BS ISO 13491-2:2017
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Financial services. Secure cryptographic devices (retail) Security compliance checklists for devices used in financial transactions
Hardcopy , PDF
27-01-2023
English
31-03-2017
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Use of security compliance checklists
Annex A (normative) - Physical, logical, and device
management characteristics common to all
secure cryptographic devices
Annex B (normative) - Devices with PIN entry functionality
Annex C (normative) - Devices with PIN management functionality
Annex D (normative) - Devices with message authentication
functionality
Annex E (normative) - Devices with key generation functionality
Annex F (normative) - Devices with key transfer and loading
functionality
Annex G (normative) - Devices with digital signature functionality
Annex H (normative) - Categorization of environments
Bibliography
Describes checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, and ISO 11568-4 in the financial services environment.
Committee |
IST/12
|
DevelopmentNote |
Supersedes 99/647212 DC. (07/2005) Supersedes 04/30104265 DC (11/2005) Supersedes 14/30265618 DC. (04/2016)
|
DocumentType |
Standard
|
Pages |
50
|
PublisherName |
British Standards Institution
|
Status |
Superseded
|
SupersededBy | |
Supersedes |
Standards | Relationship |
ISO 13491-2:2017 | Identical |
ISO/IEC 18031:2011 | Information technology Security techniques Random bit generation |
ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
ISO 11568-2:2012 | Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle |
ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
ISO 13491-1:2016 | Financial services — Secure cryptographic devices (retail) — Part 1: Concepts, requirements and evaluation methods |
ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
ISO 16609:2012 | Financial services — Requirements for message authentication using symmetric techniques |
ISO 9564-1:2017 | Financial services — Personal Identification Number (PIN) management and security — Part 1: Basic principles and requirements for PINs in card-based systems |
ISO 11568-1:2005 | Banking — Key management (retail) — Part 1: Principles |
ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
ISO 9564-2:2014 | Financial services — Personal Identification Number (PIN) management and security — Part 2: Approved algorithms for PIN encipherment |
ISO 11568-4:2007 | Banking — Key management (retail) — Part 4: Asymmetric cryptosystems — Key management and life cycle |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.