The objective of this Standard is to specify checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564‑1, ISO 9564‑2, ISO 16609, AS 2805.6.1.1 (identical adoption of ISO 11568‑1), AS 2805.6.1.2 (identical adoption of ISO 11568‑2), and AS 2805.6.1.4 (identical adoption of ISO 11568‑4), in the financial services environment.
Table of contents
Header
About this publication
Preface
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Use of security compliance checklists
4.1 General
4.2 Informal evaluation
4.3 Semi-formal evaluation
4.4 Strict semi-formal evaluation
4.5 Formal evaluation
Annex A
A.1 General
A.2 Device characteristics
A.2.1 Physical security characteristics
A.2.1.1 General
A.2.1.2 General security characteristics
A.2.1.3 Tamper-evident characteristics
A.2.1.4 Tamper-resistant characteristics
A.2.1.5 Tamper-responsive characteristics
A.2.2 Logical security characteristics
A.3 Device management
A.3.1 General consideration
A.3.2 Device protection by manufacturer
A.3.3 Device protection between manufacturer and post-manufacturing phases
A.3.4 Device protection during initial financial key loading and prior to pre use
A.3.5 Device protection during pre-use and prior to installation
A.3.6 Device protection subsequent to installation
A.3.7 Device protection after removal from service
Annex B
B.1 General
B.2 Device characteristics
B.2.1 Physical security characteristics
B.2.1.1 General physical security characteristics
B.2.1.2 Tamper-responsive characteristics
B.2.2 Logical security characteristics
B.3 Device management
B.3.1 PIN entry device protection during initial key loading
B.3.2 PIN entry device protection after installation
Annex C
C.1 General
C.2 Device characteristics
C.2.1 Physical security characteristics
C.2.2 Logical security characteristics
C.3 Device management
Annex D
D.1 General
D.2 Logical security device characteristics
Annex E
E.1 General
E.2 Device characteristics
E.2.1 Physical security characteristics
E.2.2 Logical security characteristics
E.3 Device management
Annex F
F.1 General
F.2 Device characteristics
F.2.1 Physical security characteristics
F.2.2 Logical security characteristics
F.3 Device management
Annex G
G.1 General
G.2 Device management
G.2.1 General considerations
G.2.2 Device management for digital signature verification
