scope:

Specifies the minimum cryptograhpic key relationship requirements for security architectures of financial transaction systems using ICCs and provides options from which the card issuer or application supplier can select those key relationships appropriate to their application. Cryptographic key relationships may be established during the card life cycle and the SAM life cycle between the parties responsible for ICC and SAM manufacture and preparation, and for the transaction process. Whenever a cryptographic key relationship is referred to in this document that relationship is achieved by establishing a mutual secret key for a symmetric algorithm or an appropriate key from a public/secret key pair for an asymmetric algorithm.