Name: ANSI X9 TR 39 : 2009
Brand: ABA

TG-3 RETAIL FINANCIAL SERVICES COMPLIANCE GUIDELINE - PART 1: PIN SECURITY AND KEY MANAGEMENT

Published date

01-12-2013

Publisher

American Bankers Association

1 Purpose and Scope
  1.1 Purpose
  1.2 Scope
2 Normative References
  2.1 References
  2.2 Terms and Definitions
3 Overview
4 Compliance Control Objectives - Symmetric Keys
  4.1 General Security Procedures Control Objectives
  4.2 Tamper Resistant Security Module Management Control
      Objectives
  4.3 General Symmetric Key Management Control Objectives
  4.4 Additional Symmetric Key Management Procedure Control
      Objectives
5 Compliance Control Objectives - Asymmetric Keys
  5.1 General Asymmetric Control Objectives
  5.2 Asymmetric Key Management Control Objectives
  5.3 Mutual Authentication Management Control Objectives
  5.4 Credential Management Control Objectives
  5.5 Additional Asymmetric Management Control Objectives
Annex A - Respondent Mapping Matrix
Annex B - Compliance Exception Form

Pertains to all organizations using the Triple Data Encryption Algorithm û TDEA (Reference 7) for the encryption of PINs used for retail financial services such as POS and ATM transactions, messages among retailers and financial institutions, and interchange messages among acquirers, switches and card issuers.

DevelopmentNote	Supersedes ANSI X9/TG-3. (07/2009)
DocumentType	Standard
PublisherName	American Bankers Association
Status	Current
Supersedes	ANSI X9/TG-3 : 2006

ANSI X9.57 : 1997	PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY: CERTIFICATE MANAGEMENT
ANSI X9.80 : 2005(R2013)	PRIME NUMBER GENERATION, PRIMALITY TESTING, AND PRIMALITY CERTIFICATES
ANSI X9.8-1 : 2015	FINANCIAL SERVICES - PERSONAL IDENTIFICATION NUMBER (PIN) MANAGEMENT AND SECURITY - PART 1: BASIC PRINCIPLES AND REQUIREMENTS FOR PINS IN CARD-BASED SYSTEMS
ISO 11568-2:2012	Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle
ANSI X9.65 : 2004	TRIPLE DATA ENCRYPTION ALGORITHM (TDEA), IMPLEMENTATION STANDARD
ANSI X9.102 : 2008(R2017)	FINANCIAL SERVICES - SYMMETRIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY - WRAPPING OF KEYS AND ASSOCIATED DATA
ISO 13491-2:2017	Financial services — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions
ANSI X9.52 : 1998	TRIPLE DATA ENCRYPTION ALGORITHM MODES OF OPERATION
ISO 16609:2012	Financial services — Requirements for message authentication using symmetric techniques
ANSI X9.24-1 : 2017	RETAIL FINANCIAL SERVICES - SYMMETRIC KEY MANAGEMENT - PART 1: USING SYMMETRIC TECHNIQUES
ANSI X9.44 : 2007	FINANCIAL SERVICES - PUBLIC-KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY - KEY ESTABLISHMENT USING INTEGER FACTORIZATION CRYPTOGRAPHY
ANSI X9.79-1 : 2001	FINANCIAL SERVICES PUBLIC KEY INFRASTRUCTURE - PART 1: PKI PRACTICES AND POLICY FRAMEWORK
ANSI INCITS 92 : 1981	DATA ENCRYPTION ALGORITHM
ANSI X9.63 : 2011	FINANCIAL SERVICES - PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY, KEY AGREEMENT AND KEY TRANSPORT USING ELLIPTIC CURVE CRYPTOGRAPHY
ANSI X9.42 : 2003(R2013)	PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES: AGREEMENT OF SYMMETRIC KEYS USING DISCRETE LOGARITHM CRYPTOGRAPHY

View more information

Sorry this product is not available in your region.

Access your standards online with a subscription

Features

Simple online access to standards, technical information and regulations.
Critical updates of standards and customisable alerts and notifications.
Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

Get in touch with us

Log into your Account

ANSI X9 TR 39 : 2009

Current

Table of Contents

Abstract

General Product Information

Standards Referencing This Book

Category

Subcategory

Access your standards online with a subscription