Cyber security: protecting e-commerce and online banking transactions

A new international standard ISO/IEC 29128-1:2023, Information security, cybersecurity and privacy protection — Verification of cryptographic protocols — Part 1: Framework, will enhance the security of online transactions, including banking, e-commerce and email. This standard is intended to support all systems and applications that rely on cryptographic protocols.

Cryptography enables secure communication by ensuring the confidentiality, integrity and authenticity of the information being transmitted. Confidentiality means that only the intended recipient can access the information, integrity that the information has not been changed during transmission, and authenticity that the sender of the information has been verified.

Designing and implementing a cryptographic protocol that meets all security requirements is a challenge for experts in the field, as it is a complex set of rules and procedures that govern secure communication between two or more parties over a network. ISO/IEC 29128-1:2023 provides a framework for the verification of cryptographic protocol specifications based on academic and industry best practices. It also proposes a clearly defined verification process based on well-founded scientific methods. This new standard is designed to provide objective evidence that a protocol meets security-related requirements. The basis of the verification protocol described in the standard are state-of-the-art protocol modelling techniques.

The whole article is available on IEC web site: https://iec.ch/blog/cyber-security-new-isoiec-standard-helps-protect-e-commerce-and-online-banking