Back

ISO 13491-2:2017

Financial services -- Secure cryptographic devices (retail) -- Part 2: Security compliance checklists for devices used in financial transactions

General information
Withdrawn from 11.01.2023
ICS Groups
35.240.40 IT applications in banking
Directives or regulations
None

Standard history

Status
Date
Type
Name
11.01.2023
Main
ISO 13491-2:2023
23.03.2017
Main
ISO 13491-2:2017
Main
ISO 13491-2:2016
ISO 13491-2:2017 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, and ISO 11568-4 in the financial services environment. Integrated circuit (IC) payment cards are subject to the requirements identified in this document up until the time of issue after which they are to be regarded as a "personal" device and outside of the scope of this document.
ISO 13491-2:2017 does not address issues arising from the denial of service of an SCD.
In the checklists given in Annex A to Annex H, the term "not feasible" is intended to convey the notion that although a particular attack might be technically possible, it would not be economically viable since carrying out the attack would cost more than any benefits obtained from a successful attack. In addition to attacks for purely economic gain, malicious attacks directed toward loss of reputation need to be considered.
*
*
*
PDF
79.98 € incl tax
Paper
79.98 € incl tax
Standard monitoring
English

Related products

Main

ISO 13491-2:2023

Financial services — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions
Newest version Valid from 11.01.2023
Main

CWA 16374-5:2011

Extensions for Financial Services (XFS) interface specification Release 3.20 - Part 5: Cash Dispenser Device Class Interface Programmer's Reference
Newest version Valid from 04.01.2012
Main

CWA 16374-1:2011

Extensions for Financial Services (XFS) interface specification Release 3.20 - Part 1: Application Programming Interface (API) Service Provider Interface (SPI) Programmer's Reference
Newest version Valid from 04.01.2012
Main

ISO 22739:2024

Blockchain and distributed ledger technologies — Vocabulary
Newest version Valid from 04.01.2024

Standards designation

EVS Estonian standard
EN European standard (published by an CEN or CENELEC)
EN ISO International standard adopted as an European standard
ISO International Organization for Standardization’s standard
IEC International Electrotechnical Commission’s standard
HD CENELEC’s harmonisation document
   
EVS-EN European standard implemented in Estonia
EVS-EN ISO International standard adopted in Europe and implemented in Estonia
EVS-EN ISO/IEC International standard/International electrotechnical standard adopted in Europe and implemented in Estonia
EVS-IEC International electrotechnical standard implemented in Estonia
EVS-ISO International standard implemented in Estonia
   
A, AMD amedment
+A a full standard plus the amendment
/A only amendment
COR, AC corrigendum
+COR a full standard plus the corrigendum
NA national annex
+NA a full standard plus the national annex
/NA only national annex
TS technical specification
TR technical report
CWA agreement, developed by a CEN or CENELEC
prEVS-EN (etc) draft standard
   
et the standard is in Estonian only
en the standard is in English only
et-en the standard is in Parallel text Estonian-English

Contact

standard@evs.ee
+372 605 5060
Akadeemia tee 21/6, Tallinn, 12618, Estonia
Reg. code 80120020
Eesti Standardimis- ja Akrediteerimiskeskus MTÜ
E-N 8:30-17:00 R 8:30-16:00

Assistance in ordering

Direct links

Mastercard
Visa
Paypal
Swedbank
SEB
Luminor
LHV
Copyright © 2024 EVS. All rights reserved.