Banking — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions
银行及金融服务;安全加密设备(零售)第2部分:金融交易中使用的设备的安全合规性检查表
发布日期:
2005-06-15
ISO 13491-2:2005规定了用于评估金融服务环境中包含加密过程的安全加密设备(SCD)的清单,如ISO 9564第1部分和第2部分、ISO 16609和ISO 11568第1部分至第6部分所述。IC支付卡在发行前应符合ISO 13491本部分中规定的要求,发行后应视为“个人”设备,不在本文件范围内。
ISO 13491-2:2005未解决因SCD拒绝服务而产生的问题。
ISO 13491-2:2005 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes, as specified in parts 1 and 2 of ISO 9564, ISO 16609 and parts 1 to 6 of ISO 11568, in the financial services environment. IC payment cards are subject to the requirements identified in this part of ISO 13491 up until the time of issue, after which they are to be regarded as a "personal" device and outside of the scope of this document.
ISO 13491-2:2005 does not address issues arising from the denial of service of an SCD.