KARACHI: The State Bank of Pakistan (SBP) has decided to adopt network level security by implementing the ‘Virtual Private Network (VPN) technology’ for Data Acquisition Portal (DAP) connectivity aimed at further strengthening the system’s security.

The SBP had launched the Data Acquisition Portal (DAP) in 2011 to centralize data reporting from its regulated financial institutions. Over the years, DAP’s access mechanism has been strengthened by using state of the art technology with a view to enhance its security.

At present, DAP access for all users is secured using Multi-Factor Authentication that includes User ID, Password and client-side Digital Certificate. Most recently, SBP also implemented a One-Time Password (OTP) delivered through SMS on users’ registered mobile numbers.

SBP revises three reporting returns at DAP

Now, in order to further enhance the overall security of DAP, SBP has decided to apply network level security by implementing the Virtual Private Network (VPN) technology, wef, Jan 1, 2024. Accordingly, all DAP users are required to have a valid Multi-Factor Authentication (MFA) account to access DAP. According to SBP, users do not have a valid MFA account will not be able to access DAP after January 1, 2024.

Accordingly, SBP has advised the Regulated Entities (REs) to make necessary arrangements for providing MFA accounts to their authorized DAP users before the given date.

The SBP has said that all REs are also encouraged to rationalize the number of DAP users. This will not only simplify the user management process but also enhance the efficiency and effectiveness of support operations both at SBP and REs.

Copyright Business Recorder, 2023