UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

NEN-ISO 13491-2

Financial services - Secure cryptographic devices (retail) - Part 2: Security compliance checklists for devices used in financial transactions

active, Most Current
Organization: NEN
Publication Date: 1 January 2023
Status: active
Page Count: 50
ICS Code (IT applications in banking): 35.240.40
scope:

This document specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, and ISO 11568 in the financial services environment. Integrated circuit (IC) payment cards are subject to the requirements identified in this document up until the time of issue, after which they are to be regarded as a "personal" device and outside of the scope of this document.

Document History

NEN-ISO 13491-2
January 1, 2023
Financial services - Secure cryptographic devices (retail) - Part 2: Security compliance checklists for devices used in financial transactions
This document specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, and ISO 11568 in...
NEN-ISO 13491-2
April 1, 2017
Financial services - Secure cryptographic devices (retail) - Part 2: Security compliance checklists for devices used in financial transactions
NEN-ISO 13491-2 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1,...
NEN-ISO 13491-2
April 1, 2016
Financial services - Secure cryptographic devices (retail) - Part 2: Security compliance checklists for devices used in financial transactions
NEN-ISO 13491-2 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in H.5, ISO 9564-2, ISO 16609, ISO 11568-1, ISO...
NEN-ISO 13491-2
July 1, 2005
Banking - Secure cryptographic devices (retail) - Part 2: Security compliance checklists for devices used in financial transactions
This part of ISO 13491 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes, as specified in parts 1 and 2 of ISO 9564, ISO 16609 and...
NEN-ISO 13491-2
January 1, 2001
Banking - Secure cryptographic devices (retail) - Part 2: Security compliance checklists for devices used in magnetic stripe card systems
Specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes, as specified in ISO 9564, ISO 9807 and ISO 11568, in a magnetic stripe card...

References

This document references:
ISO 16609 - Financial services — Requirements for message authentication using symmetric techniques
Published by ISO on March 15, 2012
This International Standard specifies procedures, independent of the transmission process, for protecting the integrity of transmitted banking messages and for verifying that a message has originated...
This document references:
ISO 9564-1 - Financial services - Personal Identification Number (PIN) management and security - Part 1: Basic principles and requirements for PINs in card-based systems
Published by ISO on November 1, 2017
This document specifies the basic principles and techniques which provide the minimum security measures required for effective international PIN management. These measures are applicable to those...
This document references:
ISO 13491-1 - Financial services - Secure cryptographic devices (retail) - Part 1: Concepts, requirements and evaluation methods
Published by ISO on March 15, 2016
This part of ISO 13491 specifies the security characteristics for secure cryptographic devices (SCDs) based on the cryptographic processes defined in ISO 9564, ISO 16609, and ISO 11568. This part of...
This document references:
ISO 9564-2 - Financial services - Personal Identification Number (PIN) management and security - Part 2: Approved algorithms for PIN encipherment
Published by ISO on August 1, 2014
This part of ISO 9564 specifies approved algorithms for the encipherment of Personal Identification Numbers (PINs).
This document references:
11568 - Financial services — Key management (retail)
Published by ISO on February 1, 2023
General This document describes the management of symmetric and asymmetric cryptographic keys that can be used to protect sensitive information in financial services related to retail payments. The...
This document references:
ISO/IEC 15408-1 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 1: Introduction and general model
Published by ISO on August 1, 2022
This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is...
This document references:
ISO/IEC 15408-2 - Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the required structure and content of security functional components for the purpose of security evaluation. It includes a catalogue of functional components that...
This document references:
ISO/IEC 15408-3 - Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component TOEs, the...
This document references:
ISO/IEC 18031 - Information technology - Security techniques - Random bit generation TECHNICAL CORRIGENDUM 1
Published by ISO on October 1, 2014
A description is not available for this item.
This document references:
ISO/IEC 19790 - Information technology - Security techniques - Security requirements for cryptographic modules
Published by ISO on August 15, 2012
This International Standard specifies the security requirements for a cryptographic module utilised within a security system protecting sensitive information in computer and telecommunication...
View Less
View All
Advertisement