Theft of sensitive card data during a retail payment transaction is increasingly becoming a major source of financial fraud. Besides an optional encrypted PIN, this data includes magnetic stripe track 2 data: PAN, expiration date, card verification value, and issuer private data. While thefts of this data at all segments of the transaction processing system have been reported, the most vulnerable segments are between the point of transaction device capturing the magnetic stripe data and the processing systems at the acquirer. This document would standardize the security requirements and implementation for a method for protecting this sensitive card data over these segments. Several implementations exist to address this situation. This document would provide guidance for evaluating these implementations. Clarification based on card brand guidance for the encryption of the middle digits has been added to this document. This supports the automated fuel dispenser industry.

定价： 910元 / 折扣价： 774 元 加购物车

Protection of Sensitive Payment Card Data ?Part 2: Tokenization defines the minimum security requirements for implementing tokenization with post-authorization systems to protect sensitive payment card data.

定价： 546元 / 折扣价： 465 元 加购物车

The ANSI X9.124 standard defines a collection of methods for encrypting data strings so that the length and the character set for the ciphertext is the same as those of the plaintext. This is called format-preserving encryption (FPE). These methods are useful in situations where fixed-format data, such as Primary Account Numbers (PANs) or Social Security Numbers (SSNs), must be encrypted, but there is a requirement to limit changes to existing communication protocols, database schemata or application code. Part 1 of this standard includes a set of definitions common to all FPE techniques, a security model for FPE block cipher techniques, and a description of the pseudocode language used in defining the mode specified in this document.

定价： 0元 / 折扣价： 0 元 加购物车

The ANSI X9.124 standard defines a collection of format-preserving encryption methods for financial services. This document is ANSI X9.124 Part 2. ANSI X9.124 Part 2 defines requirements for Format Preserving Encryption - Counter Mode (FPCM). FPCM methods encrypt data strings of a specific length and character set into ciphertext of the same length using the same character set and using the equivalent of Counter Mode (CTR) defined in NIST SP38B. Format Preserving Encryption is useful in situations where fixed-format data, such as Primary Account Numbers (PANs) or Social Security Numbers, must be encrypted, but there is a requirement to limit changes to existing communication protocols, database schemata or application code. FPCM is a particularly simple and efficient mechanism to achieve format preserving encryption, which shares many of the strengths and challenges of CTR

定价： 1274元 / 折扣价： 1083 元 加购物车

X9.134 is a multi-part standard addressing interoperable and secure systems for the provision, operation, and management of a Mobile Financial Service (MFS), including the security requirements for development and operation of a mobile application (app) to deliver an MFS, including mobile banking. This X9.134 standard is not a certification standard. This Part 2 of the standard is intended to assist MFS developers and MFS providers (MFSPs) to evaluate and select security mechanisms for an MFS to be managed according to a security policy designed, documented, implemented, and maintained by the MFSP. It is also important for users of an MFS to understand how security requirements and other considerations factor into the mobile environment.

定价： 1820元 / 折扣价： 1547 元 加购物车

This document provides requirements and recommendations for implementation of mobile payments-to-business programs. This document is structured as follows: - Clause 4 sets forth the characteristics of mobile payments-to-businesses; - Clause 5 sets forth requirements for mobile payments-to-businesses. One of the most important aspects of the MFS environment is mobile-payments-to-businesses. There are many ways an end user can make a payment to a merchant. ANSI X9.134 provides a comprehensive standard for using the mechanisms involved in mobilizing the transfer of funds regardless of who is involved in the process. Potential implementers of mobile retail payment solutions should look at this ANSI X9.134-5; potential implementers of solutions for mobile payments-to-persons should look at ANSI X9.134-4. 

定价： 1820元 / 折扣价： 1547 元 加购物车

Data security breaches continue to put millions of consumers at risk. Protecting consumer information is a shared responsibility for all parties involved including legacy and cloud service providers, organizations that store, transmit, or process consumer information, financial institutions, and individual consumers. This standard provides requirements, recommendations, and information regarding consumer information, data protection, and breach notification. Topics addressed within the scope of this standard Part 2: Breach Notification include the following:Data Operations Framework;Data Breach Processes; Breach Requirements.

定价： 910元 / 折扣价： 774 元 加购物车

Covers the manual and automated management of keying material used for financial services such as point-of-sale (POS) transactions (debit and credit), automated teller machine (ATM) transactions, messages among terminals and financial institutions, and interchange messages among acquirers, switches and card issuers. It deals exclusively with management of symmetric keys using symmetric techniques, and specifies the minimum requirements for the management of keying material. Since last publication, this standard has undergone significant modifications in structure and content, including considerations related to the use of the AES algorithm. Implementation details for DUKPT have been moved to part three of X9.24. Addressed herein are activities and requirements related to each stage or event within the key life cycle including generation, distribution, utilization, storage, archiving, replacement and destruction of the keying material. An institution's key management process is not to be implemented or controlled in a manner that has less security, protection, or control than described herein. It is intended that two nodes, if they implement compatible versions of: the same secure key management method, the same secure key identification technique approved for a particular method, and the same key separation methodologies in accordance with this part of this standard, will be interoperable at the application level. Other characteristics may be necessary for node interoperability; however, this part of this standard does not cover such characteristics as message format, communications protocol, transmission speed, or device interface.

定价： 1274元 / 折扣价： 1083 元 加购物车

This standard provides all parties involved in Electronic Benefits Transfer (EBT) transactions with technical specifications for exchanging financial transaction messages. The document standardizes message formats based on the ISO 8583 standard and thereby maximizes EBT productivity for all stakeholders in the industry.

定价： 546元 / 折扣价： 465 元 加购物车

定价： 0元 / 折扣价： 0 元 加购物车

This international standard specifies the physical and magnetic characteristics of an 8mm wide magnetic tape cartridge to enable interchangeability of such cartridges. It also provides a format and recording method, thus allowing, together with ISO 1001 for Magnetic Tape Labelling, full data interchange by means of such magnetic tape cartridges.

定价： 0元 / 折扣价： 0 元 加购物车

This standard will provide users of voice messaging systems with a consistent mode of interaction in a way that is independent of the underlying system implementations. The interface is based on a set of design principles annexed to this international standard.

定价： 0元 / 折扣价： 0 元 加购物车

Specifies a model for procedure calls, and a reference syntax for mapping to and from the model. This syntax is referred to as the Interface Definition Notation. The model defined in this draft International Standard includes such features as procedure invocation, parameter passing, completion status, and enviromental issues relating to non-local references and state. (NOTE: This draft standard is being processed simultaneously as an American National Standard and an International Standard.)

定价： 0元 / 折扣价： 0 元 加购物车

This International Standard specifies the physical characteristics of identification cards including card materials, construction, characteristics, and dimensions for three sizes of cards.

定价： 0元 / 折扣价： 0 元 加购物车

Specifies and interchange format to facilitate the moving of files or parts containing data records between computer systems. The standard defines a generalized structure which can be used to transmit between systems, files or records containing a wide variety of data types and data structures.

定价： 0元 / 折扣价： 0 元 加购物车