AS 2805.3.1-2008
AS 2805.3.1-2008
Electronic funds transfer - Requirements for interfaces PIN management and security - General
Standards Australia
Table of Contents
<toc />
Abstract
Specifies the minimum security measures required for effective pin management.
Scope
This Standard specifies the minimum security measures required for effective PIN management. Standard means of interchanging PIN data are provided. This Standard does not cover the following:
(a) rotection of the PIN against loss or intentional misuse by the customer or authorized employees of the issuer.
(b) Privacy of non-PIN transaction data (see AS 2805.9).
(c) Protection of transaction messages against alteration or substitution, e.g. an authorization response to a PIN verification (see AS 2805.4.1).
(d) Protection against replay of the PIN or transaction.
(e) Specific key management techniques (see AS 2805.6 series).
(f) PIN management and security for transactions in which the PIN is locally verified by an integrated circuit card.
(g) The use of asymmetric encipherment algorithms for PIN management.
NOTES:
1 For a detailed discussion on the need for PIN protection, see Appendix A.
2 Further information on PIN management for security is given in Appendices A and C.
General Product Information
| Document Type | Standard |
| Status | Current |
| Publisher | Standards Australia |
| Committee | IT-005 |
| Supersedes |
|
Cart
(empty)
New products
- AS 15156.1:2022 [ Current ]
- AS ISO 17115:2022 [ Current ]
- AS ISO/IEC 30165:2022 [ Current ]
- AS 3547.2:2023 [ Current ]
- AS 23907:2023 [ Current ]
- AS ISO/IEC 19785.2:2023
- AS ISO 19262:2023
- AS 3833:2024
- AS 4310:2024
- AS 6742.5:2024
- AS 16890.1:2024
- AS 16890.2:2024
- AS 3457:2024
- AS 4822:2024
- AS 4457.1:2024
- AS IEC 61869.99:2024
- AS 16890.4:2024
- AS 16890.3:2024
- AS EN 301 549:2024
- AS 4032.1:2024
Specials
-
-
SAE AS27645/1
$78.00 (-56%) $34.32