Тезис 

ISO 13491-2:2016 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in H.5, ISO 9564‑2, ISO 16609, ISO 11568‑1, ISO 11568‑2, and ISO 11568‑4 in the financial services environment. IC payment cards are subject to the requirements identified in this part of ISO 13491 up until the time of issue after which they are to be regarded as a "personal" device and outside of the scope of this part of ISO 13491.

ISO 13491-2:2016 does not address issues arising from the denial of service of an SCD.

In the checklists given in Annexes A to H, the term "not feasible" is intended to convey the notion that although a particular attack might be technically possible, it would not be economically viable since carrying out the attack would cost more than any benefits obtained from a successful attack. In addition to attacks for purely economic gain, malicious attacks directed toward loss of reputation need to be considered.


Общая информация

  • Текущий статус :  Withdrawn
    Дата публикации : 2016-03
  • Версия : 3
  • :
    ISO/TC 68/SC 2
    Financial Services, security
  • 35.240.40
    IT applications in banking

Жизненный цикл


Появились вопросы?

Ознакомьтесь с FAQ

Работа с клиентами
+41 22 749 08 88

Часы работы:
Понедельник – пятница: 09:00-12:00, 14:00-17:00 (UTC+1)

Будьте в курсе актуальных новостей ИСО

Подписывайтесь на наши новости, обзоры, а также на информацию о продуктах.