ISO 13491-1:2016 Preview

Financial services -- Secure cryptographic devices (retail) -- Part 1: Concepts, requirements and evaluation methods

ISO 13491-1:2016 specifies the security characteristics for secure cryptographic devices (SCDs) based on the cryptographic processes defined in ISO 9564, ISO 16609, and ISO 11568.

ISO 13491-1:2016 has two primary purposes:

- to state the security characteristics concerning both the operational characteristics of SCDs and the management of such devices throughout all stages of their life cycle;

? to provide guidance for methodologies to verify compliance with those requirements. This information is contained in Annex A.

ISO 13491-2 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, ISO 11568-3, ISO 11568-4, ISO 11568-5, and ISO 11568-6 in the financial services environment.

Annex A provides an informative illustration of the concepts of security levels described in this part of ISO 13491 as being applicable to SCDs.

ISO 13491-1:2016 does not address issues arising from the denial of service of an SCD.

Specific requirements for the security characteristics and management of specific types of SCD functionality used in the retail financial services environment are contained in ISO 13491‑2.


General information

  • Status :  Published
    Publication date : 2016-03
  • Edition : 3
    Number of pages : 33
  • :
    ISO/TC 68/SC 2
    Financial Services, security
  • 35.240.40
    IT applications in banking

Buy this standard

Format Language
PDF
Paper
  • CHF138

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information

 Subscribe