1、BS ISO 13491-2:2017Financial services Secure cryptographic devices (retail)Part 2: Security compliance checklists for devices used in financial transactionsBSI Standards PublicationWB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06BS ISO 13491-2:2017 BRITISH STANDARDNational forewordThis Briti
2、sh Standard is the UK implementation of ISO 13491-2:2017. It supersedes BS ISO 13491-2:2016 which is withdrawn.The UK participation in its preparation was entrusted to Technical Committee IST/12, Financial services.A list of organizations represented on this committee can be obtained on request to i
3、ts secretary.This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2017.Published by BSI Standards Limited 2017ISBN 978 0 580 95645 4 ICS 35.240.40 Compliance with a British Standa
4、rd cannot confer immunity from legal obligations.This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 March 2017.Amendments/corrigenda issued since publicationDate T e x t a f f e c t e dBS ISO 13491-2:2017 ISO 2017Financial services Secure cry
5、ptographic devices (retail) Part 2: Security compliance checklists for devices used in financial transactionsServices financiers Dispositifs cryptographiques de scurit (services aux particuliers) Partie 2: Listes de contrle de conformit de scurit pour les dispositifs utiliss dans les transactions fi
6、nanciresINTERNATIONAL STANDARDISO13491-2Fourth edition2017-03Reference numberISO 13491-2:2017(E)BS ISO 13491-2:2017ISO 13491-2:2017(E)ii ISO 2017 All rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO 2017, Published in SwitzerlandAll rights reserved. Unless otherwise specified, no part of this publica
7、tion may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country
8、 of the requester.ISO copyright officeCh. de Blandonnet 8 CP 401CH-1214 Vernier, Geneva, SwitzerlandTel. +41 22 749 01 11Fax +41 22 749 09 47copyrightiso.orgwww.iso.orgBS ISO 13491-2:2017ISO 13491-2:2017(E)Foreword ivIntroduction v1 Scope . 12 Normative references 13 Terms and definitions . 14 Use o
9、f security compliance checklists 24.1 General . 24.2 Informal evaluation . 34.3 Semi-formal evaluation . 34.4 Strict semi-formal evaluation . 34.5 Formal evaluation . 3Annex A (normative) Physical, logical, and device management characteristics common to all secure cryptographic devices . 4Annex B (
10、normative) Devices with PIN entry functionality 12Annex C (normative) Devices with PIN management functionality 17Annex D (normative) Devices with message authentication functionality .20Annex E (normative) Devices with key generation functionality 22Annex F (normative) Devices with key transfer and
11、 loading functionality 27Annex G (normative) Devices with digital signature functionality .33Annex H (normative) Categorization of environments 35Bibliography .39 ISO 2017 All rights reserved iiiContents PageBS ISO 13491-2:2017ISO 13491-2:2017(E)ForewordISO (the International Organization for Standa
12、rdization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right t
13、o be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.The procedures use
14、d to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. This document was drafted in accordance with the editorial rules o
15、f the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identif
16、ied during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents).Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement.For an explanation
17、on the voluntary nature of standards, the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following URL: www .iso .org/ iso/ f
18、oreword .html.This document was prepared by ISO/TC 68, Financial services, Subcommittee SC 2, Security.This fourth edition cancels and replaces the third edition (ISO 13491-2:2016), of which it constitutes a minor revision with the following changes: references made to H.5 have been replaced with IS
19、O 9564-1; editorially revised.A list of all the parts in the ISO 13491 series can be found on the ISO website.iv ISO 2017 All rights reservedBS ISO 13491-2:2017ISO 13491-2:2017(E)IntroductionThis document specifies both the physical and logical characteristics and the management of the secure crypto
20、graphic devices (SCDs) used to protect messages, cryptographic keys, and other sensitive information used in a retail financial services environment.The security of retail financial services is largely dependent upon the security of these cryptographic devices.Security requirements are based upon th
21、e premise that computer files can be accessed and manipulated, communication lines can be “tapped”, and authorized data or control inputs in a system device can be replaced with unauthorized inputs. While certain cryptographic devices (e.g. host security modules) reside in relatively high-security p
22、rocessing centres, a large proportion of cryptographic devices used in retail financial services (e.g. PIN entry devices, etc.) now reside in non-secure environments. Therefore, when PINs, MACs, cryptographic keys, and other sensitive data are processed in these devices, there is a risk that the dev
23、ices can be tampered with, or otherwise, compromised to disclose or modify such data.It is to be ensured that the risk of financial loss is reduced through the appropriate use of cryptographic devices that have proper physical and logical security characteristics and are properly managed. To ensure
24、that SCDs have the proper physical and logical security, they require evaluation.This document provides the security compliance checklists for evaluating SCDs used in financial services systems in accordance with ISO 13491-1. Other evaluation frameworks exist and may be appropriate for formal securi
25、ty evaluations (e.g. ISO/IEC 15408-1, ISO/IEC 15408-2, ISO/IEC 15408-3, and ISO/IEC 19790) and are outside the scope of this document.Appropriate device characteristics are necessary to ensure that the device has the proper operational capabilities and provides adequate protection for the data it co
26、ntains. Appropriate device management is necessary to ensure that the device is legitimate, that it has not been modified in an unauthorized manner (e.g. by “bugging”) and that any sensitive data placed within the device (e.g. cryptographic keys) have not been subject to disclosure or change.Absolut
27、e security is not practically achievable. Cryptographic security depends upon each life cycle phase of the SCD and the complementary combination of appropriate device management procedures and secure cryptographic characteristics. These management procedures implement preventive measures to reduce t
28、he opportunity for a breach of cryptographic device security. These measures aim for a high probability of detection of any illicit access to sensitive or confidential data in the event that device characteristics fail to prevent or detect the security compromise. ISO 2017 All rights reserved vBS IS
29、O 13491-2:2017BS ISO 13491-2:2017Financial services Secure cryptographic devices (retail) Part 2: Security compliance checklists for devices used in financial transactions1 ScopeThis document specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic
30、processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, and ISO 11568-4 in the financial services environment. Integrated circuit (IC) payment cards are subject to the requirements identified in this document up until the time of issue after which they are to be regard
31、ed as a “personal” device and outside of the scope of this document.This document does not address issues arising from the denial of service of an SCD.In the checklists given in Annex A to Annex H, the term “not feasible” is intended to convey the notion that although a particular attack might be te
32、chnically possible, it would not be economically viable since carrying out the attack would cost more than any benefits obtained from a successful attack. In addition to attacks for purely economic gain, malicious attacks directed toward loss of reputation need to be considered.2 Normative reference
33、sThe following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) appli
34、es.ISO 9564-1, Financial services Personal Identification Number (PIN) management and security Part 1: Basic principles and requirements for PINs in card-based systemsISO 11568-1, Banking Key management (retail) Part 1: PrinciplesISO 11568-2, Financial services Key management (retail) Part 2: Symmet
35、ric ciphers, their key management and life cycleISO 11568-4, Banking Key management (retail) Part 4: Asymmetric cryptosystems Key management and life cycleISO 13491-1, Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methodsISO 16609, Financial s
36、ervices Requirements for message authentication using symmetric techniquesISO/IEC 18031, Information technology Security techniques Random bit generation3 Terms and definitionsFor the purposes of this document, the terms and definitions given in ISO 13491-1 and the following apply.INTERNATIONAL STAN
37、DARD ISO 13491-2:2017(E) ISO 2017 All rights reserved 1BS ISO 13491-2:2017ISO 13491-2:2017(E)ISO and IEC maintain terminological databases for use in standardization at the following addresses: IEC Electropedia: available at h t t p :/ www .electropedia .org/ ISO Online browsing platform: available
38、at h t t p :/ www .iso .org/ obp3.1auditorperson who has the appropriate skills to check, assess, review, and evaluate compliance with an informal evaluation on behalf of the sponsor or audit review body3.2data integrityproperty that data has not been altered or destroyed in an unauthorized manner3.
39、3dual controlprocess of utilizing two or more entities (usually persons) operating in concert to protect sensitive functions or information whereby no single entity is able to access or use the materialsNote 1 to entry: A cryptographic key is an example of the type of material to be accessed or util
40、ized.3.4evaluation agencyorganization trusted by the design, manufacturing, and sponsoring entities which evaluates the SCD (using specialist skills and tools)Note 1 to entry: Evaluation is in accordance with ISO 13491-1.3.5exclusive orbit-by-bit modulo two addition of binary vectors of equal length
41、3.6security compliance checklistlist of auditable claims, organized by device typeNote 1 to entry: Checklist is as specified in this document.3.7sensitive statedevice condition that provides access to the secure operator interface such that it can only be entered when the device is under dual or mul
42、tiple control4 Use of security compliance checklists4.1 GeneralThese checklists shall be used to assess the acceptability of cryptographic equipment upon which the security of the system depends. It is the responsibility of any sponsor, approval authority, or accreditation authority, depending on th
43、e evaluation method chosen, that adopts some or all of these checklists to approve evaluating agencies for use by suppliers to or participants in the system, and set up an audit review body to review the completed audit checklists.Annex A to Annex H, which provide checklists defining the minimum eva
44、luation to be performed to assess the acceptability of cryptographic equipment, shall be applied. Additional tests may be performed to reflect the state-of-the-art at the time of the evaluation.2 ISO 2017 All rights reservedBS ISO 13491-2:2017ISO 13491-2:2017(E)The evaluation may be either “informal
45、”, “semi-formal”, or “strict semi-formal” as specified in ISO 13491-1. Should a “formal” evaluation be chosen, these audit checklists shall not be used as presented here, but shall rather be used as input to assist in the preparation of the “formal claims” that such an evaluation requires.NOTE These
46、 formal claims, as they inherently include other criteria, are themselves outside of the scope of this document.A cryptographic device achieves security both through its inherent characteristics and the characteristics of the environment in which the device is located. When completing these audit ch
47、ecklists, the environment in which the device is located shall be considered, e.g. a device intended for use in a public location might require greater inherent security than the equivalent device operating in a controlled environment. So that an evaluating agency need not investigate the specific e
48、nvironment where an evaluated device may reside, this document provides a suggested categorization of environments in Annex H. Thus, an evaluating agency may be asked to evaluate a given device for operation in a specific environment. Such a device can be deployed in a given facility, only if this f
49、acility itself has been audited to ensure that it provides the ensured environment. However, these audit checklists may be used with categorizations of the environment other than those suggested in Annex H.The four evaluation methods specified in ISO 13491-1 are described in 4.2, 4.3, 4.4, and 4.5.4.2 Informal evaluationAs part of an informal evaluation, an independent auditor shall complete the appropriate checklist(s) for the device being evaluated.4.3 Semi-formal evaluationIn the semi-formal method, the s
