Financial transaction cards - Security architecture of financial transaction systems using integrated circuit cards - Part 6: Cardholder verification
other information
Release date:2006-09-18
drafter:Tan Guoan, Lu Shuchun, Li Shuguang, Liu Yun, Du Ning, Liu Zhijun, etc.
Drafting unit:China Financial Electronics Corporation, People's Bank of China, Bank of China, China Construction Bank
Focal point unit:National Financial Standardization Technical Committee
Proposing unit:People's Bank of China
Publishing department:General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China Standardization Administration of China
competent authority:People's Bank of China
Some standard content:
ICS 35.240.15
National Standard of the People's Republic of China
GB/T16790.6—2006/IS010202-6:1994 Financial transaction cards
Security architecture of financial transaction systems using integrated circuit cards-Part 6: Cardholder verification(ISO 10202-6:1994, IDT)
2006-09-18 Issued
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China Standardization Administration of China
2007-03-01 Implementation
2 Normative references
3 Terms and definitions
4 Discrete value method
Appendix A (Normative Appendix) CIV representation
Appendix B (Informative Appendix) Password and biometric verification method B.1 Password
B.2 Biometric verification method
Appendix C (Informative Appendix)
References
GB/T 16790.6--2006/ISO 10202-6:1994 Foreword
GB/T16790.6--2006/IS010202-6:1994GB/T16790 "Financial transaction cards - Security system for financial transaction systems using integrated circuit cards" includes the following 8 parts: Part 1: Card life cycle
Part 2: Transaction process
Part 3: Key relationship
-Part 4: Security application module
Part 5: Algorithm application
Part 6: Cardholder identity authentication
Part 7: Key management
Part 8, General principles and summary
This part is Part 6 of GB/T16790-2006. This part is equivalent to ISO10202-6:1994 "Financial transaction cards - Security system for financial transaction systems using integrated circuit cards - Part 6: Cardholder identity authentication" (English version). For ease of use, this part has made the following editorial changes: a) Delete ISO Foreword;
In Chapter 2, the original standard omitted "ISO10202-1 Financial transaction card Security system for financial transaction systems using integrated circuit cards Part 1: Card life cycle", and now supplemented with the equivalent GB/T16790.1-1997. Appendix A of this part is normative, and Appendix B and Appendix C are informative. This part was proposed by the People's Bank of China.
This part was proposed by the National Financial Standardization Technical The committee is responsible for centralized management. The responsible drafting unit for this part is China Financial Electronicization Company. The participating drafting units for this part are the People's Bank of China, Bank of China, China Construction Bank, China Everbright Bank, China UnionPay Co., Ltd., and Beijing Qiming Kenchen Company.
The main drafters of this part are Tan Guoan, Yang Zi, Lu Shuchun, Li Shuguang, Liu Yun, Du Ning, Liu Zhijun, Zhang Yan, Zhang Dedong, Dai Hong, Zhang Xiaodong, Ma Yun, Li Hongjian, Wang Wei, Wang, Sun Weidong, and Li Chunhuan. This part is formulated for the first time.
1 Scope
GB/T 16790.6—--2006/ISO 10202-6:1994 Financial transaction cards
Security systems for financial transaction systems using integrated circuit cards
Part 6: Cardholder identity verification
This part specifies the security requirements for cardholder verification when a discrete cardholder identity value (CIV), such as a personal identification number (PIN), is used in an integrated circuit card (IC card) (which may or may not contain a magnetic stripe). The purpose of cardholder verification is to determine that the person presenting the card is the card holder. ISO 9564-1 applies to this part, except that this part This standard is applicable to any organization responsible for implementing security procedures for the use of CIVs and IC cards in conjunction with the card. This standard deals with security issues related to matching physical objects held by the cardholder (such as an IC card card) with information known to the cardholder (i.e. a CIV, such as a PIN). It also describes security requirements related to IC cards and CADs, where the IC cards and CADs may have only one integrated circuit (IC) or contain both a magnetic stripe and IC function. Here the emphasis is on systems with only IC. Note 1: The term IC refers to the IC embedded in the IC card. Cardholder identity verification can be performed at the common data file (CDF) or application data file (ADF) level. Note 2: The term "issuing bank\and application provider" includes their respective agents. 2 Normative references
The clauses in the following documents become clauses of this part through reference to this part of GB/T 16790. For any dated referenced document, all subsequent amendments (excluding errata) or revisions are not applicable to this part, however, parties to agreements based on this part are encouraged to study whether the latest versions of these documents can be used. For any undated referenced document, the latest version applies to this part GB/T 16790.1--1997 Financial transaction card Security architecture of financial transaction system using integrated circuit card Part 1: Card life cycle (idt ISO10202-1: 1991) GB/T 16790.5 Financial transaction card Security architecture of financial transaction system using integrated circuit card Part 5: Algorithm application (GB/T 16790.5—2006, ISO 10202-5:1998, IDT) ISO9564-1:1991 Banking personal identification number management and security Part 1: PIN protection principles and techniques ISO10202-2 Financial transaction cards Security system for financial transaction systems using integrated circuit cards Part 2: Transaction process 3 Terms and definitions
The definitions given in GB/T 16790.1--1997 and the following definitions apply to this part. 3.1
Biometric verification A form of cardholder verification that compares observed biometrics with reference values. 3.2
Cardholder
A customer who is associated with a primary account and requests a transaction from an institution that accepts the card. 3.3
Cardholder identification value CIV, CardholderIdentificationValue A value used to confirm the identity of the cardholder.
Note 3: Discrete CIV (i.e. PIN or password) known by the cardholder. CIV for biometric verification is the observed biometric performance of the cardholder. GB/T 16790.6—2006/ISO 10202-6:19943.4
IC-only system
A card system that relies only on IC technology and corresponding interface devices. 3.5
Mixed CAD mixedCAD
CAD that accepts both IC cards and magnetic stripe cards.
Hybrid system
mixed system
Systems that accept a combination of IC and magnetic stripe card technology3.7
Passwordpassword
A unique combination of letters and numbers
Reference CIV
referen
A discrete CIV used to verify a transaction CIV
Transaction CIV
transa
CIV.
The CIV provided by the presenter of the card in a transaction.
4 Discrete value method
This clause specifies the use of discrete CIs as defined in ISO 9564-1:1991, or passwords (see 4.1 General security principles). The security provided by this part shall be protected by the following: a) ISO 9564-1:
b) the CDF level, for generic data files, and shall be specified by the application provider. The discrete reference CIV shall be securely loaded into the IC in a controlled manner. c) The discrete reference CIV shall be stored in the IC in a manner that prevents external read operations. The discrete values may be ISO 9564-1 and, at the virtual data file (ADF) level, if a CDF level CIV is present,The virtual card tag controls the loading, reloading and changing process of discrete reference CIV. The verification process of CDF-level CIV. is applicable to any application program of the card. f)
If there is an ADF-level CIV, the loading, reloading and changing process of discrete reference CIV should be controlled by the application supplier. g)
h) The cardholder verification process of the IC card system should be performed in a way that does not compromise the security of the system or other IC card or magnetic stripe card systems.
i) The cardholder verification process of the IC card system should be performed in a way that the compromise of one IC does not lead to the compromise of any other IC. j) The verification process of discrete CIV should be performed in the IC. k) If the discrete transaction CIV has been verified, then the IC should be able to prevent exhaustive search attacks on the discrete reference CIV. 4.2 Personal Identification Number (PIN)
If a PIN is used in a system using IC card technology, the requirements of ISO9564-1:1991 shall apply and be subject to the provisions of this part. 4.2.1 PIN Loading and Reloading
Initial reference PIN loading or reference PIN reloading to the IC (e.g., to replace a forgotten PIN) shall be performed in a physically secure environment or cryptographically protected using appropriate keys as specified in ISO 10202-6:1994. 4.2.2 PIN Changes
ISO 10202-6:1994 Changes to the reference PIN in the CDF or the reference PIN in the ADF may be performed by the cardholder, but shall use procedures provided by the card issuer or application provider, respectively, that include verification of the current PIN. 4.2.3 PIN Storage
The reference PIN stored in the IC shall be protected from external reading. The reference PIN in the IC may be stored as plain text if the IC card meets the following conditions:
a) Unauthorized verification of the reference PIN stored in the IC shall result in the destruction of the IC, so that the IC cannot be put back into service. Furthermore, verification of the reference PIN used or to be used in the IC requires the use of specialized equipment and techniques that are not generally available.
b) A hack into an IC card should not reveal sufficient information to derive the reference PIN of any other IC card. In a single-IC system, PIN verification should be performed in the IC. Furthermore, the reference PT should not be retained or regenerated by the issuing bank or application vendor and should only be stored in the IC
4.2.4 PIN transmission
The IC card transaction PIN should be transmitted to
In a hybrid CAD
the connection between the keyboard is physical
details. )
Note 4: It is preferred that:
In a single IC system
and the IC card reference PIN should not leave the I
N it should be password protected when it leaves the PIN keyboard. But if the IC card reader and PIN you,
SIN keyboard:
activation and the secure transmission of the password in the IC
is mandatory.
4. 2.5 PIN confirmation
transaction PIN wwW.bzxz.Net
(see ISO10202
IC card should be invited
above and reference
limit the connection of the PIN
manufacturer has the right to determine the ICCLF level or AD
until the IC has been completely recorded
or can guarantee
gold image
when the confirmation result, Ig
(see GB/T16790.5 for password protection of the PIN Xin disk and IC
EN confirmation output response does not need to password protection exhaustive search attack.
The card bank or application supplies
the number of times and the subsequent processing.
An indication of the card verification result.
GB/T16790.6--2006/IS010202-6:1994 Appendix A
(Normative Appendix)
CIV Representation
When CIV is a set of 4 to 12 digits represented in plain text, it should be represented in the PIN group format defined in 8.3.1.1 (plain text field) of ISO9564-1:1991 in the IC card, and the control field C should be 2 (i.e. 0010). Appendix B
( (Informative Appendix)
Passwords and biometric authentication methods
B.1 Passwords
It is feasible for IC cards to use passwords of typically 6 to 12 characters. If the use of IC card passwords becomes a feasible recommendation in international exchanges, then consideration may be given to incorporating them into this part. B.2 Biometric authentication methods
IC cards allow the use of biometric authentication methods. Appendix C
(Informative Appendix)
References
[1]GB/T16790.1-1997 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 1: Card authentication Life cycle (idtISO10202-1:1991) [2] GB/T16791.1-1997 Financial transaction cards - Messages between integrated circuit cards and card acceptance devices - Part 1: Concepts and structure (idtISO9992-1:1990) [3] GB/T17552-1998 Identification cards - Financial transaction cards (idtISO/IEC7813:1995) [4] GB/T16790.7-2006 Financial transaction cards - Security system for financial transaction systems using integrated circuit cards - Part 7: Key management (idtISO10202-7:1998.IDT) [5] ISO 10202-4 Financial transaction cards--Security architecture of financial transaction systems using integrated cards-Part 4, Secure application modulesGB/T 16790. 6-2006
National Standard of the People's Republic of China
Financial transaction cards
Security architecture of financial transaction systems using integrated cards
Part 6: Cardholder identity verification
GB/T 16790, 6--2006/ISO 10202-6:1994Published and distributed by China Standards Press
No. 16, Sanlihebei Street, Fuxingmenwai, Beijing
Postal Code: 100045
Website spc. net.cn
Tel: 6852394668517548
Printed by Qinhuangdao Printing Factory of China Standard Press Distributed by Xinhua Bookstores in various places
Format 880×12301/16 Printing sheet 0.75 Word count 11,000 words First edition in March 2007 Second printing in March 2007
Book number: 155066·1-29023 Price 14.00 yuan If there is any printing error, the distribution center of our company will replace it. Copyright infringement will be investigated
Report telephone: (010)68533533
1661:9-20201 01/9001994 Changes to the reference PIN of the CDF or the reference PIN of the ADF may be made by the cardholder, but shall be made using procedures provided by the card issuer or application provider, respectively, that include verification of the current PIN. 4.2.3 PIN Storage
The reference PIN stored in the IC shall be protected from external reading. The reference PIN in the IC may be stored as plain text if the IC card meets the following conditions:
a) Unauthorized verification of the reference PIN stored in the IC shall result in the destruction of the IC, so that the IC cannot be restored to service. Furthermore, verification of the reference PIN in the IC that has been or will be used requires the use of specialized equipment and techniques that are not generally available.
b) Intrusion into the IC card shall not reveal sufficient information to deduce the reference PIN of any other IC card. In a single-IC system, PIN verification shall be performed in the IC. Moreover, the reference PT should not be retained or regenerated by the issuing bank or application provider and should only be stored in the IC
4.2.4PIN transmission
The IC card transaction PIN should be transmitted to
In the mixed CAD
The connection between the keyboard is a physical
detail. )
Note 4: It is preferred that:
In a single IC system
and the IC card reference PIN should not leave the I
N, it should be password protected when it leaves the PIN keyboard. However, if the IC card reader and PIN you,
SIN keyboard:
activation and secure transmission of the password in the IC
is mandatory.
4. 2.5 PIN Confirm the transaction PIN (see ISO10202) IC card should be connected to the invitation and reference to the above restrictions on the connection of the PIN. The manufacturer has the right to determine the ICCLF level or AD until the IC has finally recorded or can guarantee the confirmation result. The output response of the PIN confirmation between the PIN disk and the IC does not need to be password protected. Exhaustive search attack. The card bank or application supplies
the number of times and the subsequent processing.
An indication of the card verification result.
GB/T16790.6--2006/IS010202-6:1994 Appendix A
(Normative Appendix)
CIV Representation
When CIV is a set of 4 to 12 digits represented in plain text, it should be represented in the PIN group format defined in 8.3.1.1 (plain text field) of ISO9564-1:1991 in the IC card, and the control field C should be 2 (i.e. 0010). Appendix B
( (Informative Appendix)
Passwords and biometric authentication methods
B.1 Passwords
It is feasible for IC cards to use passwords of typically 6 to 12 characters. If the use of IC card passwords becomes a feasible recommendation in international exchanges, then consideration may be given to incorporating them into this part. B.2 Biometric authentication methods
IC cards allow the use of biometric authentication methods. Appendix C
(Informative Appendix)
References
[1]GB/T16790.1-1997 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 1: Card authentication Life cycle (idtISO10202-1:1991) [2] GB/T16791.1-1997 Financial transaction cards - Messages between integrated circuit cards and card acceptance devices - Part 1: Concepts and structure (idtISO9992-1:1990) [3] GB/T17552-1998 Identification cards - Financial transaction cards (idtISO/IEC7813:1995) [4] GB/T16790.7-2006 Financial transaction cards - Security system for financial transaction systems using integrated circuit cards - Part 7: Key management (idtISO10202-7:1998.IDT) [5] ISO 10202-4 Financial transaction cards--Security architecture of financial transaction systems using integrated cards-Part 4, Secure application modulesGB/T 16790. 6-2006
National Standard of the People's Republic of China
Financial transaction cards
Security architecture of financial transaction systems using integrated cards
Part 6: Cardholder identity verification
GB/T 16790, 6--2006/ISO 10202-6:1994Published and distributed by China Standards Press
No. 16, Sanlihebei Street, Fuxingmenwai, Beijing
Postal Code: 100045
Website spc. net.cn
Tel: 6852394668517548
Printed by Qinhuangdao Printing Factory of China Standard Press Distributed by Xinhua Bookstores in various places
Format 880×12301/16 Printing sheet 0.75 Word count 11,000 words First edition in March 2007 Second printing in March 2007
Book number: 155066·1-29023 Price 14.00 yuan If there is any printing error, the distribution center of our company will replace it. Copyright infringement will be investigated
Report telephone: (010)68533533
1661:9-20201 01/9001994 Changes to the reference PIN of the CDF or the reference PIN of the ADF may be made by the cardholder, but shall be made using procedures provided by the card issuer or application provider, respectively, that include verification of the current PIN. 4.2.3 PIN Storage
The reference PIN stored in the IC shall be protected from external reading. The reference PIN in the IC may be stored as plain text if the IC card meets the following conditions:
a) Unauthorized verification of the reference PIN stored in the IC shall result in the destruction of the IC, so that the IC cannot be restored to service. Furthermore, verification of the reference PIN in the IC that has been or will be used requires the use of specialized equipment and techniques that are not generally available.
b) Intrusion into the IC card shall not reveal sufficient information to deduce the reference PIN of any other IC card. In a single-IC system, PIN verification shall be performed in the IC. Moreover, the reference PT should not be retained or regenerated by the issuing bank or application provider and should only be stored in the IC
4.2.4PIN transmission
The IC card transaction PIN should be transmitted to
In the mixed CAD
The connection between the keyboard is a physical
detail. )
Note 4: It is preferred that:
In a single IC system
and the IC card reference PIN should not leave the I
N, it should be password protected when it leaves the PIN keyboard. However, if the IC card reader and PIN you,
SIN keyboard:
activation and secure transmission of the password in the IC
is mandatory.
4. 2.5 PIN Confirm the transaction PIN (see ISO10202) IC card should be connected to the invitation and reference to the above restrictions on the connection of the PIN. The manufacturer has the right to determine the ICCLF level or AD until the IC has finally recorded or can guarantee the confirmation result. The output response of the PIN confirmation between the PIN disk and the IC does not need to be password protected. Exhaustive search attack. The card bank or application supplies
the number of times and the subsequent processing.
An indication of the card verification result.
GB/T16790.6--2006/IS010202-6:1994 Appendix A
(Normative Appendix)
CIV Representation
When CIV is a set of 4 to 12 digits represented in plain text, it should be represented in the PIN group format defined in 8.3.1.1 (plain text field) of ISO9564-1:1991 in the IC card, and the control field C should be 2 (i.e. 0010). Appendix B
( (Informative Appendix)
Passwords and biometric authentication methods
B.1 Passwords
It is feasible for IC cards to use passwords of typically 6 to 12 characters. If the use of IC card passwords becomes a feasible recommendation in international exchanges, then consideration may be given to incorporating them into this part. B.2 Biometric authentication methods
IC cards allow the use of biometric authentication methods. Appendix C
(Informative Appendix)
References
[1]GB/T16790.1-1997 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 1: Card authentication Life cycle (idtISO10202-1:1991) [2] GB/T16791.1-1997 Financial transaction cards - Messages between integrated circuit cards and card acceptance devices - Part 1: Concepts and structure (idtISO9992-1:1990) [3] GB/T17552-1998 Identification cards - Financial transaction cards (idtISO/IEC7813:1995) [4] GB/T16790.7-2006 Financial transaction cards - Security system for financial transaction systems using integrated circuit cards - Part 7: Key management (idtISO10202-7:1998.IDT) [5] ISO 10202-4 Financial transaction cards--Security architecture of financial transaction systems using integrated cards-Part 4, Secure application modulesGB/T 16790. 6-2006
National Standard of the People's Republic of China
Financial transaction cards
Security architecture of financial transaction systems using integrated cards
Part 6: Cardholder identity verification
GB/T 16790, 6--2006/ISO 10202-6:1994Published and distributed by China Standards Press
No. 16, Sanlihebei Street, Fuxingmenwai, Beijing
Postal Code: 100045
Website spc. net.cn
Tel: 6852394668517548
Printed by Qinhuangdao Printing Factory of China Standard Press Distributed by Xinhua Bookstores in various places
Format 880×12301/16 Printing sheet 0.75 Word count 11,000 words First edition in March 2007 Second printing in March 2007
Book number: 155066·1-29023 Price 14.00 yuan If there is any printing error, the distribution center of our company will replace it. Copyright infringement will be investigated
Report telephone: (010)68533533
1661:9-20201 01/9001 Passwords
IC cards are suitable for using passwords of typically 6 to 12 characters. If the use of IC card passwords becomes a feasible recommendation in international exchanges, then it may be considered for incorporation into this part. B.2 Biometric authentication
IC cards allow the use of biometric authentication. Appendix C
(Informative Appendix)
References
[1] GB/T 16790.1-1997 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 1: Card life cycle (idt ISO 10202-1: 1991) [2] GB/T 16791.1-1997 Financial transaction cards Messages between integrated circuit cards and card acceptance devices Part 1: Concepts and architecture (idt ISO 9992-1: 1990) [3] GB/T 17552-1998 Identification cards Financial transaction cards (idt ISO/IEC 7813: 1995) [4] GB/T 16790.7-2006 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 7: Key management (ISO 10202-7: 1998. IDT) [5] ISO 10202-4 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 7: Key management (idt ISO 10202-7: 1998. IDT) cards--Security architecture of financial transaction sys-tems using integrated cards-Part 4, Secure application modulesGB/T 16790. 6-2006
National Standard of the People's Republic of China
Financial transaction cards
Security architecture of financial transaction systems using integrated cards
Part 6: Cardholder identity verification
GB/T 16790, 6--2006/ISO 10202-6:1994Published and distributed by China Standards Press
No. 16, Sanlihebei Street, Fuxingmenwai, Beijing
Postal Code: 100045
Website spc. net.cn
Tel: 6852394668517548
Printed by Qinhuangdao Printing Factory of China Standard Press Distributed by Xinhua Bookstores in various places
Format 880×12301/16 Printing sheet 0.75 Word count 11,000 words First edition in March 2007 Second printing in March 2007
Book number: 155066·1-29023 Price 14.00 yuan If there is any printing error, the distribution center of our company will replace it. Copyright infringement will be investigated
Report telephone: (010)68533533
1661:9-20201 01/9001 Passwords
IC cards are suitable for using passwords of typically 6 to 12 characters. If the use of IC card passwords becomes a feasible recommendation in international exchanges, then it may be considered for incorporation into this part. B.2 Biometric authentication
IC cards allow the use of biometric authentication. Appendix C
(Informative Appendix)
References
[1] GB/T 16790.1-1997 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 1: Card life cycle (idt ISO 10202-1: 1991) [2] GB/T 16791.1-1997 Financial transaction cards Messages between integrated circuit cards and card acceptance devices Part 1: Concepts and architecture (idt ISO 9992-1: 1990) [3] GB/T 17552-1998 Identification cards Financial transaction cards (idt ISO/IEC 7813: 1995) [4] GB/T 16790.7-2006 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 7: Key management (ISO 10202-7: 1998. IDT) [5] ISO 10202-4 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 7: Key management (idt ISO 10202-7: 1998. IDT) cards--Security architecture of financial transaction sys-tems using integrated cards-Part 4, Secure application modulesGB/T 16790. 6-2006
National Standard of the People's Republic of China
Financial transaction cards
Security architecture of financial transaction systems using integrated cards
Part 6: Cardholder identity verification
GB/T 16790, 6--2006/ISO 10202-6:1994Published and distributed by China Standards Press
No. 16, Sanlihebei Street, Fuxingmenwai, Beijing
Postal Code: 100045
Website spc. net.cn
Tel: 6852394668517548
Printed by Qinhuangdao Printing Factory of China Standard Press Distributed by Xinhua Bookstores in various places
Format 880×12301/16 Printing sheet 0.75 Word count 11,000 words First edition in March 2007 Second printing in March 2007
Book number: 155066·1-29023 Price 14.00 yuan If there is any printing error, the distribution center of our company will replace it. Copyright infringement will be investigated
Report telephone: (010)68533533
1661:9-20201 01/900
Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.