Central Bank of Jordan - E-KYC Overview
KYC, or Know Your Customer, is the mandatory process, conducted by businesses and institutions, of identifying and verifying the identity of the client when initiating the business relationship, and periodically over time.
eKYC, on the other hand, is the expression used to describe the digitalization and electronic and online conception of KYC processes. eKYC (Electronic Know Your Customer) is the remote, paperless process that minimizes the costs and traditional bureaucracy necessary in KYC processes.
The primary stakeholders of the service are:
1All financial institutions licensed by the Central Bank of Jordan (Banks, payment service providers, system operators, exchange companies, etc..), as well as other entities licensed by the Jordanian Government (Mobile Network Operators, Insurance Companies...).
2Government agencies acting as identity data providers.
3Private Sector companies including Telecoms.
E-KYC Cyber Security Architecture Review
The systems, network’s infrastructure and architecture security is the foundation that all of your security is based upon. Therefore, each network device must be well secured, and the architecture properly designed. Many risks can be mitigated simply by implementing a secure-by-design architecture.
ScanWave experts can help by performing detailed analyses on current network architecture to identify all vulnerabilities by using a comprehensive approach to ensure that malicious intruders do not gain access to your critical assets.
During this review ScanWave team will assess the security architecture of your company's infrastructure. ScanWave experts will evaluates the current design structure of various security control mechanisms in place to determine their effectiveness and alignment with your company's security goals. Our process takes a careful look at the strengths and weaknesses in your IT technical security architecture.
E-KYC Data Mapping, Classification and Protection
Data mapping identifies the personal data that is collected, created, received, processed, stored, and shared by an organization. It provides a view of how that personal data moves around the various internal/ external processes/ applications/systems.
ScanWave provide the below for data mapping and classification:
- Map data flows across the business from collection of data, transfer to third parties' backups, storage & deletion.
- Carry out a baseline assessment of the 9 Domains to identify where there are gaps against GDRP requirements.
- Identify Privacy risks and solutions for projects, services, processes, systems and applications.
- IT systems, infrastructures, networks and processes.
- Electronic service delivery channels.
- External dependencies on third-parties.
ScanWave EU GDPR Privacy by Design Overview
ScanWave services for privacy and specifically around GDPR focus typically include the following services:
- Is a concept that integrates privacy into the creation and operation of new solutions, devices, IT systems, network, security and infrastructure, and even corporate policies. Developing and integrating privacy solutions in the early phases of a project identifies any potential problems at an early stage to prevent them in the long run.
- Any action a company undertakes that involves processing personal data must be done with data protection and privacy in mind at every step. This includes internal projects, product development, software development, IT systems.