1、BRITISH STANDARD BS EN 1546-1 : 1999 Identification card systems - Inter-sector electronic purse Part 1: Definitions, concepts and structures The European Standard EN 154 - present to the responsible European committee any enquiries on the - monitor related internationai and European developments an
2、d promulgate interpretation, or proposals for change, and keep the TJK interests informed them in the UK. A list of organizations represented on this committee can be obtained on request to its secretary. Cross-references The British Stanhds which implement intemational or European publications refe
3、rred to in this document may be found in the BSI Standards Catalogue under the section entitled “International Standards Correspondence Index“, or by using the “Find“ facility of the BSI Standards Electronic Catalogue. A British Standard does not purport to include all the necessary provisions of a
4、contsact. Users of British Standards are responsible for their correct application. Compliance with a British Standard does not of itself confer immunity from legal obligations. Summary of pages This document comprises a fi-ont cover, an inside front cover, the EN titie page, pages 2 to 34, an insid
5、e back cover and a back cover. The BSI copynght notice displayed in this document indicates when the document was last issued. comes into effect on 15 December 1999 I I O BSI 12-1999 ISBN O 580 35212 9 STD-BSI BS EN LSYb-L-ENGL 1777 lb2qbb7 082002b 33b EUROPEAN STANDARD EN 1546-1 NORME EUROPENNE EUR
6、OPISCHE NORM August 1999 ICs 01.040.35; 35.240.1 5 English version Identification card systems - Inter-sector electronic purse - Part 1 : Definitions, concepts and structures Systmes de cartes didentification - Porte-monnaie lectronique intersectoriel - Partie 1: Dfinitions, concepts et structures I
7、dentifikationskartensysteme - Branchenbergreifende elektronische Geldbrse - Teil 1 : Definitionen, Begriffe und Strukturen This European Standard was approved by CEN on 29 July 1999. CEN members are bound to comply with the CENiCENELEC Intemal Regulations which stipulate the conditions for giving th
8、is European Staftdad the statu8 of a national stendard wtthou any alteration. Up-to-date Ilss and bibliographical references concerning such national siandards may be obtained on application io the Central Secreariat or to any CEN member. This European Stendard edsb in iree oWal versions (English, F
9、rench, Gem). A version In any other language made by translation under the responsibility of a CEN member into its own language and notified to the Central Secretariat has the same status as the official versions. CEN members are the nabionel standards bodies of Austria, Belgium, Czech RepuMic, Denm
10、atk, Finland, France, Germany, Greece, Iceland, Ireland, My, Luxembourg, Netherlands, Norway. Porhigal, Spain, Sweden, Switzerland and United Kingdom. EROPEAN COMMEFi FOR STANDARDIZATION EUROPISCHES KOMITEE FOR NORMUNG COMITB EUROPEEN DE NORMALISATION Contrat Secretariat: rue de Stassart, 36 B-1050
11、Brussels 0 1999 CEN Ail rights of exploitation in any form and by any means reserved woildwkle for CEN nationel Members. Ref. NO. EN 1546-1:1999 E STD-BSI BS EN L54b-1-ENGL L i lb21ibb 0820027 272 13 Page 2 EN 1 546-1 : 1999 Contents Page Foreword . 3 Introduction .*- 4 1 Scope . 5 2 Normative refer
12、ences 5 3 Terms and definitions - 5 4 Abbreviations . 9 5 Overview of an IEP System . 9 Annex A (informative) Concepts and structures . 11 Bibliography 34 . O BSI 12 1999 STD-BSI BS EN 15ib-l-ENGL 1999 I 1b24bb9 0820028 109 I Page 3 EN 1546-1 11 999 Foreword This European Standard has been prepared
13、by Technical Committee CENTTC 224, Machine-readable cards, related device interfaces and operations, the Secretariat of which is held by AFNOR This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by Febru
14、ary 2000, and conflicting national standards shall be withdrawn at the latest by February 2000. According to the CENICENELEC Internal Regulations, the national standards organizations of the following countries are bound to implement this European Standard: Austria, Belgium, Czech Republic, Denmark,
15、 Finland, France, Germany, Greece, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain, Sweden, Switzerland and the United Kingdom. This European Standard consists of the following parts, under the general title “Identification card systems - Inter-sector electronic purse”: - P
16、art 7: Definitions, concepts and structures - Part 2: Security architecture - Part 3: Data elements and interchanges - Part 4: Data objects O BSI 12 1999 Page 4 EN 1546-1 :I 999 Introduction EN 1546 defines interfaces and functionality for IEP (Inter-sector Electronic Purse) Systems to a level of de
17、tail necessary to make it possible for Purse Holders to use their IEPs in other IEP Systems, e.g. in other count ries. Similarly, EN 1546 supports the use of IEPs from several Purse Providers in the same equipment if so allowed by business agreements. It is outside the scope of EN 1546 to define adm
18、inistrative procedures and organizational structures, although, in order to improve overall understanding, the business relationships are described for a general IEP System. Wherever possible, EN 1546 references other existing IS0 and CEN standards. Not described are “indirect” participants like aut
19、horities enacting general and/or special legislation concerning IEP Systems, legal courts, and possibly clearing systems. O BSI 12 1999 STD-BSI BS EN 154b-1-ENGL 1999 1b24bb9 0820030 b7 Page 5 EN 1546-1 11999 1 Scope This part of EN 1546 gives an overview of an IEP System by describing the participa
20、nts, physical devices and functions needed. The models presented here are the most general ones, and simpler systems (“closed systems”) can be designed by selecting subsets of the functionality described. However, this could also lead to limitations in interoperability. 2 Normative references This E
21、uropean Standard incorporates, by dated or undated reference, provisions from other publications. These normative references are cited at the appropriate places in the text and the publications are listed hereafter. For dated references, subsequent amendments to, or revisions of any of these publica
22、tions apply to this European Standard only when incorporated in it by amendment or revision. For undated references the latest edition of the publication referred to applies. EN 30202-1 , Financial transaction cards - Security architectures of financial transaction systems using integrated circuit c
23、ards - Pari 7: Card life cycle (IS0 10202- 1: 1997). 3 Terms and definitions For the purposes of this standard, the following definitions apply: 3.1 acquirer an organization which collects and possibly aggregates transactions from several Purchase Devices andlor other Acquirer Hosts for delivery to
24、one or more Purse Providers 3.2 acquirer host the equipment used by the Acquirer in order to perform the IEP related tasks for the Acquirer 3.3 activation a secure procedure under control of the Purse Provider, switching an IEP or a SAM to its active life state for normal operation 3.4 aggregation f
25、or each Purse Provider and each currency, the process of adding several Totals into one overall Total. The result is a new Total with the Value equivalent to the sum of all the original Totals 3.5 authentication a cryptographic process in which one entity proves its identity and the integrity of the
26、 data it may send to another entity 3.6 card issuer the organization responsible for the provision and distribution of ICCs for use in an IEP System NOTE card-based payment systems. This definition of an IEP card issuer shall not be confused with the general use of that term in other 3.7 collection
27、the process of transferring data on transactions from PSAMs and/or Purchase Devices to Purse Provider Host(s) and PPSAM(s) directly or via Acquirers O BSI 12 1999 STD*BSI BS EN L54b-L-ENGL 1777 1b24bb7 OBZOO3L 7T3 Page 6 3.8 currency exchange an on-line transaction to the Purse Provider Host during
28、which the entire IEP Balance is exchanged from one currency to another EN 1546-1 :I 999 3.9 currency exchange log a file in an IEPs non-volatile memory used to record information on at least the latest Currency Exchange transaction 3.10 deactivation a secure procedure under control of the Purse Prov
29、ider, switching an IEP or a SAM from its active life state to a permanently disabled state. Only reading of non-secret data is possible in the deactivated state 3.1 1 electronic value; value the (electronic) Value stored and exchanged in an IEP System. The Electronic Value represents real money in t
30、he specified currency 3.1 2 error recovery procedures used for correcting certain errors observed during processing of normal transactions, eng. Purchase transactions 3.13 IC card (ICC) an Integrated Circuit Card with at least one IEP installed 3.14 IC embedder the organization integrating IC assemb
31、lies and plastic cards into ICCs. It could also personalize the IEP 3.1 5 IC manufacturer the organization manufacturing the ICs for ICCs 3.16 identity a string of bits chosen to have a unique value and used for example to distinguish between instances of IEPs, SAMs and transactions 3.1 7 IEP balanc
32、e the current amount of Value in an IEP (in a specific currency); it is increased by Load (and Purchase Cancellation) transactions and decreased by Purchase transactions 3.18 inter-sector electronic purse (IEP) an application in an ICC able to store and process Electronic Value according to EN 1546
33、3.1 9 IEP monitor a device, possibly hand-held, by which public information in the IEP, such as the IEP Balance and log information, can be read out 3.20 IEP system the term refers to all described participants, devices, and functions covered by EN 1546 O BSI 12 1999 STDOBSI BS EN 154b-L-ENGL 1999 L
34、bZibbS 0820032 b3T Page 7 EN 1546-1:1999 3.21 installation the process where an IEP or SAM application and its associated parameters are loaded into an ICC 3.22 key management the techniques used in the IEP System for the generation, distribution, storage, updating and destruction of cryptographic k
35、eys and related keying material. The recommendations made in this standard provide for both manual and automated techniques to securely exchange keys and keying material between the various IEP System components, either directly or indirectly using common Key Management centres to whom responsibilit
36、y has been delegated by the Purse Provider(s) 3.23 key management system the actual implementation of Key Management in an IEP System 3.24 load the transaction performed using a Load Device whereby Value from the PPSAM is transferred to an IEP. In return either the Load Agent or the Purse Provider r
37、eceives payment from the Purse Holder. The term Load includes subsequent Loads of an IEP (reloads) 3.25 load agent the organization providing Load Devices to be used by Purse Holders. Additionally, the Load Agent may receive payment from Purse Holders in exchange for Load transactions 3.26 load devi
38、ce a physical device operated by a Load Agent and used jointly by a Purse Holder and the Load Agent to transfer Value from the PPSAM to the (Purse Holders) IEP 3.27 load log a file in an IEPs non-volatile memory used to record information on at least the latest Load transaction 3.28 load SAM (LSAM)
39、a logical module that provides security in Load Devicets) operated by a Load Agent receiving payment directly 3.29 negative file a file that contains zero or more ranges of identifiers for IEPs that are not allowed to perform transactions in the IEP System. If present, the file should be available f
40、or SAMs at transaction time 3.30 personal identification number (PIN) data which may be required by the application to be presented to the card by its user before data can be processed 3.31 purchase the transaction performed using a Purchase Device whereby Value is transferred from an IEP to a PSAM.
41、 In return the Purse Holder receives a Service from the Service Provider 3.32 purchase cancellation a transaction made at a Purchase Device in order to cancel the latest Purchase transaction for the involved IEP and PSAM O BSI 12 1999 STDaBSI BS EN 154b-1-ENGL 1999 I Lb24bb7 0820033 57b I Page 8 EN
42、1546-111999 3.33 purchase device a physical device operated by a Service Provider and used jointly by a Purse Holder and the Service Provider to transfer Value from the Purse Holders IEP to the PSAM associated with the Purchase Device 3.34 purchase log a file in an IEPs non-volatile memory used to r
43、ecord information on at least the latest Purchase transaction 3.35 purchase SAM (PSAM) a SAM issued under the responsibility of the Purse Provider, installed in connection with Purchase Device(s) and providing the necessary security for Purchase-related transactions and the Collection process 3.36 p
44、urse holder a person in possession of an (ICC with an) IEP. Not necessarily the same person for the whole lifetime of the IEP 3.37 purse provider the organization responsible for the overall functionality and security of an IEP System. Also the organization which is entitled to receive funds in exch
45、ange for Load transactions and credits the Service Providers according to the transactions made in their Purchase Devices 3.38 purse provider host a data processing system possessing the necessary functionality to perform the Purse Providers IEP functions in a secure way by using the PPSAM 3.39 purs
46、e provider SAM (PPSAM) the SAM of the Purse Provider providing the necessary functionality for the secure functioning of the IEP System as seen from the Purse Providers viewpoint, .e. secure Activation, Load, Collection and auditing functions 3.40 secure application module (SAM) a logical device use
47、d to provide security for insecure environments. It is protected against tampering, and stores secret and/or critical information. Several types of SAMs are defined for the IEP System 3.41 SAM issuer the certified organization responsible for issuing SAMs, e.g. Purchase SAMs, for use in an IEP Syste
48、m 3.42 SAM monitor a device by which public information in the SAM, such as Totals, can be read out 3.43 security architecture the utilization of detailed security mechanisms, including cryptographic algorithms and the Key Management appropriate to comply with the security requirements of the IEP Sy
49、stem 3.44 service any kind of service and/or goods delivered by a Service Provider to a Purse Holder and paid for in a Purchase transaction 3.45 service provider the organization delivering Service(s) to a Purse Holder to be paid for using an IEP. The Service Provider operates one or more Purchase Devices O BSI 12 1999 STD-BSI BS EN L54b-L-ENGL 1999 = Lb24bb9 0820034 402 W Page 9 EN 1546-1 1 999 3.46 settlement a process performed by the Purse Provider or Acquirer on behalf of the Purse Provider. Based on data from Purchase and Load transactions, pa