BSP urges banks to intensify security framework

In an effort to lessen Credit Card/ATM-related frauds, the Bangko Sentral ng Pilipinas‘ Monetary Board has given the Resolution No. 1286 or the Enhanced Information Technology Risk Management (ITRM) a go-signal, requiring all BSP-supervised institutions (BSIs) to improve their current their current security framework.

bsp

By January 1, 2015, the Central Bank is expecting all BSIs to adopt a 3DES (Triple Data Encryption Standard) in all of their ATM networks. Furthermore, the agency is urging these financial institutions to use the “more secure” EMV chip-enabled cards by 2017 in exchange for existing cards with magnetic-stripe technology.

Apart from addressing known security/financial threats like card skimming and cloning, BSP is also looking to improve the way these companies anticipate new threats by establishing an “overall IT risk mitigation strategy” which would encompass almost all their business processes including IT outsourcing and electronic products and services.

Consistent with international standards and best practices, the enhanced ITRM framework is expected to strengthen management of risks, security of operations and governance on IT-related activities, as well as reinforce regulations on consumer protection on electronic products and service by tackling the growing number of new and sophisticated technological threats.
– Bangko Sentral ng Pilipinas

The implementation of the enhanced ITRM framework is said to start 15 days following its publication in the Official Gazette.

{source}, {Image Credit}

Ronnie Bulaong

This article was written by Ronnie Bulaong, a special features contributor and correspondent for YugaTech. Follow him on Twitter @turonbulaong.

https://www.yugatech.com

15 Comments

Grammar nazi says:

11 years ago

“Banks” + “its”

Mr. Ronnie Bulaong really needs to attend grammar school. And Yugatech needs to hire more capable writers, they owe it to their readers.
- Reply
silentwarrior says:

11 years ago

Sa mga observant dito, you can see that many ATM machines are running Windows OS. Some of them you will witness showing a Blue Screen of Death. Using a general OS for a critical financial tool like an ATM machine is a security nightmare.

I prefer banks to use a very lean version of Linux or even FreeBSD to run ATM machines.
- Reply
vince says:

11 years ago

most likely this will be a new ATM card with a hard to copy chip inside. Some high end credit cards use this now. Maybe even biometrics? But i would not use fingerprints since its easy to fool
- Reply
JP Caparas says:

11 years ago

Security frameworks? More like usability frameworks. One example is the Unionbank EON portal being so crappy I’ve moved over to GCash for Paypal purchases.
- Reply
silentwarrior says:

11 years ago

I just don’t want to encounter an ATM machine getting BSOD while I’m withdrawing cash. That is why I do not like Windows-based ATMs.
- Reply
Reader says:

11 years ago

“ATMs”, guys! Not “ATM machines”!
- Reply
countrymouse says:

11 years ago

Automated Teller Machine machine???
- Reply
silentwarrior says:

11 years ago

I’m new to this website, ang napapansin ko lang ang daming perfectionists dito at grammar police.

Come on guys, are you really having fun correcting people’s little mistakes in the interwebs? Why not just focus with the discussion? Hindi yung puna ng puna ng kapwa commentator.
- Reply
Look says:

11 years ago

Dami nga grammar police dito just look themselves superior. I believe ATM machine is generally accepted.
- Reply

YugaGaming