Provide PDF Format
X9 TG-3-2006
- Retail Financial Services Compliance Guideline: Online PIN Security and Key Management
- standard by Accredited Standards Committee X9 Incorporated, 03/13/2006
- Publisher: X9
$30.00$60.00
The PIN Security Compliance Guideline is intended to be used to implement a uniform security review. All entities, which handle PINs and/or cryptographic keys used to secure PINs, should complete a PIN Security Compliance review.
This guideline presents mandatory control objectives relating to general procedures and controls. The mandatory control objectives are based on requirements set forth in X9.8 (Banking, Personal Identification Number Management and Security Part 1), X9.24-2004 (Retail Financial Services Symmetric Key Management, Part 1: Using Symmetric Techniques) and X9.24-2005 (Retail Financial Services Symmetric Key Management, Part 2: Using Asymmetric Techniques for Distribution of Symmetric Keys). Sections 4.4 and 5.5 of this guideline include additional control objectives related to miscellaneous security issues, which are considered best business practices but are not covered under existing X9 standards. Each organization administering the review should evaluate the mandatory and optional control objectives for applicability.
This guideline presents mandatory control objectives relating to general procedures and controls. The mandatory control objectives are based on requirements set forth in X9.8 (Banking, Personal Identification Number Management and Security Part 1), X9.24-2004 (Retail Financial Services Symmetric Key Management, Part 1: Using Symmetric Techniques) and X9.24-2005 (Retail Financial Services Symmetric Key Management, Part 2: Using Asymmetric Techniques for Distribution of Symmetric Keys). Sections 4.4 and 5.5 of this guideline include additional control objectives related to miscellaneous security issues, which are considered best business practices but are not covered under existing X9 standards. Each organization administering the review should evaluate the mandatory and optional control objectives for applicability.
Related Products
X9 X9.97-1-2009
Financial services - Secure Cryptographic Devices (Retail) - Part 1: Concepts, Requirements and Eval..
$70.00 $140.00
X9 X9.93-1-2007
Financial transaction messages -- Electronic benefits transfer (EBT) -- Part 1: Messages..
$30.00 $60.00
X9 TR-38-3:2009
Financial Services - UNIversal Financial Industry Message Scheme - Technical Report - Part 3: ISO 20..
$50.00 $100.00