The GSMA Mobile Money API Compliance Verification Service is designed to support mobile money providers and third-party service providers who wish to comply with the harmonised industry specification on best practice in design and security. It grants a ‘GSMA Mobile Money API Compliant’ mark to API providers that demonstrate compliance with this industry specification. Compliance is determined by establishing that an API provider has implemented the API for use cases which are relevant to their business, and that they have met baseline security conformance for operational and API security.
API providers who can demonstrate compliance will benefit from enhanced trust in their solutions, helping them to attract third-party service providers to their platform, by proving adherence to best practice in flexibility, scalability and security. Third-party service providers who wish to integrate with the API provider will in turn benefit from greater confidence and clarity during the integration process, and from greater prospects for scale upon integration.
The Compliance Verification Service currently supports the API versions 1.1 and 1.2, and use cases described here. It will consider all use cases supported by the GSMA Mobile Money API Specification as the industry continues to expand its adoption of the API, and as the specification itself evolves. If you are interested in achieving compliance for use cases not currently in scope, please register your interest here.
The GSMA Mobile Money API Compliance Platform allows you to test your software implementation across the supported use cases. When you execute a test case, the platform will give you full details of the test results, including details on any errors for further investigation. The platform will also allow you to conduct a use case test suite in compliance mode, where the test suite results will be shared with the GSMA for verification.
Compliance Application Process