Customer Support: +1 416-401-8730

Login to i2i Subscription Intertek.com
  • There are no items in your cart
Please enter a keyword to search
Advanced search
Home
AS
AS ISO 13491.2:2019

AS ISO 13491.2:2019

Current

Current

The latest, up-to-date edition.

Financial services - Secure cryptographic devices (retail) Security compliance checklists for devices used in financial transactions

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Language(s)

English

Published date

03-12-2019

Publisher

Standards Australia

Preview

The objective of this Standard is to specify checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564‑1, ISO 9564‑2, ISO 16609, AS 2805.6.1.1 (identical adoption of ISO 11568‑1), AS 2805.6.1.2 (identical adoption of ISO 11568‑2), and AS 2805.6.1.4 (identical adoption of ISO 11568‑4), in the financial services environment.

This document specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, and ISO 11568-4 in the financial services environment. Integrated circuit (IC) payment cards are subject to the requirements identified in this document up until the time of issue after which they are to be regarded as a “personal” device and outside of the scope of this document.
This document does not address issues arising from the denial of service of an SCD.
In the checklists given in Annex A to Annex H, the term “not feasible” is intended to convey the notion that although a particular attack might be technically possible, it would not be economically viable since carrying out the attack would cost more than any benefits obtained from a successful attack. In addition to attacks for purely economic gain, malicious attacks directed toward loss of reputation need to be considered.

Committee
IT-005
DocumentType
Standard
ISBN
978 1 76072 369 9
Pages
38
PublisherName
Standards Australia
Status
Current
Supersedes

Standards Relationship
ISO 13491-2:2017 Identical

Originated as AS 2805.14.2-2003.
Previous edition 2009.
Revised and redesignated as AS ISO 13491.2:2019. Originated as AS 2805.14.2-2003. Previous edition 2009. Revised and redesignated as AS ISO 13491.2:2019.

ISO 13491-1:2016 Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods
ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
ISO 11568-2:2012 Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle
ISO 11568-4:2007 Banking — Key management (retail) — Part 4: Asymmetric cryptosystems — Key management and life cycle
ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
ISO/IEC 15408-3:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components
ISO 9564-2:2014 Financial services — Personal Identification Number (PIN) management and security — Part 2: Approved algorithms for PIN encipherment
ISO 11568-1:2005 Banking — Key management (retail) — Part 1: Principles
ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
ISO 9564-1:2017 Financial services — Personal Identification Number (PIN) management and security — Part 1: Basic principles and requirements for PINs in card-based systems

View more information
US$98.41
Excluding Tax where applicable
USD
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF 1 User - English
PDF 3 Users - English
PDF 5 Users - English
PDF 9 Users - English
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

or

Get in touch with us