ANSI X9 TR 39 : 2009
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
TG-3 RETAIL FINANCIAL SERVICES COMPLIANCE GUIDELINE - PART 1: PIN SECURITY AND KEY MANAGEMENT
15-06-2024
12-01-2013
1 Purpose and Scope
1.1 Purpose
1.2 Scope
2 Normative References
2.1 References
2.2 Terms and Definitions
3 Overview
4 Compliance Control Objectives - Symmetric Keys
4.1 General Security Procedures Control Objectives
4.2 Tamper Resistant Security Module Management Control
Objectives
4.3 General Symmetric Key Management Control Objectives
4.4 Additional Symmetric Key Management Procedure Control
Objectives
5 Compliance Control Objectives - Asymmetric Keys
5.1 General Asymmetric Control Objectives
5.2 Asymmetric Key Management Control Objectives
5.3 Mutual Authentication Management Control Objectives
5.4 Credential Management Control Objectives
5.5 Additional Asymmetric Management Control Objectives
Annex A - Respondent Mapping Matrix
Annex B - Compliance Exception Form
Pertains to all organizations using the Triple Data Encryption Algorithm û TDEA (Reference 7) for the encryption of PINs used for retail financial services such as POS and ATM transactions, messages among retailers and financial institutions, and interchange messages among acquirers, switches and card issuers.
| DevelopmentNote |
Supersedes ANSI X9/TG-3. (07/2009)
|
| DocumentType |
Standard
|
| PublisherName |
American Bankers Association
|
| Status |
Withdrawn
|
| Supersedes |
| ANSI X9.57 : 1997 | PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY: CERTIFICATE MANAGEMENT |
| ANSI X9.80 : 2005(R2013) | PRIME NUMBER GENERATION, PRIMALITY TESTING, AND PRIMALITY CERTIFICATES |
| ANSI X9.8-1 : 2015 | FINANCIAL SERVICES - PERSONAL IDENTIFICATION NUMBER (PIN) MANAGEMENT AND SECURITY - PART 1: BASIC PRINCIPLES AND REQUIREMENTS FOR PINS IN CARD-BASED SYSTEMS |
| ISO 11568-2:2012 | Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle |
| ANSI X9.65 : 2004 | TRIPLE DATA ENCRYPTION ALGORITHM (TDEA), IMPLEMENTATION STANDARD |
| ANSI X9.102 : 2008(R2017) | Symmetric Key Cryptography For The Financial Services Industry - Wrapping Of Keys And Associated Data |
| ISO 13491-2:2017 | Financial services — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions |
| ANSI X9.52 : 1998 | TRIPLE DATA ENCRYPTION ALGORITHM MODES OF OPERATION |
| ISO 16609:2012 | Financial services — Requirements for message authentication using symmetric techniques |
| ANSI X9.24-1 : 2017 | RETAIL FINANCIAL SERVICES - SYMMETRIC KEY MANAGEMENT - PART 1: USING SYMMETRIC TECHNIQUES |
| ANSI X9.44:2007 | FINANCIAL SERVICES - PUBLIC-KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY - KEY ESTABLISHMENT USING INTEGER FACTORIZATION CRYPTOGRAPHY |
| ANSI X9.79-1 : 2001 | FINANCIAL SERVICES PUBLIC KEY INFRASTRUCTURE - PART 1: PKI PRACTICES AND POLICY FRAMEWORK |
| ANSI INCITS 92 : 1981 | DATA ENCRYPTION ALGORITHM |
| ANSI X9.63 : 2011 | FINANCIAL SERVICES - PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY, KEY AGREEMENT AND KEY TRANSPORT USING ELLIPTIC CURVE CRYPTOGRAPHY |
| ANSI X9.42 : 2003(R2013) | PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES: AGREEMENT OF SYMMETRIC KEYS USING DISCRETE LOGARITHM CRYPTOGRAPHY |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.