Norme internationale
ISO 9564-4:2016
Sercices financiers — Gestion et sécurité du numéro personnel d'identification (PIN) — Partie 4: Exigences pour la manipulation PIN dans le commerce électronique pour les transactions de paiement
Numéro de référence
ISO 9564-4:2016
Edition 1
2016-03
© ISO 2024
Norme internationale
Prévisualiser
Indisponible en français
Publiée (Edition 1, 2016)
Cette norme a été révisée et confirmée pour la dernière fois en 2022. Cette édition reste donc d’actualité.

ISO 9564-4:2016

Format
Langue
CHF 96
Convertir les francs suisses (CHF) dans une autre devise

Résumé

ISO 9564-4:2016 provides requirements for the use of personal identification numbers (PIN) in eCommerce. The PINs in scope are the same cardholder PINs used as a means of cardholder verification in card-based financial transactions; notably, automated teller machine (ATM) systems, point-of-sale (POS) terminals, automated fuel dispensers, and vending machines.

It is applicable to financial card-originated transactions requiring verification of the PIN and to those organizations responsible for implementing techniques for the management of the PIN in eCommerce.

The provisions of this part of ISO 9564 are not intended to cover

- passwords, passcodes, pass phrases and other shared secrets used for customer authentication in online banking, telephone banking, digital wallets, mobile payment, etc.,

- management of cardholder PINs for use as a means of cardholder verification in retail banking systems in, notably, automated teller machine (ATM) systems, point-of-sale (POS) terminals, automated fuel dispensers, vending machines, banking kiosks and PIN selection/change systems, which are covered in ISO 9564‑1,

- card proxies such as mobile phones or key fobs,

- approved algorithms for PIN encipherment, which are covered in ISO 9564‑2,

- the protection of the PIN against loss or intentional misuse by the customer or authorized employees of the issuer,

- privacy of non-PIN transaction data,

- protection of transaction messages against alteration or substitution, e.g. an online authorization response,

- protection against replay of the transaction,

- functionality of devices used for PIN entry which is related to issuer functions other than PIN entry,

- specific key management techniques, and

- access to, and storage of, card data other than the PIN by applications such as wallets.

Informations générales

  • État actuel
     : Publiée
    Date de publication
     : 2016-03
    Stade
    : Norme internationale confirmée [90.93]
  • Edition
     : 1
  • Comité technique :
    ISO/TC 68/SC 2
    ICS :
    35.240.40 
  • RSS mises à jour

Cycle de vie

Objectifs de développement durable

Cette norme contribue à l'Objectif de développement durable suivant

9
Industrie, innovation et infrastructure

Vous avez une question?

Consulter notre FAQ

Service à la clientèle
+41 22 749 08 88

Horaires d’ouverture:
De lundi à vendredi - 09:00-12:00, 14:00-17:00 (UTC+1)

  2. Store
  3. Catalogue de normes
  4. ICS
  5. 35
  6. 35.240
  7. 35.240.40
  8. ISO 9564-4:2016