Skip to content
Please enter a keyword to search

  • BS ISO 13491-2:2017

    View superseded by
    Superseded A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
    View superseded by

    Financial services. Secure cryptographic devices (retail) Security compliance checklists for devices used in financial transactions

    Available format(s):  Hardcopy, PDF

    Superseded date:  27-01-2023

    Language(s):  English

    Published date:  31-03-2017

    Publisher:  British Standards Institution

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    Foreword
    Introduction
    1 Scope
    2 Normative references
    3 Terms and definitions
    4 Use of security compliance checklists
    Annex A (normative) - Physical, logical, and device
            management characteristics common to all
           secure cryptographic devices
    Annex B (normative) - Devices with PIN entry functionality
    Annex C (normative) - Devices with PIN management functionality
    Annex D (normative) - Devices with message authentication
            functionality
    Annex E (normative) - Devices with key generation functionality
    Annex F (normative) - Devices with key transfer and loading
            functionality
    Annex G (normative) - Devices with digital signature functionality
    Annex H (normative) - Categorization of environments
    Bibliography

    Abstract - (Show below) - (Hide below)

    Describes checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, and ISO 11568-4 in the financial services environment.

    General Product Information - (Show below) - (Hide below)

    Committee IST/12
    Development Note Supersedes 99/647212 DC. (07/2005) Supersedes 04/30104265 DC (11/2005) Supersedes 14/30265618 DC. (04/2016)
    Document Type Standard
    Publisher British Standards Institution
    Status Superseded
    Superseded By
    Supersedes

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
    ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
    ISO 11568-2:2012 Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle
    ISO/IEC 15408-3:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components
    ISO 13491-1:2016 Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods
    ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
    ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
    ISO 9564-1:2017 Financial services — Personal Identification Number (PIN) management and security — Part 1: Basic principles and requirements for PINs in card-based systems
    ISO 11568-1:2005 Banking — Key management (retail) — Part 1: Principles
    ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
    ISO 9564-2:2014 Financial services — Personal Identification Number (PIN) management and security — Part 2: Approved algorithms for PIN encipherment
    ISO 11568-4:2007 Banking — Key management (retail) — Part 4: Asymmetric cryptosystems — Key management and life cycle
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective