1. Home
  2. Moldova standards
  3. STM
  4. St ISO 10202-2-1996

ISO 10202-2-1996 PDF

St ISO 10202-2-1996

Name in English:
St ISO 10202-2-1996

Name in Russian:
Ст ISO 10202-2-1996

Description in English:

Original standard ISO 10202-2-1996 in PDF full version. Additional info + preview on request

Description in Russian:
Оригинальный стандарт ISO 10202-2-1996 в PDF полная версия. Дополнительная инфо + превью по запросу
Document status:
Active
Format:
Electronic (PDF)
Delivery time (for English version):
1 business day
Delivery time (for Russian version):
365 business days
SKU:
stiso00222
Choose Document Language:
€25

Full title and description

Financial transaction cards — Security architecture of financial transaction systems using integrated circuit cards — Part 2: Transaction process. Specifies the minimum level of security required for interchange and provides security options from which the issuer or supplier of the financial transaction card can select different levels of security in accordance with application policy.

Abstract

This part of ISO 10202 defines security requirements and options for the transaction process when using integrated circuit cards (ICCs) in financial transaction systems. It covers minimum required protections for interchange and describes example transaction functions and online linking for financial transactions.

General information

  • Status: Withdrawn.
  • Publication date: 1996-02-01 (Edition 1, published 1 February 1996).
  • Publisher: International Organization for Standardization (ISO).
  • ICS / categories: 35.240.15 (Identification cards. Chip cards. Biometrics).
  • Edition / version: Edition 1 (1996-02).
  • Number of pages: 19.

These bibliographic and lifecycle details are taken from the ISO catalogue entry for ISO 10202-2:1996.

Scope

ISO 10202-2:1996 applies to systems deploying ICCs for general financial applications (for example point-of-service, telepayment and remote banking). The part specifies the minimum security level for interchange and offers selectable security options so card issuers or application suppliers can choose levels of security according to application and risk-control policy. Annexes in the part provide example transaction functions, online linking examples and mapping of relationships for transaction functions. Note: the standard has been withdrawn (withdrawal process completed by ISO in March 2006).

Key topics and requirements

  • Definition of the transaction process roles and relationships (issuer, acquirer, application supplier, trusted third party, card-accepting device, secure application module).
  • Minimum security requirements for interchange of transactions involving ICCs (authentication, data coding and message integrity considerations).
  • Security options and selectable protection levels to match application risk policies.
  • Examples of transaction functions and online linkage (annexes providing illustrative flows and mappings).
  • Interoperability considerations between card, terminal and back-office systems for secure transaction processing.

The above topics and requirements are summarized from the standard’s abstract, clauses and annex descriptions.

Typical use and users

Intended users were architects and designers of payment and financial transaction systems, card issuers, payment scheme operators, terminal and card manufacturers, security architects and implementers of ICC-based transaction applications (for example POS, telepayment and remote banking deployments). Although the standard is withdrawn, its content historically informed card transaction process designs and the development of companion parts of the ISO 10202 series.

Related standards

ISO 10202 is a multipart series; related parts include ISO 10202-1 (Card life cycle), ISO 10202-3 (Cryptographic key relationships), ISO 10202-4 (Secure application modules), ISO 10202-5 (Use of algorithms), ISO 10202-6 (Cardholder verification), ISO 10202-7 (Key management) and ISO 10202-8 (General principles and overview). The series also references and interacts with ISO/IEC 7816 (integrated circuit cards) and other financial-card-related standards.

Keywords

Financial transaction cards, integrated circuit card (ICC), transaction process, security architecture, interchange security, authentication, message coding, key management, cardholder verification, payment systems.

FAQ

Q: What is this standard?

A: ISO 10202-2:1996 is Part 2 of the ISO 10202 series, titled "Financial transaction cards — Security architecture of financial transaction systems using integrated circuit cards — Part 2: Transaction process." It specifies security requirements and options for transaction processing using ICCs.

Q: What does it cover?

A: It covers the transaction process for ICC-based financial transactions: the minimum security level required for interchange, selectable security options, example transaction functions, and illustrative online linking for transactions. Annexes present examples and relationship mappings.

Q: Who typically uses it?

A: Historically, card issuers, payment scheme operators, financial institutions, terminal and card manufacturers, system integrators and security architects working on ICC-based payment and remote/telepayment systems.

Q: Is it current or superseded?

A: ISO 10202-2:1996 is withdrawn. ISO’s lifecycle shows the withdrawal process completed (withdrawal stage closed in March 2006). Users should consult the ISO catalogue or later standards for current normative requirements in this domain.

Q: Is it part of a series?

A: Yes — it is one part of the multipart ISO 10202 series addressing security architecture for ICC-based financial transaction systems (see Parts 1, 3, 4, 5, 6, 7 and 8).

Q: What are the key keywords?

A: Chip card, integrated circuit card (ICC), transaction process, security architecture, interchange security, authentication, key management, cardholder verification.