• There are no items in your cart

AS 2805.3.1-2008

Current

Current

The latest, up-to-date edition.

Electronic funds transfer - Requirements for interfaces PIN management and security - General (Reconfirmed 2019)

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Published date

04-04-2008

€65.33
Excluding VAT

Specifies the minimum security measures required for effective pin management.

Committee
IT-005
DocumentType
Standard
ISBN
0 7337 8613 8
Pages
25
ProductNote
Reconfirmation Notice 28/06/2019 Reconfirmed 28/06/2019.
This standard has been reconfirmed in Australia in 2019 and remains current in New Zealand.
PublisherName
Standards Australia
Status
Current
Supersedes

This Standard specifies the minimum security measures required for effective PIN management. Standard means of interchanging PIN data are provided. This Standard does not cover the following:(a) rotection of the PIN against loss or intentional misuse by the customer or authorized employees of the issuer.(b) Privacy of non-PIN transaction data (see AS 2805.9).(c) Protection of transaction messages against alteration or substitution, e.g. an authorization response to a PIN verification (see AS 2805.4.1).(d) Protection against replay of the PIN or transaction.(e) Specific key management techniques (see AS 2805.6 series).(f) PIN management and security for transactions in which the PIN is locally verified by an integrated circuit card.(g) The use of asymmetric encipherment algorithms for PIN management.NOTES:1 For a detailed discussion on the need for PIN protection, see Appendix A.2 Further information on PIN management for security is given in Appendices A and C.

Originated as part of AS 2805.3-1985.
Previous edition part of AS 2805.3-2000.
Revised in part and redesignated as AS 2805.3.1-2008.
Reissued incorporating Amendment No. 1 (February 2011).

AS 3523.2-1998 Identification cards - Identification of issuers - Application and registration procedures
AS 3523.3-2000 Identification cards - Identification of issuers Australian national numbering system and registration procedures (Reconfirmed 2013)
AS 2805.5.4-2000 Electronic funds transfer - Requirements for interfaces Ciphers - Data encipherment algorithm 3 (DEA 3) and related techniques
AS 2805.9-2000 Electronic funds transfer - Requirements for interfaces Privacy of communications (Reconfirmed 2013)
AS 2805.3.2-2008 Electronic funds transfer - Requirements for interfaces PIN management and security - Offline (Reconfirmed 2019)
AS 2805.14.2-2003 Electronic funds transfer - Requirements for interfaces Secure cryptographic devices (retail) - Security compliance checklists for devices used in magnetic stripe card systems
AS 3523.1-2006 Identification cards - Identification of issuers Numbering system
AS 2805.14.1-2000 Electronic funds transfer - Requirements for interfaces Secure cryptographic devices (retail) - Concepts, requirements and evaluation methods
AS 2805.4.1-2001 Electronic funds transfer - Requirements for interfaces Message authentication - Mechanisms using a block cipher (Reconfirmed 2016)

AS 2805.6.7-2011 Electronic funds transfer - Requirements for interfaces Key management - Transaction keys - Derived unique key per transaction (DUKPT) (Reconfirmed 2023)
AS 2805.3.2-2008 Electronic funds transfer - Requirements for interfaces PIN management and security - Offline (Reconfirmed 2019)

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.