GB/T 20547.2-2006 Banking Secure Cryptographic devices (retail) Part 2: Security compliance checklists for devices used in financial transaction (English Version)
This part of GB/T 20547 specifies the security compliance testing list for evaluating the security encryption equipment in the financial service system in combination with the encryption algorithm adopted by the encryption equipment specified in the relevant international or domestic regulations. The IC payment card meets the requirements of this part before the card is issued, and as a personal device after the card is issued, it does not fall within the scope of this part. This section does not deal with problems arising from the failure of security encryption equipment. In Appendices A to H, "infeasible" is used to indicate that although some specific attacks are technically possible, they are not economically feasible, because the economic expenditure required to achieve this attack is greater than that of breaking The resulting benefits are much greater. Of course, in addition to attacks for purely economic interests, malicious attacks on reputation should also be considered.
GB/T 20547.2-2006 history
2022GB/T 21079.2-2022 Financial services—Secure cryptographic devices (retail) —Part 2:Security comliance checklists for devices used in financial transactions
2006GB/T 20547.2-2006 Banking Secure Cryptographic devices (retail) Part 2: Security compliance checklists for devices used in financial transaction
GB/T 20547.2-2006 Banking Secure Cryptographic devices (retail) Part 2: Security compliance checklists for devices used in financial transaction was changed to GB/T 21079.2-2022 Financial services—Secure cryptographic devices (retail) —Part 2:Security comliance checklists for devices used in financial transactions.