This part of GB/T 16790 specifies in detail the protection principles for the integrated circuit (IC) in financial transaction cards from manufacturing, issuance, use to termination. This part of GB/T 16790 applies to any organization responsible for implementing security procedures to protect ICs and integrated circuit cards (ICCs) during their life cycle. GB/T 16790.1-1997 Financial transaction cards Security architecture for financial transaction systems using integrated circuit cards Part 1: Card life cycle GB/T16790.1-1997 Standard download decompression password: www.bzxz.net
This part of GB/T 16790 specifies in detail the protection principles for the integrated circuit (IC) in financial transaction cards from manufacturing, issuance, use to termination. This part of GB/T 16790 applies to any organization responsible for implementing security procedures to protect ICs and integrated circuit cards (ICCs) during their life cycle.

GB/T 16790. 11997
This standard is equivalent to IS010202-1:1991 "Financial transaction cards - Security architecture of financial transaction systems using integrated circuit cards Part 1: Card life cycle"
GB/T16790 is under the general title "Financial transaction cards - Security architecture of financial transaction systems using integrated circuits" and consists of the following parts:
-Part 1: Card life cycle
Part 2: Transaction processing
Part 3: Key relationship
-Part 4: Security application module
-Part 5 Algorithm usage composition
-Part 6: Cardholder identity verification
Appendix A of this standard is the standard appendix. Appendix B and Appendix C of this standard are prompt appendices. This standard is slightly different from IS10202-1 in the referenced standards because ISO7812.19 referenced in ISO10202-1 is 87 Identification cards - Issuer identifier numbering system and registration procedures" has been divided into two parts after revision in 1993, namely ISO/IEC7812-1:1993 Identification cards - Issuer identifier - Part 1: Numbering system and ISO/IEC7812-2:1993 Identification cards - Issuer identifier - Part 2: Application and registration procedures, and both have been adopted as national standards. The corresponding national standard numbers are GB/T15694.1--1995 and GB/T15694.2-1996. Therefore, when citing this standard, it should be marked as the new standard. This standard is proposed by the People's Bank of China.
This standard is managed by the National Financial Standardization Technical Committee. The drafting units of this standard are: People's Bank of China, Industrial and Commercial Bank of China, and China Institute of Standardization and Information Classification and Coding. The main drafters of this standard are: Liu Zhong, Zui Shu, Fang Qing, Lu Shuchun, Lu Xiaobing, Wang Yunsheng, Meng Jiaqing, and Wang Jia. GB/T 16790. 1—1997
ISOForeword
ISO (International Organization for Standardization) is a worldwide federation of national bodies (ISO member bodies) engaged in standardization. The work of international standardization is promoted through the activities of ISO technical committees. Each member body interested in the work of a documented technical committee has the right to participate in the work of that committee. International organizations, official and non-official, in liaison with ISO may participate in the work of the committee. ISO and IEC (International Electrotechnical Commission) collaborate closely in all fields of electrotechnical standards. Draft international standards prepared by technical committees are circulated to member bodies for voting. Publication as an international standard requires approval by at least 75% of the member bodies voting. International Standard ISO 10202-1 was prepared by "Banks and Related Organizations". Developed by Technical Committee ISO/TrC68 on "Financial Services". ISO10202, under the general title "Financial transaction cards - Security architecture for financial transaction systems using integrated circuit cards", consists of the following parts:
Part 1: Card life cycle
Part 2: Transaction processing
Part 3: Key relationships
Part 4: Security application model
Part 5: Use of algorithms
Part 6: Cardholder identity authentication
Appendix A of this standard constitutes the standard content of this part of ISO10202, and Appendices B and C are for reference only. 1 Scope
National Standard of the People's Republic of China
Financial transaction cards-Security architecture of financial transaction systems using integrated circuit cards-Part 1; Card life cycleCB/T 16790.11997
idtIso10202-1.1991
This part of GB/T 16790 specifies in detail the protection principles of the integrated circuit (ICC) in financial transaction cards from manufacture, issuance, use to termination.
This part of GB/T 16790 applies to any organization responsible for implementing security procedures to protect ICs and integrated circuit cards (ICCs) during their life cycle.
This part of GB/T 16790 includes some characteristics of the ICC life cycle, which are supplementary to the relevant national standards under magnetic stripe banking. It also includes the security technologies adopted by organizations related to the manufacture, issuance, use and termination of ICs and ICCs. The appendix lists the risks that arise in these processes and methods to reduce these risks. Appendix A describes the content of the "1
teaching areas and security inspections related to security recorded in ICs.
2 Whenever the issuer or application provider refers to this standard, its various clauses apply to the agents designated by the two. 2 Referenced standards
The provisions contained in the following standards constitute the provisions of this standard through reference in this standard. When this standard was published, the versions shown were valid. All standards will be revised, and parties using this standard should explore the possibility of using the latest versions of the following standards. GB/T26591994 Codes for countries and regions around the world "idtISO'3166:1988) GB/T15694.1-1 995 Identification card issuer identification Part 1: Numbering system (idt1SO7812-1:1993) GB/T15694.2--1996 Identification card issuer identification Part 2: Application and registration procedures (idtISO78122:1993) ISO7813:1990 Identification cards - Financial transaction cards ISO9992-2 Financial transaction cards - Messages between integrated circuit cards and card acceptance devices Part 2: Functions, messages (commands and responses), data elements and structures
ISO10202-3 Financial transactions - Security architecture for financial transaction systems using integrated circuit cards - Part 3: Key relationships
ISO 10202 61994
Financial transaction card-Security architecture of financial transaction system using integrated circuit card-Part 6: Identity verification of holder
Approved by the State Administration of Technical Supervision on May 26, 1997 and implemented on March 1, 1998
3 Definitions
This standard uses the following definitions.
GB/T 16790.1—1997
Application Data File (ADF)
3-1 Application Data File (ADF)
The file in an IC that supports one or more services. 3.2 Application provider The entity responsible for the ADF allocated by the application provider.
3.3 ADF personalizer The entity that initially loads the security parameters and related operating parameters into the space allocated by the ADF in the IC. 3.4 ADF allocation The security provisions for the subsequent use of the IC space by the application provider. 3.5 Card Accepting Device (CAD) Card Accepting Device (CAD) Device used to interface with the ICC during a session 3.6 Card issuer
An institution (or its agent) that issues a financial transaction ICC to a cardholder. 3.7 Cardholder
A person to whom a financial transaction ICC is issued.
3.8 Common Data File (CDF) Cammon Deta File (CDF) A mandatory file containing the common data stored in the ICC to identify the card, the issuer, and the holder.
3.9 Embedder
An entity that performs IC embedding.
3.10 Integrated Circuit (IC) An electronic component embedded in an ICC that performs processing and storage functions in the form of a microcircuit. 3.11 Integrated Circuit Card (ICC) An integrated circuit card that embeds one or more ICs.
3.12 IC assembler
The entity that performs IC assembly.
3.13 IC assembly The process of assembling one or more ICs and external communication components into a module suitable for embedding.14 IC assembly
A module suitable for IC embedding that contains one or more ICs and external communication components 3.15 IC embedding
The process of embedding an IC assembly into an ICC. 3.16 Primary Account Number (PAN) Primary Account Number (PAN) A number assigned to identify the issuer and the cardholder. According to the definition in IS7812, the primary account number consists of the issuer identification number, the personal account identification number and an accompanying check digit. 3.17 Security audit trail Historical data and information used to verify the correctness and completeness of the agreed security procedures and to detect security violations. 4 General principles of security
This part of GB/T 16790 provides the following principles for the security processing procedures mentioned in the standard: a) The manufacture, preparation, use and termination of the ICC should be carried out in such a way that damage to one implementation stage of the ICC should not affect other implementation stages of the ICC.
GB/T 16790.1--- 1997
h) The issuer shall be responsible for the life cycle of the card, the distribution of the CDF and the data in the CDF, and the distribution of the ADF: Once the ADF is distributed, it shall be controlled by the application provider (which may be the issuer). The issuer or application provider may delegate functions to its agent within the scope permitted by the security principle.
) The data stored in an ADF and/or the operations performed on an ADF shall not damage the AI>F of other application providers. d) During the life cycle of the ICC, a security audit trail record shall be kept. 5 Protection during the card life cycle
This clause specifies minimum security requirements for the following stages in the card life cycle: Manufacture of ICs and ICCs (see 5.1)
Card preparation (see 5.2)
Card personalization
Activation of the CDF
Application data file (ADF) preparation (5.3) Distribution of the ADF,
ADF personalization
Activation of the ADF
Card use process (see 5.4)
Card use
Deactivation of the ADF
Deactivation of the CDF
Reactivation of the CDF
ADF Reactivation
Termination of use (see 5.5)
Termination of AF
Termination of CDF
Termination of credit
These requirements can be used for the management of the card life cycle and form the basis for a more detailed commercial agreement between the manufacturer, supplier, issuer and user of ICX.
5.1 Manufacturing of IC and ICC
The manufacturing process includes:
IC semiconductor design and software design
IC manufacturing
IC assembly
IC embedding
During the manufacturing process, before the dedicated data is entered into the ICC, the security of the manufacturing process should meet the security level required by the issuer. From the stage where private data (e.g. private encryption algorithms or keys) and/or other confidentiality factors are combined with the IC:, the following security requirements should be met:
a) All processing should be carried out in a secure environment, that is, access to data is controlled and confidentiality of private data is maintained.
b) Access to the controlled area of ​​1C is only possible through the use of the manufacturing key, which is specified in 1S010202-3. There can be different production keys between each manufacturing stage.
c) The IC and ICC should be physically or physically protected during storage and transportation. For the purpose of security audit, the following data should be recorded in the IC: (see Appendix A for details). IC manufacturer identifier
Manufacturer's IC type identifier
Embedding organization/IC assembly organization identifier
GB/T16790.1—1997
As part of the manufacturing process, the integrity of the IC should be verified (e.g., by statistical sampling) to confirm that it complies with the agreed reference technical specifications.
5.2 Card Preparation
Card preparation includes two steps;
Card Personalization
CDF Activation
5.2. 1 Card Personalization
The card issuer shall be responsible for the card personalization process, which shall be carried out under the control of appropriate keys (specified in ISO10202-3), including the public data file (CDF) data and related IC keys. The CDF data shall at least include the primary account number1—1997
As part of the manufacturing process, the integrity of the IC should be verified (e.g., by statistical sampling) to confirm that it conforms to the agreed reference technical specification.
5.2 Card preparation
Card preparation consists of two steps;
Card personalization
CDF activation
5.2. 1 Card personalization
The issuer shall be responsible for the personalization of the card, which shall be carried out under the control of the appropriate key (specified in ISO10202-3) and include the Common Data File (CDF) data and the contents of the relevant IC keys. The CDF data shall include at least the primary account number1—1997
As part of the manufacturing process, the integrity of the IC should be verified (e.g., by statistical sampling) to confirm that it conforms to the agreed reference technical specification.
5.2 Card preparation
Card preparation consists of two steps;
Card personalization
CDF activation
5.2. 1 Card personalization
The issuer shall be responsible for the personalization of the card, which shall be carried out under the control of the appropriate key (specified in ISO10202-3) and include the Common Data File (CDF) data and the contents of the relevant IC keys. The CDF data shall include at least the primary account numberF, the appropriate key replacement password as specified in ISO 10202-3 should be used.
5.5.3 Termination of keys
After the ADF is terminated, all keys remaining in the ADF should not be controlled by the application provider. This process should not prevent the sequential reading of existing readable information (which will be described in ISO 10202-3). After the CDF is terminated and any residual value in 1C is transferred, all keys remaining in the CDF will be out of the control of the issuer. This process should not prevent the subsequent sequential reading of existing readable CDF information (which will be described in ISO 10202-3). After all keys are terminated, the encryption function cannot be used again. GB/T 16790.1—1997
Appendix A
(Standard Appendix)
Description of security audit and security-related data segments (the following fields referenced will be in ISO 9992-2) IC Manufacturer Identifier
Status:
Location:
General Readable Area
Access Condition: Unchangeable
Format:
Content:
Purpose:
1 byte
The Manufacturer Identifier is consistent with the registration in ISO and identifies the IC manufacturer in a unique way
Manufacturer's IC Type Identifier
Status:
Location:
Mandatory
General Readable Area
Access Condition: Unchangeable
Format:
Content:
Date:
2 bytes
Manufacturer's IC Type Identifier
Identifies each IC design and (or>IC production batch embedding organization/IC of a specific manufacturer Assembly organization identifier
Status:
Location:
Mandatory
General readable area
Access case: Unchangeable
Format:
Content:
Purpose,
5 bytes in the form of CCEEA CC - Country code of the import organization, expressed in two letters, in accordance with the definition of GB/T2659-1994. EE - Embedded organization name, expressed in two digits (should be registered at the national level). A - One alphanumeric character set for other purposes, for example, to identify the IC assembly organization. Identifies the personalized organization identifier that combines the IC component and the plastic card in the flashing organization.
Status:
Location:
Mandatory
CDF Area
Access conditions: cannot be changed
Format:
Content:
Date,
1 semester
Identifier of the card personalization agency determined by the issuer. Identifier of the CDF enabling agency
Status:
Location:
Optional
CDF area
Access conditions: cannot be changed
Format:
Content:
10-digit number LLL.L.LI in the form LLLLLLNNNV - such as GB/T 15694.1—1995 and GB/T 156 94.2-1996 Issuer Identification NNNN Auxiliary Identification defined by the issuer
Purpose:
GB/T16790.1-1997
Use a unique method to identify the CDF activation agency Serial number of the CDF activation agency
Status:
Location;
Optional
CDF area
Access conditions: Unchangeable
Format:
Content:
Purpose:
6 digits
Mountain card activation agency definition
For a specific card activation agency, use a unique method to identify the activated CDF. CI>F Status: Location: Optional CDF area Access conditions: Unchangeable Format; 6-digit math Content, YYMMDD, defines the activation date Appendix B (Prompt Appendix) Card life cycle - Security/risk matrix |Security Risks
Functional Integrity
Accidental
Intentional
Memory Integrity
Accidental
Intentional
Other Hardware Failures
Personalization
Reactivation
IC Testing
Risk Reduction Methods
Secure Environment, Storage, Transportation
Audit Trail
Key Management
GB/T 16790.1-1997
Appendix C
(Informative Appendix)bzxZ.net
References
(1) IS0 7816-1:1987
Identification cards — Integrated circuit cards with contacts — Part 1: Physical characteristics Banking services — Management and security of personal identification numbers — Part 1: Protection of personal identification numbers (2) ISO 9564-1:1991
Principles and techniques
Financial transaction cards — Messages between integrated circuit cards and card acceptance devices — Part 1: Concepts (3) ISO 9992-1:1990
And structure
Financial transaction cards — Messages between integrated circuit cards and card acceptance devices — Part 2: Functions, messages (4) ISO 9992-21
Messages (commands and responses), data elements and structure (5) ISO 10202-2:1995
Financial transaction cards — Security architecture for financial transaction systems using integrated circuit cards — Part 2: Transaction processing
(6) ISO 10202-31)
Financial transaction cards — Security architecture for financial transaction systems using integrated circuit cards — Part 3: Key relationships
(7) ISO 10202-6:1994
1) To be published.
Financial transaction cards — Security architecture for financial transaction systems using integrated circuit cards — Part 6: Cardholder identity verification
Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.