria for Information Technology Security Evaluation methodology, known under the acronym of "CC." This is an internationally standardized methodology, which provides a framework for describing e-money systems and related assumptions such as threats and organizational features.
The ECB has produced this comprehensive report as much in recognition that e-money systems are achieving "the level of status as a means of payment in a number of countries". Whether the report will contribute to the commercial stimulation of e-money services through its guidance or act as a break on aspiring e-money providers is open to debate. However, its definitions of security both in the context of hardware and software should stimulate the vendor industry into gearing up relevant products and services to satisfy this market.
Copyright 2003. Originally published by IT-Director.com, reprinted with permission. IT-Director.com provides IT decision makers with free daily e-mails containing news analysis, member-only discussion forums, free research, technology spotlights and free on-line consultancy. To register for a free e-mail subscription, click here.
For more information:
- Looking for free research? Browse our comprehensive White Papers section by topic, author or keyword.
- Are you tired of technospeak? The Web Services Advisor column uses plain talk and avoids the hype.
- For insightful opinion and commentary from today's industry leaders, read our Guest Commentary columns.
- Hey Codeheads! Start benefiting from these time-saving XML Developer Tips and .NET Developer Tips.
- Visit our huge Best Web Links for Web Services collection for the freshest editor-selected resources.
- Visit Ask the Experts for answers to your Web services, SOAP, WSDL, XML, .NET, Java and EAI questions.
- Couldn't attend one of our Webcasts? Don't miss out. Visit our archive to watch at your own convenience.
- Choking on the alphabet soup of industry acronyms? Visit our helpful Glossary for the latest lingo.
- Discuss this article, voice your opinion or talk with your peers in the SearchWebServices Discussion Forums.