title>Financial transaction cards—Security architecture of financial transaction systems using integrated circuit cards—Part 1:Card life cycle - GB/T 16790.1-1997 - Chinese standardNet - bzxz.net
Home > GB > Financial transaction cards—Security architecture of financial transaction systems using integrated circuit cards—Part 1:Card life cycle
Financial transaction cards—Security architecture of financial transaction systems using integrated circuit cards—Part 1:Card life cycle
Basic Information
Standard ID:
GB/T 16790.1-1997
Standard Name:Financial transaction cards—Security architecture of financial transaction systems using integrated circuit cards—Part 1:Card life cycle
Standard ICS number:Information technology, office machinery and equipment>>Information technology applications>>35.240.15 Identification cards and related devices
Standard Classification Number:General>>Economy, Culture>>A11 Finance, Insurance
drafter:Liu Zhong, Nie Shu, Fang Qing, Lu Shuchun, Lu Xiaobing, Wang Yunsheng, Meng Guiqing, Wang Ka
Drafting unit:People's Bank of China, Industrial and Commercial Bank of China, China Institute of Standardization and Information Classification and Coding
Focal point unit:National Financial Standardization Technical Committee
Proposing unit:People's Bank of China
Publishing department:State Bureau of Technical Supervision
This part of GB/T 16790 specifies in detail the protection principles for the integrated circuit (IC) in financial transaction cards from manufacturing, issuance, use to termination. This part of GB/T 16790 applies to any organization responsible for implementing security procedures to protect ICs and integrated circuit cards (ICCs) during their life cycle. GB/T 16790.1-1997 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 1: Card life cycle GB/T16790.1-1997 Standard download decompression password: www.bzxz.net
This part of GB/T 16790 specifies in detail the protection principles for the integrated circuit (IC) in financial transaction cards from manufacturing, issuance, use to termination. This part of GB/T 16790 applies to any organization responsible for implementing security procedures to protect ICs and integrated circuit cards (ICCs) during their life cycle.
Some standard content:
GB/T 16790. 11997 This standard is equivalent to IS010202-1:1991 "Financial transaction cards - Security architecture of financial transaction systems using integrated circuit cards Part 1: Card life cycle" GB/T16790 is under the general title "Financial transaction cards - Security architecture of financial transaction systems using integrated circuits" and consists of the following parts: -Part 1: Card life cycle Part 2: Transaction processing Part 3: Key relationship -Part 4: Security application module -Part 5 Algorithm usage composition -Part 6: Cardholder identity verification Appendix A of this standard is the standard appendix. Appendix B and Appendix C of this standard are prompt appendices. This standard is slightly different from IS10202-1 in the referenced standards because ISO7812.19 referenced in ISO10202-1 is 87 Identification cards - Issuer identifier numbering system and registration procedures" has been divided into two parts after revision in 1993, namely ISO/IEC7812-1:1993 Identification cards - Issuer identifier - Part 1: Numbering system and ISO/IEC7812-2:1993 Identification cards - Issuer identifier - Part 2: Application and registration procedures, and both have been adopted as national standards. The corresponding national standard numbers are GB/T15694.1--1995 and GB/T15694.2-1996. Therefore, when citing this standard, it should be marked as the new standard. This standard is proposed by the People's Bank of China. This standard is managed by the National Financial Standardization Technical Committee. The drafting units of this standard are: People's Bank of China, Industrial and Commercial Bank of China, and China Institute of Standardization and Information Classification and Coding. The main drafters of this standard are: Liu Zhong, Zui Shu, Fang Qing, Lu Shuchun, Lu Xiaobing, Wang Yunsheng, Meng Jiaqing, and Wang Jia. GB/T 16790. 1—1997 ISOForeword ISO (International Organization for Standardization) is a worldwide federation of national bodies (ISO member bodies) engaged in standardization. The work of international standardization is promoted through the activities of ISO technical committees. Each member body interested in the work of a documented technical committee has the right to participate in the work of that committee. International organizations, official and non-official, in liaison with ISO may participate in the work of the committee. ISO and IEC (International Electrotechnical Commission) collaborate closely in all fields of electrotechnical standards. Draft international standards prepared by technical committees are circulated to member bodies for voting. Publication as an international standard requires approval by at least 75% of the member bodies voting. International Standard ISO 10202-1 was prepared by "Banks and Related Organizations". Developed by Technical Committee ISO/TrC68 on "Financial Services". ISO10202, under the general title "Financial transaction cards - Security architecture for financial transaction systems using integrated circuit cards", consists of the following parts: Part 1: Card life cycle Part 2: Transaction processing Part 3: Key relationships Part 4: Security application model Part 5: Use of algorithms Part 6: Cardholder identity authentication Appendix A of this standard constitutes the standard content of this part of ISO10202, and Appendices B and C are for reference only. 1 Scope National Standard of the People's Republic of China Financial transaction cards-Security architecture of financial transaction systems using integrated circuit cards-Part 1; Card life cycleCB/T 16790.11997 idtIso10202-1.1991 This part of GB/T 16790 specifies in detail the protection principles of the integrated circuit (ICC) in financial transaction cards from manufacture, issuance, use to termination. This part of GB/T 16790 applies to any organization responsible for implementing security procedures to protect ICs and integrated circuit cards (ICCs) during their life cycle. This part of GB/T 16790 includes some characteristics of the ICC life cycle, which are supplementary to the relevant national standards under magnetic stripe banking. It also includes the security technologies adopted by organizations related to the manufacture, issuance, use and termination of ICs and ICCs. The appendix lists the risks that arise in these processes and methods to reduce these risks. Appendix A describes the content of the "1 teaching areas and security inspections related to security recorded in ICs. 2 Whenever the issuer or application provider refers to this standard, its various clauses apply to the agents designated by the two. 2 Referenced standards The provisions contained in the following standards constitute the provisions of this standard through reference in this standard. When this standard was published, the versions shown were valid. All standards will be revised, and parties using this standard should explore the possibility of using the latest versions of the following standards. GB/T26591994 Codes for countries and regions around the world "idtISO'3166:1988) GB/T15694.1-1 995 Identification card issuer identification Part 1: Numbering system (idt1SO7812-1:1993) GB/T15694.2--1996 Identification card issuer identification Part 2: Application and registration procedures (idtISO78122:1993) ISO7813:1990 Identification cards - Financial transaction cards ISO9992-2 Financial transaction cards - Messages between integrated circuit cards and card acceptance devices Part 2: Functions, messages (commands and responses), data elements and structures ISO10202-3 Financial transactions - Security architecture for financial transaction systems using integrated circuit cards - Part 3: Key relationships ISO 10202 61994 Financial transaction card-Security architecture of financial transaction system using integrated circuit card-Part 6: Identity verification of holder Approved by the State Administration of Technical Supervision on May 26, 1997 and implemented on March 1, 1998 3 Definitions This standard uses the following definitions. GB/T 16790.1—1997 Application Data File (ADF) 3-1 Application Data File (ADF) The file in an IC that supports one or more services. 3.2 Application provider The entity responsible for the ADF allocated by the application provider. 3.3 ADF personalizer The entity that initially loads the security parameters and related operating parameters into the space allocated by the ADF in the IC. 3.4 ADF allocation The security provisions for the subsequent use of the IC space by the application provider. 3.5 Card Accepting Device (CAD) Card Accepting Device (CAD) Device used to interface with the ICC during a session 3.6 Card issuer An institution (or its agent) that issues a financial transaction ICC to a cardholder. 3.7 Cardholder A person to whom a financial transaction ICC is issued. 3.8 Common Data File (CDF) Cammon Deta File (CDF) A mandatory file containing the common data stored in the ICC to identify the card, the issuer, and the holder. 3.9 Embedder An entity that performs IC embedding. 3.10 Integrated Circuit (IC) An electronic component embedded in an ICC that performs processing and storage functions in the form of a microcircuit. 3.11 Integrated Circuit Card (ICC) An integrated circuit card that embeds one or more ICs. 3.12 IC assembler The entity that performs IC assembly. 3.13 IC assembly The process of assembling one or more ICs and external communication components into a module suitable for embedding.14 IC assembly A module suitable for IC embedding that contains one or more ICs and external communication components 3.15 IC embedding The process of embedding an IC assembly into an ICC. 3.16 Primary Account Number (PAN) Primary Account Number (PAN) A number assigned to identify the issuer and the cardholder. According to the definition in IS7812, the primary account number consists of the issuer identification number, the personal account identification number and an accompanying check digit. 3.17 Security audit trail Historical data and information used to verify the correctness and completeness of the agreed security procedures and to detect security violations. 4 General principles of security This part of GB/T 16790 provides the following principles for the security processing procedures mentioned in the standard: a) The manufacture, preparation, use and termination of the ICC should be carried out in such a way that damage to one implementation stage of the ICC should not affect other implementation stages of the ICC. GB/T 16790.1--- 1997 h) The issuer shall be responsible for the life cycle of the card, the distribution of the CDF and the data in the CDF, and the distribution of the ADF: Once the ADF is distributed, it shall be controlled by the application provider (which may be the issuer). The issuer or application provider may delegate functions to its agent within the scope permitted by the security principle. ) The data stored in an ADF and/or the operations performed on an ADF shall not damage the AI>F of other application providers. d) During the life cycle of the ICC, a security audit trail record shall be kept. 5 Protection during the card life cycle This clause specifies minimum security requirements for the following stages in the card life cycle: Manufacture of ICs and ICCs (see 5.1) Card preparation (see 5.2) Card personalization Activation of the CDF Application data file (ADF) preparation (5.3) Distribution of the ADF, ADF personalization Activation of the ADF Card use process (see 5.4) Card use Deactivation of the ADF Deactivation of the CDF Reactivation of the CDF ADF Reactivation Termination of use (see 5.5) Termination of AF Termination of CDF Termination of credit These requirements can be used for the management of the card life cycle and form the basis for a more detailed commercial agreement between the manufacturer, supplier, issuer and user of ICX. 5.1 Manufacturing of IC and ICC The manufacturing process includes: IC semiconductor design and software design IC manufacturing IC assembly IC embedding During the manufacturing process, before the dedicated data is entered into the ICC, the security of the manufacturing process should meet the security level required by the issuer. From the stage where private data (e.g. private encryption algorithms or keys) and/or other confidentiality factors are combined with the IC:, the following security requirements should be met: a) All processing should be carried out in a secure environment, that is, access to data is controlled and confidentiality of private data is maintained. b) Access to the controlled area of 1C is only possible through the use of the manufacturing key, which is specified in 1S010202-3. There can be different production keys between each manufacturing stage. c) The IC and ICC should be physically or physically protected during storage and transportation. For the purpose of security audit, the following data should be recorded in the IC: (see Appendix A for details). IC manufacturer identifier Manufacturer's IC type identifier Embedding organization/IC assembly organization identifier GB/T16790.1—1997 As part of the manufacturing process, the integrity of the IC should be verified (e.g., by statistical sampling) to confirm that it complies with the agreed reference technical specifications. 5.2 Card Preparation Card preparation includes two steps; Card Personalization CDF Activation 5.2. 1 Card Personalization The card issuer shall be responsible for the card personalization process, which shall be carried out under the control of appropriate keys (specified in ISO10202-3), including the public data file (CDF) data and related IC keys. The CDF data shall at least include the primary account number1—1997 As part of the manufacturing process, the integrity of the IC should be verified (e.g., by statistical sampling) to confirm that it conforms to the agreed reference technical specification. 5.2 Card preparation Card preparation consists of two steps; Card personalization CDF activation 5.2. 1 Card personalization The issuer shall be responsible for the personalization of the card, which shall be carried out under the control of the appropriate key (specified in ISO10202-3) and include the Common Data File (CDF) data and the contents of the relevant IC keys. The CDF data shall include at least the primary account number1—1997 As part of the manufacturing process, the integrity of the IC should be verified (e.g., by statistical sampling) to confirm that it conforms to the agreed reference technical specification. 5.2 Card preparation Card preparation consists of two steps; Card personalization CDF activation 5.2. 1 Card personalization The issuer shall be responsible for the personalization of the card, which shall be carried out under the control of the appropriate key (specified in ISO10202-3) and include the Common Data File (CDF) data and the contents of the relevant IC keys. The CDF data shall include at least the primary account numberF, the appropriate key replacement password as specified in ISO 10202-3 should be used. 5.5.3 Termination of keys After the ADF is terminated, all keys remaining in the ADF should not be controlled by the application provider. This process should not prevent the sequential reading of existing readable information (which will be described in ISO 10202-3). After the CDF is terminated and any residual value in 1C is transferred, all keys remaining in the CDF will be out of the control of the issuer. This process should not prevent the subsequent sequential reading of existing readable CDF information (which will be described in ISO 10202-3). After all keys are terminated, the encryption function cannot be used again. GB/T 16790.1—1997 Appendix A (Standard Appendix) Description of security audit and security-related data segments (the following fields referenced will be in ISO 9992-2) IC Manufacturer Identifier Status: Location: General Readable Area Access Condition: Unchangeable Format: Content: Purpose: 1 byte The Manufacturer Identifier is consistent with the registration in ISO and identifies the IC manufacturer in a unique way Manufacturer's IC Type Identifier Status: Location: Mandatory General Readable Area Access Condition: Unchangeable Format: Content: Date: 2 bytes Manufacturer's IC Type Identifier Identifies each IC design and (or>IC production batch embedding organization/IC of a specific manufacturer Assembly organization identifier Status: Location: Mandatory General readable areaWww.bzxZ.net Access case: Unchangeable Format: Content: Purpose, 5 bytes in the form of CCEEA CC - Country code of the import organization, expressed in two letters, in accordance with the definition of GB/T2659-1994. EE - Embedded organization name, expressed in two digits (should be registered at the national level). A - One alphanumeric character set for other purposes, for example, to identify the IC assembly organization. Identifies the personalized organization identifier that combines the IC component and the plastic card in the flashing organization. Status: Location: Mandatory CDF Area Access conditions: cannot be changed Format: Content: Date, 1 semester Identifier of the card personalization agency determined by the issuer. Identifier of the CDF enabling agency Status: Location: Optional CDF area Access conditions: cannot be changed Format: Content: 10-digit number LLL.L.LI in the form LLLLLLNNNV - such as GB/T 15694.1—1995 and GB/T 156 94.2-1996 Issuer Identification NNNN Auxiliary Identification defined by the issuer Purpose: GB/T16790.1-1997 Use a unique method to identify the CDF activation agency Serial number of the CDF activation agency Status: Location; Optional CDF area Access conditions: Unchangeable Format: Content: Purpose: 6 digits Mountain card activation agency definition For a specific card activation agency, use a unique method to identify the activated CDF. CI>F Status: Location: Optional CDF area Access conditions: Unchangeable Format; 6-digit math Content, YYMMDD, defines the activation date Appendix B (Prompt Appendix) Card life cycle - Security/risk matrix |Security Risks Functional Integrity Accidental Intentional Memory Integrity Accidental Intentional Other Hardware Failures Personalization Reactivation IC Testing Risk Reduction Methods Secure Environment, Storage, Transportation Audit Trail Key Management GB/T 16790.1-1997 Appendix C (Informative Appendix) References (1) IS0 7816-1:1987 Identification cards — Integrated circuit cards with contacts — Part 1: Physical characteristics Banking services — Management and security of personal identification numbers — Part 1: Protection of personal identification numbers (2) ISO 9564-1:1991 Principles and techniques Financial transaction cards — Messages between integrated circuit cards and card acceptance devices — Part 1: Concepts (3) ISO 9992-1:1990 And structure Financial transaction cards — Messages between integrated circuit cards and card acceptance devices — Part 2: Functions, messages (4) ISO 9992-21 Messages (commands and responses), data elements and structure (5) ISO 10202-2:1995 Financial transaction cards — Security architecture for financial transaction systems using integrated circuit cards — Part 2: Transaction processing (6) ISO 10202-31) Financial transaction cards — Security architecture for financial transaction systems using integrated circuit cards — Part 3: Key relationships (7) ISO 10202-6:1994 1) To be published. Financial transaction cards — Security architecture for financial transaction systems using integrated circuit cards — Part 6: Cardholder identity verification Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.