This International Standard specifies procedures, independent of the transmission process, for protecting the integrity of transmitted banking messages and for verifying that a message has originated from an authorized source. A list of block ciphers approved for the calculation of a message authentication code (MAC) is also provided. The authentication methods it defines are applicable to messages formatted and transmitted both as coded character sets and as binary data.
This International Standard is designed for use with symmetric algorithms where both sender and receiver use the same key. It does not specify methods for establishing the shared key, nor does it provide for encipherment for the protection of messages against unauthorized disclosure. Its application will not protect the user against internal fraud perpetrated by the sender or the receiver, nor against forgery of a MAC by the receiver.
ISO 16609:2012 Referenced Document
ISO 11568-1:2005 Banking - Key management (retail) - Part 1: Principles
ISO 11568-2:2012 Financial services - Key management (retail) - Part 2: Symmetric ciphers, their key management and life cycle
ISO/IEC 9797-1:2011 Information technology - Security techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher
ISO/IEC 9797-2:2011 Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function
ISO 16609:2012 history
2022ISO 16609:2022 Financial services — Requirements for message authentication using symmetric techniques
2012ISO 16609:2012 Financial services - Requirements for message authentication using symmetric techniques
2004ISO 16609:2004 Banking - Requirements for message authentication using symmetric techniques