ISO 9564-1:2002

Withdrawn

View Superseded by

Banking Personal Identification Number (PIN) management and security Part 1: Basic principles and requirements for online PIN handling in ATM and POS systems

Available format(s)

Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users

Withdrawn date

09-27-2018

Language(s)

English

Published date

05-02-2002

Publisher

International Organization for Standardization

This part of ISO 9564 specifies the basic principles and techniques which provide the minimum security measures required for effective international PIN management. These measures are applicable to those institutions responsible for implementing techniques for the management and protection of PINs.

This part of ISO 9564 also specifies PIN protection techniques applicable to financial transaction-card-originated transactions in an online environment and a standard means of interchanging PIN data. These techniques are applicable to those institutions responsible for implementing techniques for the management and protection of the PIN at Automated Teller Machines (ATM) and acquirer sponsored Point-of-Sale (POS) terminals.

The provisions of this part of ISO 9564 are not intended to cover:

PIN management and security in the offline PIN environment, which is covered in ISO 9564-3;
PIN management and security in the electronic commerce environments, which is to be covered in a subsequent part of ISO 9564;
the protection of the PIN against loss or intentional misuse by the customer or authorized employees of the issuer;
privacy of non-PIN transaction data;
protection of transaction messages against alteration or substitution, e.g. an authorization response to a PIN verification;
protection against replay of the PIN or transaction;
specific key management techniques.

DocumentType	Standard
Pages	30
PublisherName	International Organization for Standardization
Status	Withdrawn
SupersededBy	ISO 9564-1:2011
Supersedes	ISO 9564-1:1991