- Hot search：
AS 2805.3.2-2008 pdf free download
AS 2805.3.2-2008 pdf free download.Electronic funds transfer Requirements for interfaces
Part 3.2: PIN management and security Offline.
(d) The plain text PIN shall never exist in the facility of the acquirer except within a physically secure device.
(e) A plain text PIN may exist in the general-purpose computer facility of the issuer for the purposes of PIN generation and printing, if the facility is a secure enironrnent (see AS 2805.I4.I)at the time.
(f) Only ihe customer and/or personnel authori,ed by the issuer shall be involved with PIN selection, PIN issuance or any PIN entry process in which the PIN can be related to account identity information. Such personnel shall operate only under strictly enforced procedures (e.g. under dual control).
(g) A stored enciphered PIN shall be protected from substitution.
(h) Compromise of the PIN (or suspected compromise) shall result in the ending of the PIN life cycle.
(I) Responsibility for PIN verification shall rest with the issuer, although the verification function may be delegated to another institution.
(j) Different encipherment keys shall be used for protection of PIN storage and transmission.
6 PIN PROTECTION DURIN(; TRANSN1ISSION BETWEEN PEI) ANI) ICC RFAI)ER
The ICC reader and PIN entry device (PI[)) can either he integrated into a single device or
he two separate devices. (See Table I.)
When the ICC reader and PED are integrated sithin a de ice meeting the requirements of Clause 9 and he PIN is to he submitted to the IC in plain text form, then the PEt) need not encipher the PIN.
When the PIN is to he submitted to the IC in plain text form and is transmitted to the ICC reader through an unprotected environment then the PIN shall be enciphered in accordance with AS 2805.3.1 The ICC reader shall then decipher the PIN for submission in plain text to the IC. The PIN shall be enciphered and deciphered in a device meeting the requirements of Clause 9.
For both integrated and non-integrated devices, when the PIN is to be submitted to the IC in enciphered form, then the PIN shall he enciphered within a de ice meeting the requirements of Clause 9 using an authenticated encipherment key of the IC.
If the PIN is transmitted outside of a device meeting the requirements of Clause 9 then it shall he enciphered in accordance with AS 2805.3.1 or it shall be enciphered using an aLit hem icated encipherment key of the IC.AS 2805.3.2-2008 pdf free download.
All resources on this website are from the Internet. It is only for personal study and research. No one is allowed to use it for any commercial purpose. If you need, please buy the genuine standard. If there is any infringement of your copyright, please contact the webmaster in time, and I will correct it immediately.
- Maybe you like
- Latest Updates
- ISO 287-2009 pdf free download
- ISO 527-5-2009 pdf free download
- ISO 659-2009 pdf free download
- ISO 660-2009 pdf free download
- ISO 712-2009 pdf free download
- ISO 725-2009 pdf free download
- ISO 730-2009 pdf free download
- ISO 927-2009 pdf free download
- ISO 2041-2009 pdf free download
- ISO 3040-2009 pdf free download
- ISO 3506-2-2009 pdf free download
- ISO 3506-3-2009 pdf free download