ISO 15782-1:2009

Certificate management for financial services -- Part 1: Public key certificates

ISO 15782-1:2009 defines a certificate management system for financial industry use for legal and natural persons that includes

  • credentials and certificate contents,
  • Certification Authority systems, including certificates for digital signatures and for encryption key management,
  • certificate generation, distribution, validation and renewal,
  • authentication structure and certification paths, and
  • revocation and recovery procedures.

ISO 15782-1:2009 also recommends some useful operational procedures (e.g. distribution mechanisms, acceptance criteria for submitted credentials).

Implementation of ISO 15782-1:2009 will also be based on business risks and legal requirements.

ISO 15782-1:2009 does not include

  • the protocol messages used between the participants in the certificate management process,
  • requirements for notary and time stamping,
  • Certificate Policy and Certification Practices requirements, or
  • Attribute Certificates.

While ISO 15782-1:2009 provides for the generation of certificates that could include a public key used for encryption key management, it does not address the generation or transport of keys used for encryption.


General information

  • Status :  Withdrawn
    Publication date : 2009-10
  • Edition : 2
  • :
    ISO/TC 68/SC 2
    Financial Services, security
  • 35.240.40
    IT applications in banking

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information

Subscribe