Customer Support: +1 416-401-8730

Login to i2i Subscription Intertek.com
  • There are no items in your cart
Please enter a keyword to search
Advanced search
Home
AS
AS 2805.14.2-2003

AS 2805.14.2-2003

Superseded

Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by
superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

Electronic funds transfer - Requirements for interfaces Secure cryptographic devices (retail) - Security compliance checklists for devices used in magnetic stripe card systems

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Superseded date

06-30-2017

Language(s)

English

Published date

01-01-2003

Publisher

Standards Australia

Preview

1 - AS 2805.14.2-2003 ELECTRONIC FUNDS TRANSFER-REQUIREMENTS FOR INTERFACES - SECURE CRYPTOGRAPHIC DEVICES (RETAIL)-SECURITY...
4 - PREFACE
6 - CONTENTS
7 - 1 Scope
7 - 2 Normative references
8 - 3 Terms and definitions
8 - 3.1 accredited evaluation authority
8 - 3.2 attack
8 - 3.3 audit report
8 - 3.4 audit review body
8 - 3.5 auditor
8 - 3.6 device security
8 - 3.7 evaluation agency
8 - 3.8 evaluation report
8 - 3.9 evaluation review body
8 - 3.10 formal claims
8 - 3.11 logical security
8 - 3.12 operational environment
9 - 3.13 physical security
9 - 3.14 secure cryptographic device SCD
9 - 3.15 secure operator interface
9 - 3.16 security compliance checklist
9 - 3.17 sensitive data sensitive information
9 - 3.18 sensitive state
9 - 3.19 software
9 - 3.20 sponsor sponsoring authority
9 - 3.21 tamper-evident characteristic
9 - 3.22 tamper-resistant characteristic
9 - 3.23 tamper-responsive characteristic
9 - 4 Use of security compliance checklists
9 - 4.1 General
10 - 4.2 Informal evaluation
10 - 4.3 Semi-formal evaluation
10 - 4.4 Formal evaluation
10 - 5 Summary
11 - Annex A - Physical, logical and device management characteristics common to all secure cryptographic devices
11 - A.1 General
11 - A.2 Device characteristics
15 - A.3 Device management
18 - Annex B - Devices with PIN entry functionality
18 - B.1 General
18 - B.2 Device characteristics
19 - B.3 Device management
21 - Annex C - Devices with PIN management functionality
21 - C.1 General
21 - C.2 Device characteristics
22 - C.3 Device management
23 - Annex D - Devices with message authentication functionality
23 - D.1 General
24 - D.2 Logical security device characteristics
25 - Annex E - Devices with key generation functionality
25 - E.1 General
25 - E.2 Device characteristics
27 - E.3 Device management
28 - Annex F - Devices with key transfer and loading functionality
28 - F.1 General
28 - F.2 Device characteristics
30 - F.3 Device management
32 - Annex G - Devices with digital signature functionality
32 - G.1 General
32 - G.2 Device management
34 - Annex H - Categorization of environments
34 - H.1 General
34 - H.2 Uncontrolled environments
34 - H.3 Minimally controlled environments
34 - H.4 Controlled environments
35 - H.5 Secure environments

This Standard provides a security compliance checklist for evaluating secure cryptographic devices (SCDs) used in magnetic stripe systems in accordance with AS 2805.14.1:2000.

This part of ISO 13491 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes, as specified in ISO 9564, ISO 9807 and ISO 11568, in a magnetic stripe card environment. It does not specify checklists for SCDs used in an integrated circuit card (ICC) environment.This part of ISO 13491 does not address issues arising from the denial of service of a SCD.In the checklists given in annexes A to H, the term “not feasible” is intended to convey the notion that although a particular attack might be technically possible it would not be economically prudent, since carrying out the attack would cost more than any benefits obtained from a successful attack. In addition to attacks for purely economic gain, malicious attacks directed toward loss of reputation need to be considered.

Committee
IT-005
DocumentType
Standard
ISBN
0 7337 5058 3
Pages
30
PublisherName
Standards Australia
Status
Superseded
SupersededBy
Supersedes
UnderRevision

Standards Relationship
ISO 13491-2:2000 Identical

First published as AS 2805.14.2-2003.

AS 2805.10.1-2004 Electronic funds transfer - Requirements for interfaces File transfer integrity validation
AS 2805.6.6-2006 Electronic funds transfer - Requirements for interfaces Key management - Session keys - Node to node with KEK replacement
AS 2805.3.1-2008 Electronic funds transfer - Requirements for interfaces PIN management and security - General (Reconfirmed 2019)
AS 2805.3.2-2008 Electronic funds transfer - Requirements for interfaces PIN management and security - Offline (Reconfirmed 2019)

View more information
US$96.22
Excluding Tax where applicable
USD
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF 1 User - English
PDF 3 Users - English
PDF 5 Users - English
PDF 9 Users - English
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

or

Get in touch with us