• There are no items in your cart

I.S. CWA 14174-3:2004

Withdrawn
Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

FINANCIAL TRANSACTIONAL IC CARD READER (FINREAD) - PART 3: SECURITY REQUIREMENTS
Available format(s)

Hardcopy , PDF

Withdrawn date

12-13-2004

Language(s)

English

Published date

04-27-2004

Preview

Foreword
1 Scope
2 Normative references
3 Definitions and abbreviations
  3.1 Definitions
  3.2 Abbreviations
4 Assumptions and countermeasures
  4.1 Assumptions
      4.1.1 FCR general assumptions
      4.1.2 FCR environment assumptions
  4.2 Countermeasures
5 Security requirements
  5.1 Hardware security requirements
  5.2 Core software security requirements
6 Specification of implementation
  6.1 Secure downloading
      6.1.1 Digital signature calculation
      6.1.2 Signature verification
      6.1.3 Minimum data and parameters signed
  6.2 Software integrity
  6.3 FCR authentication
      6.3.1 FCR signature calculation
      6.3.2 FCR ID
      6.3.3 FCR authentication public key certificate
7 Key management
  7.1 Overview of certification schemes
      7.1.1 Hierarchical tree
      7.1.2 Cross-certification
  7.2 Keys used for software download
      7.2.1 FCR public root keys
      7.2.2 Public keys used for software download
      7.2.3 Public key certificates
      7.2.4 FCR Master Key
      7.2.5 Summary
  7.3 Keys used for FCR authentication key
      7.3.1 Authentication public key certificates
  7.4 Summary of FCR keys
  7.5 Length of the keys
8 Cryptographic functions/random number generator
  8.1 Cryptographic functions
  8.2 Random number generation

Specifies security requirements for the different components of the FINREAD card reader.

DocumentType
Standard
Pages
29
PublisherName
National Standards Authority of Ireland
Status
Withdrawn
Supersedes

ISO 13491-2:2017 Financial services — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions
ANSI X9.52 : 1998 TRIPLE DATA ENCRYPTION ALGORITHM MODES OF OPERATION
ISO 13491-1:2016 Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods
ISO 8731-1:1987 Banking Approved algorithms for message authentication Part 1: DEA
ISO 9564-1:2017 Financial services — Personal Identification Number (PIN) management and security — Part 1: Basic principles and requirements for PINs in card-based systems

View more information
US$70.16
Excluding Tax where applicable

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.