ISO/TR 9564-4-2004 银行.个人识别号码的管理和安全.第4部分:开放网络中PIN处理指南
作者:标准资料网 时间:2024-05-19 19:44:00 浏览:8733
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Banking-PersonalIdentificationNumber(PIN)managementandsecurity-Part4:GuidelinesforPINhandlinginopennetworks
【原文标准名称】:银行.个人识别号码的管理和安全.第4部分:开放网络中PIN处理指南
【标准号】:ISO/TR9564-4-2004
【标准状态】:现行
【国别】:国际
【发布日期】:2004-03
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/TC68
【标准类型】:()
【标准水平】:()
【中文主题词】:数据安全;下线;信息交换;银行业务;电路网络;安全;自动取款机;定义;识别号;银行帐户;开式系统;银行信用卡;识别卡;银行;数据交换;编码;人员识别号;安全要求;数据保护
【英文主题词】:opensystems;datasecurity;safetyrequirements;dataexchange;automaticmoneydispenser;identitycards;definitions;off-line;definition;banks;bankaccounts;informationinterchange;bankoperations;dataprotection;circuitnetworks;safety;identificationnumbers;coding;pin;bankcards
【摘要】:ThispartofISO9564providesguidelinesforpersonalidentificationnumber(PIN)handlinginopennetworks,presentingfinanceindustrybest-practicesecuritymeasuresforPINmanagementandthehandlingoffinancialcardoriginatedtransactionsinenvironmentswhereissuersandacquirershavenodirectcontrolovermanagement,orwherenorelationshipexistsbetweenthePINentrydeviceandtheacquirerpriortothetransaction.Itisapplicabletofinancialcard-originatedtransactionsrequiringverificationofthePINandtothoseorganizationsresponsibleforimplementingtechniquesforthemanagementofthePINinterminalsandPINentrydeviceswhenusedinopennetworks.Itisnotapplicableto—PINmanagementandsecurityintheonlineandofflineATMandPOSPINenvironments,whicharecoveredinISO9564-1andISO9564-3,—approvedalgorithmsforPINencipherment,whicharecoveredinISO9564-2,—theprotectionofthePINagainstlossorintentionalmisusebythecustomerorauthorisedemployeesoftheissuerortheiragents,—privacyofnon-PINtransactiondata,—protectionoftransactionmessagesagainstalterationorsubstitution,e.g.anonlineauthorisationresponse,—protectionagainstreplayofthePINortransaction,—specifickeymanagementtechniques,—accessto,andstorageof,carddatabyserver-basedapplicationssuchaswallets,or—financialinstitutionsponsored,cardholderactivated,securePINentrydevices.
【中国标准分类号】:A11
【国际标准分类号】:35_240_40
【页数】:6P.;A4
【正文语种】:英语
【原文标准名称】:银行.个人识别号码的管理和安全.第4部分:开放网络中PIN处理指南
【标准号】:ISO/TR9564-4-2004
【标准状态】:现行
【国别】:国际
【发布日期】:2004-03
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/TC68
【标准类型】:()
【标准水平】:()
【中文主题词】:数据安全;下线;信息交换;银行业务;电路网络;安全;自动取款机;定义;识别号;银行帐户;开式系统;银行信用卡;识别卡;银行;数据交换;编码;人员识别号;安全要求;数据保护
【英文主题词】:opensystems;datasecurity;safetyrequirements;dataexchange;automaticmoneydispenser;identitycards;definitions;off-line;definition;banks;bankaccounts;informationinterchange;bankoperations;dataprotection;circuitnetworks;safety;identificationnumbers;coding;pin;bankcards
【摘要】:ThispartofISO9564providesguidelinesforpersonalidentificationnumber(PIN)handlinginopennetworks,presentingfinanceindustrybest-practicesecuritymeasuresforPINmanagementandthehandlingoffinancialcardoriginatedtransactionsinenvironmentswhereissuersandacquirershavenodirectcontrolovermanagement,orwherenorelationshipexistsbetweenthePINentrydeviceandtheacquirerpriortothetransaction.Itisapplicabletofinancialcard-originatedtransactionsrequiringverificationofthePINandtothoseorganizationsresponsibleforimplementingtechniquesforthemanagementofthePINinterminalsandPINentrydeviceswhenusedinopennetworks.Itisnotapplicableto—PINmanagementandsecurityintheonlineandofflineATMandPOSPINenvironments,whicharecoveredinISO9564-1andISO9564-3,—approvedalgorithmsforPINencipherment,whicharecoveredinISO9564-2,—theprotectionofthePINagainstlossorintentionalmisusebythecustomerorauthorisedemployeesoftheissuerortheiragents,—privacyofnon-PINtransactiondata,—protectionoftransactionmessagesagainstalterationorsubstitution,e.g.anonlineauthorisationresponse,—protectionagainstreplayofthePINortransaction,—specifickeymanagementtechniques,—accessto,andstorageof,carddatabyserver-basedapplicationssuchaswallets,or—financialinstitutionsponsored,cardholderactivated,securePINentrydevices.
【中国标准分类号】:A11
【国际标准分类号】:35_240_40
【页数】:6P.;A4
【正文语种】:英语
下载地址: 点击此处下载