ISO 9564-3-2003 银行业务.个人识别代码的管理和安全.第3部分:在ATM和POS系统中的离线PIN操作的要求
作者:标准资料网
时间:2024-05-08 05:27:04
浏览:9848
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Banking-PersonalIdentificationNumbermanagementandsecurity-Part3:RequirementsforofflinePINhandlinginATMandPOSsystems
【原文标准名称】:银行业务.个人识别代码的管理和安全.第3部分:在ATM和POS系统中的离线PIN操作的要求
【标准号】:ISO9564-3-2003
【标准状态】:作废
【国别】:国际
【发布日期】:2003-11
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/TC68
【标准类型】:()
【标准水平】:()
【中文主题词】:数据保护;银行业务;安全;银行帐户;识别号;银行;识别卡;识别证;银行信用卡;安全要求;编码;人员识别号;定义;离线;数据交换;数据安全;信息交换;PIN;自动提款机
【英文主题词】:Automaticmoneydispenser;Bankaccounts;Bankcards;Bankoperations;Banks;Coding;Dataexchange;Dataprotection;Datasecurity;Definitions;Identificationnumbers;Identitycards;Informationinterchange;Off-line;PIN;Safety;Safetyrequirements
【摘要】:ThispartofISO9564specifiestheminimumsecuritymeasuresrequiredforofflinePersonalIdentificationNumber(PIN)handlingandastandardmeansofinterchangingPINdatainanofflineenvironment.Itisapplicabletofinancialtransaction,card-originatedtransactionsrequiringofflinePINverification,andtothoseinstitutionsresponsibleforimplementingtechniquesforthemanagementandprotectionofthePINatAutomatedTellerMachines(ATMs)andacquirersponsoredPoint-of-Sale(POS)terminals.ThispartofISO9564isnotapplicabletoa)PINmanagementandsecurityintheonlinePINenvironment,whichiscoveredinISO9564-1,b)approvedalgorithmsforPINencipherment,whicharecoveredinISO9564-2,c)theuseofPJNsinanopennetworkenvironment,whichistobecoveredinISO9564-4,d)theprotectionofthePINagainstlossorintentionalmisusebythecustomerorauthorizedemployeesoftheissuerortheiragents,e)privacyofnon-PINtransactiondata,f)protectionoftransactionmessagesagainstalterationorsubstitution,e.g.anonlineauthorizationresponse,g)protectionagainstreplayofthePINortransaction,h)specifickeymanagementtechniques,i)thedecisionastowhethertheICcardistoreceivethePINenciphered,j)contactlessICcards.ThebasicprinciplesofPINmanagementdescribedinClause4ofISO9564-1:2002areapplicableandnormativetothispartofISO9564.Requirementsassociatedwithmulti-applicationICcardsareconsideredtobetheresponsibilityoftheissuerandarenotincluded.ThispartofISO9564isframedintermsapplicabletoICcardtechnology,however,bythisitisnotintendedtorestrictitsapplicabilitytoICcardtechnology.
【中国标准分类号】:A11
【国际标准分类号】:35_240_40
【页数】:5P.;A4
【正文语种】:英语
【原文标准名称】:银行业务.个人识别代码的管理和安全.第3部分:在ATM和POS系统中的离线PIN操作的要求
【标准号】:ISO9564-3-2003
【标准状态】:作废
【国别】:国际
【发布日期】:2003-11
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/TC68
【标准类型】:()
【标准水平】:()
【中文主题词】:数据保护;银行业务;安全;银行帐户;识别号;银行;识别卡;识别证;银行信用卡;安全要求;编码;人员识别号;定义;离线;数据交换;数据安全;信息交换;PIN;自动提款机
【英文主题词】:Automaticmoneydispenser;Bankaccounts;Bankcards;Bankoperations;Banks;Coding;Dataexchange;Dataprotection;Datasecurity;Definitions;Identificationnumbers;Identitycards;Informationinterchange;Off-line;PIN;Safety;Safetyrequirements
【摘要】:ThispartofISO9564specifiestheminimumsecuritymeasuresrequiredforofflinePersonalIdentificationNumber(PIN)handlingandastandardmeansofinterchangingPINdatainanofflineenvironment.Itisapplicabletofinancialtransaction,card-originatedtransactionsrequiringofflinePINverification,andtothoseinstitutionsresponsibleforimplementingtechniquesforthemanagementandprotectionofthePINatAutomatedTellerMachines(ATMs)andacquirersponsoredPoint-of-Sale(POS)terminals.ThispartofISO9564isnotapplicabletoa)PINmanagementandsecurityintheonlinePINenvironment,whichiscoveredinISO9564-1,b)approvedalgorithmsforPINencipherment,whicharecoveredinISO9564-2,c)theuseofPJNsinanopennetworkenvironment,whichistobecoveredinISO9564-4,d)theprotectionofthePINagainstlossorintentionalmisusebythecustomerorauthorizedemployeesoftheissuerortheiragents,e)privacyofnon-PINtransactiondata,f)protectionoftransactionmessagesagainstalterationorsubstitution,e.g.anonlineauthorizationresponse,g)protectionagainstreplayofthePINortransaction,h)specifickeymanagementtechniques,i)thedecisionastowhethertheICcardistoreceivethePINenciphered,j)contactlessICcards.ThebasicprinciplesofPINmanagementdescribedinClause4ofISO9564-1:2002areapplicableandnormativetothispartofISO9564.Requirementsassociatedwithmulti-applicationICcardsareconsideredtobetheresponsibilityoftheissuerandarenotincluded.ThispartofISO9564isframedintermsapplicabletoICcardtechnology,however,bythisitisnotintendedtorestrictitsapplicabilitytoICcardtechnology.
【中国标准分类号】:A11
【国际标准分类号】:35_240_40
【页数】:5P.;A4
【正文语种】:英语
下载地址:
点击此处下载