GB/T 21078.2-2011
Banking.Personal identification number management and security.Part 2: Requirements for offline PIN handling in ATM and POS systems (English Version)

Standard No.
GB/T 21078.2-2011
Language
Chinese, Available in English version
Release Date
2011
Published By
General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China
Status
 2023-03
Replace By
GB/T 21078.1-2023
Latest
GB/T 21078.1-2023
Scope
This standard specifies the minimum security requirements for offline PIN handling and the standard method for exchanging PIN data in an offline environment. This standard applies to card-initiated financial transactions that require offline PIN verification, and also to those organizations responsible for implementing PIN management and protection technologies in ATMs and acquirer-placed POS terminals. This section does not apply to the following situations: a) PIN management and security in the online PIN environment, GB/T 21078.1 includes the content of this item; b) Approved PIN encryption algorithm; c) Using PIN in an open network environment, GB/T 21078.1 contains the content of this item; T 21078.3 includes this content; d) PIN protection to prevent loss or intentional misuse by authorized employees of users or card issuers and their agents; e) Privacy of non-PIN transaction data; f) Protection of transaction messages to prevent Modification or replacement, such as online authorization response; g) prevention of PIN or transaction replay; h) specific key management technology; i) decision whether IC card accepts encrypted PIN; j) contactless IC card. The basic principles of PIN management described in Chapter 4 of GB/T 21078.1-2007 also apply to this part.

GB/T 21078.2-2011 Referenced Document

  • GB/T 16649.1 Identification cards - Integrated circuit(s) cards with contacts - Part 1: Physical characteristics
  • GB/T 16649.10 Identification cards-Intergrated circuit(s) cards with contacts--Part 10: Electronic signals and answer to reset for synchronous cards
  • GB/T 16649.11 Identification cards—Integrated circuit cards—Part 11: Personal verification through biometric methods*2019-08-30 Update
  • GB/T 16649.12 Identification cards.Integrated circuit card.Part 12:Cards with contacts.USB electrical interface and operating procedures
  • GB/T 16649.13 Identification cards.Integrated circuit cards.Part 13:Commands for application management in a multi-application environment*2013-11-12 Update
  • GB/T 16649.15 Identification cards.Integrated circuit card.Part 15:Cryptographic information application
  • GB/T 16649.2 Identification cards - Integrated circuit(s) cards with contacts - Part 2: Dimensions and location of the contacts
  • GB/T 16649.3 Identification cards - Integrated circuit(s) cards with contacts - Part 3: Electronic signals and transmission protocols
  • GB/T 16649.4 Identification Cards.Integrated circuit cards.Part 4:Organization,security and commands for interchange
  • GB/T 16649.5 Identification cards-integrated circuit(s) cards with contacts Part 5: National numbering system and registration procedure for application identifiers
  • GB/T 16649.6 Identification cards--Integrated circuit(s) cards with contacts--Part 6: Interindustrv data elements
  • GB/T 16649.7 Identification cards--Integrated circuit(s) cards with contacts--Part 7: Interindustry commands for structured Card query language(SCQL)
  • GB/T 16649.8 Identification cards-Intergrated circuit(s) cards with contacts--Part 8: Security related interindustry commands
  • GB/T 16649.9 Identification cards.Integrated circuit cards.Part 9:Commands for card management
  • GB/T 21078.1-2007 Banking Personal Identification Number management and security Part 1: Basic principles and requirements for online PIN handling in A TM and POS systems

GB/T 21078.2-2011 history

  • 2023 GB/T 21078.1-2023 Financial Services Personal Identification Number Management and Security Part 1: PIN Basic Principles and Requirements for Card-Based Systems
  • 2011 GB/T 21078.2-2011 Banking.Personal identification number management and security.Part 2: Requirements for offline PIN handling in ATM and POS systems

GB/T 21078.2-2011 Banking.Personal identification number management and security.Part 2: Requirements for offline PIN handling in ATM and POS systems was changed to GB/T 21078.1-2023 Financial Services Personal Identification Number Management and Security Part 1: PIN Basic Principles and Requirements for Card-Based Systems.

Banking.Personal identification number management and security.Part 2: Requirements for offline PIN handling in ATM and POS systems

GB/T 21078.2-2011 -All Parts

GB/T 21078.1-2023 Financial Services Personal Identification Number Management and Security Part 1: PIN Basic Principles and Requirements for Card-Based Systems GB/T 21078.2-2011 Banking.Personal identification number management and security.Part 2: Requirements for offline PIN handling in ATM and POS systems GB/T 21078.3-2011 Banking.Personal identification number (PIN) management and security.Part 3: Guidelines for PIN handling in open networks GB/T 21078.4-2023 Financial Services Personal Identification Number Management and Security Part 4: Approved PIN Encryption Algorithms


Copyright ©2024 All Rights Reserved