ISO 13491-2:2017

Financial services — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions

Publication date:   Mar 23, 2017

95.99 Withdrawal of Standard   Jan 11, 2023

General information

95.99 Withdrawal of Standard   Jan 11, 2023

ISO

ISO/TC 68/SC 2 Financial Services, security

International Standard

35.240.40   IT applications in banking

Buying

  Withdrawn

PDF - €76.23

  English  



Buy

Scope

ISO 13491-2:2017 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564‑1, ISO 9564‑2, ISO 16609, ISO 11568‑1, ISO 11568‑2, and ISO 11568‑4 in the financial services environment. Integrated circuit (IC) payment cards are subject to the requirements identified in this document up until the time of issue after which they are to be regarded as a "personal" device and outside of the scope of this document.
ISO 13491-2:2017 does not address issues arising from the denial of service of an SCD.
In the checklists given in Annex A to Annex H, the term "not feasible" is intended to convey the notion that although a particular attack might be technically possible, it would not be economically viable since carrying out the attack would cost more than any benefits obtained from a successful attack. In addition to attacks for purely economic gain, malicious attacks directed toward loss of reputation need to be considered.

Life cycle

PREVIOUSLY

WITHDRAWN
ISO 13491-2:2016

NOW

WITHDRAWN
ISO 13491-2:2017
95.99 Withdrawal of Standard
Jan 11, 2023

REVISED BY

PUBLISHED
ISO 13491-2:2023