ISO 11568-1:2005规定了零售银行环境中实施的密码系统中使用的密钥管理原则。零售银行业务环境包括卡受理设备与收单机构、收单机构与发卡机构、ICC与卡受理设备之间的接口。 本文还介绍了这种环境的一个例子，以及在零售银行环境中实施ISO 11568-1:2005所带来的威胁。 ISO 11568-1:2005适用于对称密码系统的密钥（发起者和接收者使用相同的密钥），以及非对称密码系统的私钥和公钥，除非另有说明。规定了用于密钥管理的加密算法的批准程序。 密码的使用通常涉及密钥以外的控制信息，例如初始化向量和密钥标识符。其他这些信息统称为“键控材料”。 尽管ISO 11568-1:2005专门论述了钥匙的管理，但适用于钥匙的原则、服务和技术也可能适用于钥匙材料。 ISO 11568-1:2005适用于从事零售金融服务领域的金融机构和其他组织，其中信息交换需要保密性、完整性或认证。零售金融服务包括但不限于POS借贷授权、自动点胶机和ATM交易等流程。 ISO 9564和ISO 16609分别规定了在零售金融交易中使用密码操作进行个人识别码（PIN）加密和消息认证。ISO 11568系列标准适用于这些标准引入的密钥管理。此外，密钥管理程序本身可能需要引入更多密钥，例如:。 g、 密钥加密密钥。钥匙管理程序同样适用于这些钥匙。

ISO 11568-1:2005 specifies the principles for the management of keys used in cryptosystems implemented within the retail-banking environment. The retail-banking environment includes the interface between a card accepting device and an acquirer, an acquirer and a card issuer, an ICC and a card-accepting device. An example of this environment and threats associated with the implementation of ISO 11568-1:2005 in the retail-banking environment are also described. ISO 11568-1:2005 is applicable both to the keys of symmetric cipher systems, where both originator and recipient use the same secret key(s), and to the private and public keys of asymmetric cryptosystems, unless otherwise stated. The procedure for the approval of cryptographic algorithms used for key management is specified. The use of ciphers often involves control information other than keys, e.g. initialization vectors and key identifiers. This other information is collectively called "keying material". Although ISO 11568-1:2005 specifically addresses the management of keys, the principles, services, and techniques applicable to keys may also be applicable to keying material. ISO 11568-1:2005 is appropriate for use by financial institutions and other organizations engaged in the area of retail financial services, where the interchange of information requires confidentiality, integrity, or authentication. Retail financial services include but are not limited to such processes as POS debit and credit authorizations, automated dispensing machine and ATM transactions, etc. ISO 9564 and ISO 16609 specify the use of cryptographic operations within retail financial transactions for personal identification number (PIN) encipherment and message authentication, respectively. The ISO 11568 series of standards is applicable to the management of the keys introduced by those standards. Additionally, the key management procedures may themselves require the introduction of further keys, e.g. key encipherment keys. The key management procedures are equally applicable to those keys.