BS ISO 13491-2:2000 - Banking. Secure cryptographic devices (retail). Security compliance checklists for devices used in magnetic stripe cards systems – BSI British Standards

BS ISO 13491-2:2000

Banking. Secure cryptographic devices (retail). Security compliance checklists for devices used in magnetic stripe cards systems

Status : Revised, Withdrawn   Published : January 2001 Replaced By : BS ISO 13491-2:2005

WITHDRAWN TITLE
*To ask about withdrawn titles contact the
Customer Relations
cservices@bsigroup.com, +44 345 086 9001


The security of retail electronic banking is largely dependent upon the security of these cryptographic devices. Security requirements are based upon the premise that computer files can be accessed and manipulated, communications lines can be “tapped” and authorized data or control inputs into system device can be replaced with unauthorized inputs. While certain cryptographic devices (e.g. host security modules) reside in relatively high security processing centres, a large proportion of cryptographic devices used in retail banking (e.g. PIN pads, ATMs, etc.) now reside in non-secure environments.

Therefore when PINs, MACs, cryptographic keys and other sensitive data are processed in these devices, there is a risk that the devices may be tampered with or otherwise compromised to disclose or modify such data. It must be ensured that the risk of financial loss is reduced through the appropriate use of cryptographic devices that have proper physical and logical security characteristics and are properly managed. To ensure that SCDs have the proper physical and logical security, they require evaluation.

This international standard specifies both the physical and logical characteristics and the management of the secure cryptographic devices (SCDs) used to protect messages, cryptographic keys and other sensitive information used in a retail banking environment.




Standard NumberBS ISO 13491-2:2000
TitleBanking. Secure cryptographic devices (retail). Security compliance checklists for devices used in magnetic stripe cards systems
StatusRevised, Withdrawn
Publication Date15 January 2001
Confirm Date01 December 2004
Withdrawn Date07 November 2005
Normative References(Required to achieve compliance to this standard)No other standards are normatively referenced
Informative References(Provided for Information)No other standards are informatively referenced
Replaced ByBS ISO 13491-2:2005
International RelationshipsISO 13491-2:2000
Draft Superseded By99/647212 DC
DescriptorsBanks, Financial institutions, Finance, Retailing, Data security, Data storage protection, Cryptography, Magnetic stripes, Identity cards, Magnetic cards, Machine-readable materials, Information exchange, Conformity, Verification, Data processing, Personal identification numbers, Performance
ICS35.030
35.240.15
35.240.40
Title in FrenchBanque. Dispositifs cryptographiques de securite (services aux particuliers). Listes de controle de conformite de securite pour les dispositifs utilises dans des systemes de cartes a bande magnetique
Title in GermanBankwesen. Sichere Verschluesselungsgeraete (Einzelhandel). Listen zur Ueberpruefung der Erfuellung von Sicherheitsanforderungen bei Geraeten fuer Magnetstreifenkarten
CommitteeIST/12
ISBN0 580 36870 X
PublisherBSI
FormatA4
DeliveryNo
Pages40
File Size1.359 MB
Price£214.00


WITHDRAWN TITLE
*To ask about withdrawn titles contact the
Customer Relations
cservices@bsigroup.com, +44 345 086 9001
 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


BSOL

The faster, easier way to work with standards


Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version


Worldwide Standards
We can source any standard from anywhere in the world