FTM high value payments security

Security standards are intended to help you protect personally identifiable information (PII) and sensitive personal information (SPI). Depending on the types of data you process and the countries that you operate in, multiple standards might apply.

Examples of security standards are shown in the following list:
  • International Organization for Standardization (ISO) 27002 standard
  • Federal Information Security Management Act (FISMA)
  • National Institute of Standards and Technology - NIST 800-53a
  • Federal Financial Institutions Examination Council (FFIEC)
  • Payment Card Industry (PCI)
  • General Data Protection Regulation (GDPR)
  • Your own internal standards
Generally, these standards cover areas from security best practices to compliance requirements to how to handle data. These requirements, for example, can be about operational controls, human resource security, configuration, and auditing.

Because of the complexity and overlapping areas of the different standards, no direct mapping between a specific standard and this security information for FTM high value payments exists. Other areas that are not related to High Value Payments, such as security incident response processes or physical environmental security are not included in this information.

For more information about security for FTM on Red Hat® OpenShift®, see Security information for FTM on Red Hat OpenShift.

High Value Payments has various IBM® App Connect Enterprise workflows that depend on Financial Transaction Manager (FTM). All the security considerations that apply to FTM workflows also apply to High Value Payments. For more information about security considerations and guidelines for High Value Payments, see Financial Transaction Manager security.