ISO 9807:1991
Banking and related financial services; requirements for message authentication (retail)
- Standard No.
- ISO 9807:1991
- Release Date
- 1991
- Published By
- International Organization for Standardization (ISO)
- Status
- Latest
- ISO 9807:1991
- Scope
- This international Standard specifies procedures to be used for protecting the integrity of retail banking messages and for verifying that the message orig- inated from an authorized source. It also describes the method by which algorithms are approved for use for the authentication of retail banking mess- ages. Rules for data representation are not specified al- though it is necessary for both members of a com- municating pair to use the same means for data representation The procedures are also indepen- dent of the transmission process used A list of algorithms approved for the calculation of a Message Authentication Code (MAC) is given in annex A The method to be used to approve authentication algorithms is given in annex B The procedure to prevent exhaustive key determination is provided in annex C Annex D gives guidance on the selection of authentication elements Annex E provides some general information on protection against internal fraud by sender or receiver, e g forgery of a Mess- age Authentication Code by the receiver, while an- nex F describes a method for the generation of a pseudo-random key Annex G consists of bibliographic references This International Standard does not provide for a) encipherment for the protection of messages against unauthorized disclosure, or b) protection against loss or duplication of mess- ages, whether accidental or intentional This International Standard is applicable to insti- tutions responsible for implementing techniques to authenticate messages used in a retail banking en- vironment
ISO 9807:1991 history
- 1991 ISO 9807:1991 Banking and related financial services; requirements for message authentication (retail)
