• Shopping Cart
    There are no items in your cart

AS 2805.10.2-2003

Withdrawn

Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

Electronic funds transfer - Requirements for interfaces Secure file transfer (retail) (ISO 15668:1999, MOD)

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Withdrawn date

30-06-2017

Language(s)

English

Published date

18-03-2003

€92.72
Excluding VAT

This Standard specifies the different kinds of file transfer used in the retail banking environment. The Standard has modifications for Australian conditions set out in Annex ZA.

Committee
IT-005
DocumentType
Standard
ISBN
0 7337 5056 7
Pages
35
PublisherName
Standards Australia
Status
Withdrawn
Supersedes

In contrast to file transfers in a wholesale banking environment characterised by exchanges of large volume, between mainframes, in a relatively high-security environment ("bulk file transfers"); those in a retail banking environment are characterised by low volumes and a lower degree of reliability of environment in which downloaded devices are operated. Such devices may be, but not limited to, an electronic point of sale terminal (EPOS), an automated vending machine (AVM), an automated teller machine (ATM), or a merchant server in communication with payment gateways.It is assumed that a pre-established relationship exists between the entities involved in the secure file transfer, especially to cover the legal and commercial aspects related to the file transfer liabilities.This International Standard applies to the different kinds of file transfer used in retail banking environment, but does not cover transaction messages identified in ISO 8583.The transfer may require timeliness, and requires at least one of the following security services:- message origin authentication;- receiver authentication;- integrity;- confidentiality;- non repudiation of origin;- non repudiation of delivery;- auditability.It is assumed that all data forwarded by the originator shall have been confirmed as legitimate and correct prior to the transfer.The different types of files to be transferred could contain:- software;- the retail transactions which have been performed and registered, (uploading);- technical data related to an acquirer (access parameters...), (downloading);- application data related to an acquirer (BIN list, hot list, ...), (downloading).Characteristics of such file transfers are the following:a) the type ofdata tobe transferred canbe- non-secret data (collection of retail transactions, technical data and application data); or- secret data.b) the number of entities to receive the data can be:- one;- more than one (broadcast with even thousands of receivers).c) the communication channels can consist of one or both of the following examples:- telecommunication: public network, private network;d) the nature of the transfer can be:- direct-connect, real-time transfer (also known as circuit switching ); or- store-and-forward transfer (also known as message switching).NOTE This International Standard considers the security service during the transfer. Requirements to ensure that transferred files have not been altered after transfer achievement are outside the scope of this International Standard.

Standards Relationship
ISO 15668:1999 Identical

First published as AS 2805.10.2-2003.

AS 2805.6.6-2006 Electronic funds transfer - Requirements for interfaces Key management - Session keys - Node to node with KEK replacement

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.