Financial

Financial industry software standards are published by X9, ISO, ANSI, and ASC. They include the X9 encryption collection package and covers Symmetric ciphers, their key management and life cycle, Concepts, requirements and evaluation methods, Security compliance checklists for devices used in financial transactions, Recommendations on cryptographic algorithms and their use, The Digital Signature Algorithm (DSA), The Secure Hash Algorithm (SHA-1), Using Factoring-Based Public Key Cryptography Unilateral Key Transport, Agreement of Symmetric Keys Using Discrete Logarithm Cryptography, The Elliptic Curve Digital Signature Algorithm (ECDSA), Key Agreement and Key Transport Using Elliptic Curve Cryptography, Elliptic Curve Pintsov-Vanstone Signatures (ECPVS), Wrapping of Keys and Associated Data, and Requirements for Protection of Sensitive Payment Card Data.

X9 Encryption Collection

ANSI/X9 TR-39, ANSI X9.24-1, ANSI X9.24-2, ANSI X9.92-1 ansi ASC X9.80

The X9 Encryption Collection includes guidelines for secure management, numerous techniques for generating primes needed by public key cryptographic algorithms, and guidelines for the encryption of PINs used for retail financial services. It also provides methods for digital signature generation and verification and covers the manual and automated management of keying material used for financial services.

ISO 13491-1:2016

Financial services - Secure cryptographic devices (retail) - Part 1: Concepts, requirements and evaluation methods

ISO 13491-1:2016 specifies the security characteristics for secure cryptographic devices (SCDs) based on the cryptographic processes defined in ISO 9564, ISO 16609, and ISO 11568. ISO 13491-1:2016 has two primary purposes: - to state the security characteristics concerning both the operational characteristics of SCDs and the management of such devices throughout all stages of their life cycle; ? to provide guidance for methodologies to verify compliance with those requirements. This information is contained in Annex A. ISO 13491-2 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, ISO 11568-3, ISO 11568-4, ISO 11568-5, and ISO 11568-6 in the financial services environment. Annex A provides an informative illustration of the concepts of security levels described in this part of ISO 13491 as being applicable to SCDs. ISO 13491-1:2016 does not address issues arising from the denial of service of an SCD. Specific requirements for the security characteristics and management of specific types of SCD functionality used in the retail financial services environment are contained in ISO 13491 2.

ISO 13491-2:2017

Financial services - Secure cryptographic devices (retail) - Part 2: Security compliance checklists for devices used in financial transactions

ISO 13491-2:2017 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564 1, ISO 9564 2, ISO 16609, ISO 11568 1, ISO 11568 2, and ISO 11568 4 in the financial services environment. Integrated circuit (IC) payment cards are subject to the requirements identified in this document up until the time of issue after which they are to be regarded as a personal device and outside of the scope of this document. ISO 13491-2:2017 does not address issues arising from the denial of service of an SCD. In the checklists given in Annex A to Annex H, the term not feasible is intended to convey the notion that although a particular attack might be technically possible, it would not be economically viable since carrying out the attack would cost more than any benefits obtained from a successful attack. In addition to attacks for purely economic gain, malicious attacks directed toward loss of reputation need to be considered.

ISO/TR 14742:2010

Financial services - Recommendations on cryptographic algorithms and their use

ISO/TR 14742:2010 provides a list of recommended cryptographic algorithms for use within applicable financial services standards prepared by ISO/TC 68. It also provides strategic guidance on key lengths and associated parameters and usage dates. The focus is on algorithms rather than protocols, and protocols are in general not included in ISO/TR 14742:2010. ISO/TR 14742:2010 deals primarily with recommendations regarding algorithms and key lengths. The categories of algorithms covered in ISO/TR 14742:2010 are: block ciphers; stream ciphers; hash functions; message authentication codes (MACs); asymmetric algorithms; digital signature schemes giving message recovery, digital signatures with appendix, asymmetric ciphers; authentication mechanisms; key establishment and agreement mechanisms; key transport mechanisms. ISO/TR 14742:2010 does not define any cryptographic algorithms; however, the standards to which ISO/TR 14742:2010 refers may contain necessary implementation information as well as more detailed guidance regarding choice of security parameters, security analysis, and other implementation considerations.

ANSI X9.30-1:1997

Public Key Cryptography Using Irreversible Algorithms - Part 1: The Digital Signature Algorithm (DSA)

Defines a method for digital signature generation and verification for the protection of messages and data using the Digital Signature Algorithm (DSA). This standard is used in conjunction with the hash function, as defined in American National Standard for Public Key Cryptography - Part 2: The Secure Hash Algorithm (SHA-1), BSR X9.30.2. In addition, this standard provides the criteria for the generation of public and private keys that are required by the algorithm and the procedural controls required for the secure use of the algorithm. Specific sections include definitions and common abbreviations, application, the DSA, Generation of Primes for the DSA, Random Number Generation for the DSA.

ANSI X9.30-2:1997

Public Key Cryptography Using Irreversible Algorithms - Part 2: The Secure Hash Algorithm (SHA-1)

Produces a 160-bit representation of the message, called the message digest, when a message with a bit length less than 2 to 64th power is input. The message digest is used during the generation of a signature for the message. The message digest is computed during the generation of a signature for the message. The SHA-1 is also used to compute a message digest for the received version of the message during the process of verifying the signature. Any change to the message in transit will, with a very high probability, result in a different messages digest, and the signature will fail to verify. The Secure Hash Algorithm (SHA-1) described in this standard is required for use with the Digital Signature Algorithm and may be used whenever a secure hash algorithm is required.

ASC X9 TR 34-2019

Interoperable Method for Distribution of Symmetric Keys Using Asymmetric Techniques: Part 1 - Using Factoring-Based Public Key Cryptography Unilateral Key Transport

TR-34 describes a method consistent with the requirements of ANS X9.24 - 2 Retail Financial Services Symmetric Key Management - Part 2: Using Asymmetric Techniques for the Distribution of Symmetric Keys for the secure exchange of keys using asymmetric techniques between two devices that share asymmetric keys. This method is designed to operate within the existing capabilities of devices used in the retail financial services industry. Includes Corrigendum.

ANSI X9.42-2003 (R2013)

Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography

This standard, partially adapted from ISO 11770-3 (see [13]), specifies schemes for the agreement of symmetric keys using Diffie-Hellman and MQV algorithms. It covers methods of domain parameter generation, domain parameter validation, key pair generation, public key validation, shared secret value calculation, key derivation, and test message authentication code computation for discrete logarithm problem based key agreement schemes. These methods may be used by different parties to establish a piece of common shared secret information such as cryptographic keys. The shared secret information may be used with symmetrically-keyed algorithms to provide confidentiality, authentication, and data integrity services for financial information, or used as a key-encrypting key with other ASC X9 key management protocols. The key agreement schemes given herein do not provide certain desired assurances of security, such as key confirmation and entity authentication. However, these schemes may be used in conjunction with key confirmation and entity authentication mechanisms in key establishment protocols that are specified in other ASC X9 standards. These key agreement schemes may be used as subroutines to build key establishment protocols (see [8]). The key establishment methods specified in ANS X9.63 provide examples of mechanisms for obtaining these additional security properties. Further references for key agreement can be found in [33].

ANSI X9.62:2005

Public Key Cryptography for the Financial Services Industry, The Elliptic Curve Digital Signature Algorithm (ECDSA)

This Standard defines methods for digital signature (signature) generation and verification for the protection of messages and data using the Elliptic Curve Digital Signature Algorithm (ECDSA). ECDSA is the elliptic curve analogue of the Digital Signature Algorithm (ANS X9.30). The ECDSA shall be used in conjunction with an Approved hash function, as specified in X9 Registry Item 00003, Secure Hash Standard (SHS). The hash functions Approved at the time of publication of this document are SHA-1 (see NOTE), SHA-224, SHA-256, SHA-384 and SHA-512. This ECDSA Standard provides methods and criteria for the generation of public and private keys that are required by the ECDSA and the procedural controls required for the secure use of the algorithm with these keys. This ECDSA Standard also provides methods and criteria for the generation of elliptic curve domain parameters that are required by the ECDSA and the procedural controls required for the secure use of the algorithm with these domain parameters.

ANSI X9.63-2011 (R2017)

Public Key Cryptography for the Financial Services Industry - Key Agreement and Key Transport Using Elliptic Curve Cryptography

Defines key establishment schemes that employ asymmetric cryptographic techniques. The arithmetic operations involved in the operation of the schemes take place in the algebraic structure of an elliptic curve over a finite field. Both key agreement and key transport schemes are specified. The schemes may be used by two parties to compute shared keying data that may then be used by symmetric schemes to provide cryptographic services, e.g., data confidentiality and data integrity. Supporting mathematical definitions and examples are also provided.

ANSI X9.73-2017

Cryptographic Message Syntax - ASN.1 and XML

This standard specifies a cryptographic syntax scheme that can be used to protect financial transactions, files and other messages from unauthorized disclosure and modification. The cryptographic syntax scheme is based on an abstract Cryptographic Message Syntax (CMS) schema whose concrete values can be represented using either a compact, efficient, binary encoding, or as a flexible, human-readable, XML markup format.

ANSI X9.92-1-2009 (R2017)

Public Key Cryptography for the Financial Services Industry - Digital Signature Algorithms Giving Partial Message Recovery - Part 1: Elliptic Curve Pintsov-Vanstone Signatures (ECPVS)

This Standard defines methods for digital signature generation and verification for the protection of messages and data giving partial message recovery.This document is Part 1 of this Standard, and it defines the Elliptic Curve Pintsov-Vanstone Signature (ECPVS) digital signature algorithm. Part 2 of this Standard defines the Finite Field Pintsov-Vanstone Signature (FFPVS) digital signature algorithm. ECPVS is a signature scheme with low message expansion (overhead) and variable length recoverable and visible message parts. ECPVS is ideally suited for short messages, yet is flexible enough to handle messages of any length.The ECPVS shall be used in conjunction with an Approved hash function and an Approved symmetric encryption scheme. In addition, this ECPVS Standard provides the criteria for checking the message redundancy.

ANSI X9.97-1-2009 (R2017)

Financial services - Secure Cryptographic Devices (Retail) - Part 1: Concepts, Requirements and Evaluation Methods

This part of ANS X9.97 specifies the requirements for Secure Cryptographic Devices which incorporate the cryptographic processes defined in ISO 9564, ISO 16609 and ISO 11568. This part of ANS X9.97 has two primary purposes: 1) to state the requirements concerning both the operational characteristics of SCDs and the management of such devices throughout all stages of their life cycle, 2) to standardize the methodology for verifying compliance with those requirements. Appropriate device characteristics are necessary to ensure that the device has the proper operational capabilities and provides adequate protection for the data it contains. Appropriate device management is necessary to ensure that the device is legitimate, that it has not been modified in an unauthorized manner, e.g., by "bugging", and that any sensitive data placed within the device (e.g., cryptographic keys) has not been subject to disclosure or change. Absolute security is not practically achievable. Cryptographic security depends upon each life cycle phase of the SCD and the complementary combination of appropriate management procedures and secure cryptographic characteristics. These management procedures implement preventive measures to reduce the opportunity for a breach of SCD security. These aim for a high probability of detection of any unauthorized access to sensitive or confidential data should device characteristics fail to prevent or detect the security compromise. Annex A provides an informative illustration of the concepts of security levels described in this part of ANS X9.97 as being applicable to SCDs. This part of ANS X9.97 does not address issues arising from the denial of service of an SCD. Specific requirements for the characteristics and management of specific types of SCD functionality used in the retail financial services environment are contained in ANS X9.97-2.

ANSI X9.102-2020

Symmetric Key Cryptography for the Financial Services Industry - Wrapping of Keys and Associated Data

This standard specifies four key wrap mechanisms based on ASC X9 approved symmetric key block ciphers whose block size is either 64 bits or 128 bits. The key wrap mechanisms can provide assurance of the confidentiality and the integrity of data, especially cryptographic keys or other specialized data.

ANSI X9.119-1-2016

Retail Financial Services - Requirements for Protection of Sensitive Payment Card Data - Part 1: Using Encryption Method

Theft of sensitive card data during a retail payment transaction is increasingly becoming a major source of financial fraud. Besides an optional encrypted PIN, this data includes magnetic stripe track 2 data: PAN, expiration date, card verification value, and issuer private data. While thefts of this data at all segments of the transaction processing system have been reported, the most vulnerable segments are between the point of transaction device capturing the magnetic stripe data and the processing systems at the acquirer. This document would standardize the security requirements and implementation for a method for protecting this sensitive card data over these segments. Several implementations exist to address this situation. This document would provide guidance for evaluating these implementations. Clarification based on card brand guidance for the encryption of the middle digits has been added to this document. This supports the automated fuel dispenser industry.