• There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Dismiss alert

BS ISO 13491-2:2017

Superseded
Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by
superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

Financial services. Secure cryptographic devices (retail) Security compliance checklists for devices used in financial transactions
Available format(s)

Hardcopy , PDF

Superseded date

27-01-2023

Language(s)

English

Published date

31-03-2017

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Use of security compliance checklists
Annex A (normative) - Physical, logical, and device
        management characteristics common to all
       secure cryptographic devices
Annex B (normative) - Devices with PIN entry functionality
Annex C (normative) - Devices with PIN management functionality
Annex D (normative) - Devices with message authentication
        functionality
Annex E (normative) - Devices with key generation functionality
Annex F (normative) - Devices with key transfer and loading
        functionality
Annex G (normative) - Devices with digital signature functionality
Annex H (normative) - Categorization of environments
Bibliography

Describes checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, and ISO 11568-4 in the financial services environment.

Committee
IST/12
DevelopmentNote
Supersedes 99/647212 DC. (07/2005) Supersedes 04/30104265 DC (11/2005) Supersedes 14/30265618 DC. (04/2016)
DocumentType
Standard
Pages
50
PublisherName
British Standards Institution
Status
Superseded
SupersededBy
Supersedes

Standards Relationship
ISO 13491-2:2017 Identical

ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
ISO 11568-2:2012 Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle
ISO/IEC 15408-3:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components
ISO 13491-1:2016 Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods
ISO/IEC 19790:2012 Information technology Security techniques Security requirements for cryptographic modules
ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
ISO 9564-1:2017 Financial services — Personal Identification Number (PIN) management and security — Part 1: Basic principles and requirements for PINs in card-based systems
ISO 11568-1:2005 Banking — Key management (retail) — Part 1: Principles
ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
ISO 9564-2:2014 Financial services — Personal Identification Number (PIN) management and security — Part 2: Approved algorithms for PIN encipherment
ISO 11568-4:2007 Banking — Key management (retail) — Part 4: Asymmetric cryptosystems — Key management and life cycle

View more information
£246.00
Excluding VAT

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.