GB/T 21078.1-2007 Replaced National standards

GB/T 21078.1-2007 Banking—Personal Identification Number management and security—Part 1:Basic principles and requirements for online PIN handling in ATM and POS systems

GB/T 21078.1-2007 Banking—Personal Identification Number management and security—Part 1:Basic principles and requirements for online PIN handling in ATM and POS systems

Publish Date: 2007-09-05 Implement Date: 2007-12-01 For services related to genuine standard inquiry, procurement, translation, and other related services in China, please Contact Us

Basic Information

Standard Code: GB/T 21078.1-2007

Standard Type: National standards

Standard Status: Replaced

is_force_gb: no

CCS Name: Finance, insurance

ICS Name: The application of information technology in banks

Publish Date: 2007-09-05

Implement Date: 2007-12-01

Pages: 27 pages

Scope

This part specifies the basic principles and technologies for the minimum security measures required for effective PIN management. These measures apply to institutions responsible for implementing PIN management and protection technologies.
This part also specifies the PIN protection technologies applied to financial transaction cards in online environments and the standard methods for PIN data exchange. These technologies apply to institutions responsible for implementing PIN management and protection technologies in ATM and POS terminals.
The provisions of this part do not include:
a) PIN management and security in offline PIN environments, which are covered in ISO 95643:2003;
b) PIN management and security in e-commerce environments, which will be covered in subsequent parts of ISO 9564;
c) Preventing customers or authorized employees of card issuers from losing or intentionally misusing PINs;
d) The confidentiality of non-PIN transaction data;
e) Protecting transaction messages against modification or substitution, such as authorization responses for PIN verification;
f) Preventing the replay of PINs or transactions;
g) Specific key management technologies.

Development Information

Word Count: 46 Thousand words Pages: 27 pages

Superseded by the following standards

GB/T 21078.1-2023 Financial services—Personal Identification Number(PIN) management and security—Part 1:Basic principles and requirements for PINs in card-based systems

Referenced Standards

GB/T 15694.1-1995 Identification cards—Identification of issuers—Part 1:Numbering system GB/T 17552-1998 Identification cards—Financial transaction cards ISO/IEC 7812-2 ISO 9564-2:1991 ISO 9564-3:2003 ISO 11568(所有部分) ISO 13491(所有部分) GB/T 16649.1-1996 Identification cards—Integrated circuit(s) cards with contacts—Part 1:Physical characteristics GB/T 16649.1-2006 Identification cards—Integrated circuit(s) cards with contacts—Part 1:Physical characteristics GB/T 16649.2-1996 Identification cards—Integrated circuit(s) cards with contacts—Part 2:Dimensions and Location of the contacts GB/T 16649.2-2006 Identification cards—Integrated circuit(s) cards with contacts—Part 2:Dimensions and location of the contacts GB/T 16649.2-2024 Identification cards—Integrated circuit cards—Part 2:Cards with contacts—Dimensions and location of the contacts GB/T 16649.3-1996 Identification cards—Integrated circuit(s) cards with contacts—Part 3:Electronic signals and transmission protocols GB/T 16649.3-2006 Identification cards—Integrated circuit(s) cards with contacts—Part 3:Electronic signals and transmission protocols GB/T 16649.3-2024 Identification cards—Integrated circuit cards—Part 3:Cards with contacts—Electrical interface and transmission protocols GB/T 16649.4-2010 Identification Cards—Integrated circuit cards—Part 4:Organization,security and commands for interchange GB/T 16649.5-2002 Identification cards-integrated circuit(s) cards with contacts—Part 5:National numbering system and registration procedure for application identifiers GB/T 16649.6-2001 Identification cards—Integrated circuit(s) cards with contacts—Part 6:Interindustrv data elements GB/T 16649.7-2000 Identification cards—Integrated circuit(s) cards with contacts—Part 7:Interindustry commands for structured Card query language(SCQL) GB/T 16649.8-2002 Identification cards—Intergrated circuit(s) cards with contacts—Part 8:Security related interindustry commands GB/T 16649.9-2010 Identification cards—Integrated circuit cards—Part 9:Commands for card management GB/T 16649.10-2002 Identification cards—Intergrated circuit(s) cards with contacts—Part 10:Electronic signals and answer to reset for synchronous cards GB/T 16649.11-2019 Identification cards—Integrated circuit cards—Part 11:Personal verification through biometric methods GB/T 16649.12-2010 Identification cards—Integrated circuit cards—Part 12:Cards with contacts—USB electrical interface and operating procedures GB/T 16649.13-2013 Identification cards—Integrated circuit cards—Part 13:Commands for application management in a multi-application environment GB/T 16649.15-2010 Identification cards—Integrated circuit cards—Part 15:Cryptographic information application

Adopt standards

ISO 9564-1:2002

Related Standards

GB/T 14504-1993 Abolished

GB/T 14504-1993 Bank cards

Publish Date: 1993-07-05

GB/T 15733-1995 Active

GB/T 15733-1995 The basic terminology of financial computerization

Publish Date: 1995-11-03

GB/T 15935-1995 Replaced

GB/T 15935-1995 Magnetic stripes on savingsbooks

Publish Date: 1995-12-21

GB/T 15948.1-1995 Replaced

GB/T 15948.1-1995 Bank telecommunication—Funds transfer message—Part 1:Vocabulary and data elements

Publish Date: 1995-12-21

GB/T 18789-2002 Replaced

GB/T 18789-2002 General specification for automated teller machine (ATM)

Publish Date: 2002-07-18

GB/T 18240.1-2003 Active

GB/T 18240.1-2003 Fiscal cash register Part 1:Specification of device

Publish Date: 2003-06-25