3.1.   FS-ISAC/FDX (Anoop)

• Don and Don met on Monday.
• They are signing liaison agreement next week.

• FDX is creating a certification program for the data part. They have funding.

  • They are using OIDF's security certifications.

• Nat asked about who is going to be tested: whether only Banks or TPPs as well. From his perspectives, TPPs testing is very important as it is part of the whole security solution that if their implementation is not secured properly, bad things will happen. Tony and Anoop agreed. Anoop will report the development in the next call.

3.2.   W3C (Tony)

Tony reported that there is another area that is being created at W3C related to PCI and PSD2. The charter is still not clear but we have to liaise closely with them so that it will not create yet another fragmentation.

5.1.   Self-issued Provider (Tony/Edmund)

Tony asked about the Self-issued OP work that Edmund is doing on IOS whether it is using CredMan on Browser. Currently, the work is not using the browser at all but is a native app and export code is not using the Credential Manager. Nat pointed out that the current project is based on the code base that is 5 years old and if there is any idea around making use of new browser features in implementing SIOP, we should look at it. Tony agreed to it.

5.2.   Next Call

Next call will be an Atlantic Call. Next Pacific call will be in two weeks.

• The meeting was adjourned at 23:28 UTC.