ISO 9564

Last updated

ISO 9564 is an international standard for personal identification number (PIN) management and security in financial services.

Contents

The PIN is used to verify the identity of a customer (the user of a bank card) within an electronic funds transfer system, and (typically) to authorize the transfer or withdrawal of funds. Therefore, it is important to protect PINs against unauthorized disclosure or misuse. Modern banking systems require interoperability between a variety of PIN entry devices, smart cards, card readers, card issuers, acquiring banks and retailers including transmission of PINs between those entities so a common set of rules for handling and securing PINs is required, both to ensure technical compatibility and a mutually agreed level of security. ISO 9564 provides principles and techniques to meet these requirements.

ISO 9564 comprises three parts, [Note 1] under the general title of Financial services Personal Identification Number (PIN) management and security.

Part 1: Basic principles and requirements for PINs in card-based systems

ISO 9564-1:2011 [1] specifies the basic principles and techniques of secure PIN management. It includes both general principles and specific requirements.

Basic principles

The basic principles of PIN management include:

PIN entry devices

The standard specifies some characteristics required or recommended of PIN entry devices (also known as PIN pads), i.e. the device into which the customer enters the PIN, including:

Smart card readers

A PIN may be stored in a secure smart card, and verified offline by that card. The PIN entry device and the reader used for the card that will verify the PIN may be integrated into a single physically secure unit, but they do not need to be.

Additional requirements that apply to smart card readers include:

Other specific PIN control requirements

Other specific requirements include:

PIN length

The standard specifies that PINs shall be from four to twelve digits long, noting that longer PINs are more secure but harder to use. It also suggests that the issuer should not assign PINs longer than six digits.

PIN selection

There are three accepted methods of selecting or generating a PIN:

assigned derived PIN
The card issuer generates the PIN by applying some cryptographic function to the account number or other value associated with the customer.
assigned random PIN
The card issuer generates a PIN value using a random number generator.
customer selected PIN
The customer selects the PIN value.

PIN issuance and delivery

The standard includes requirements for keeping the PIN secret while transmitting it, after generation, from the issuer to the customer. These include:

  • The PIN is never available to the card issuing staff.
  • The PIN can only be displayed or printed for the customer in an appropriately secure manner. One method is a PIN mailer, an envelope designed so that it can be printed without the PIN being visible (even at printing time) until the envelope is opened. A PIN mailer must also be constructed so that any prior opening will be obvious to the customer, who will then be aware that the PIN may have been disclosed.
  • The PIN shall never appear where it can be associated with a customer's account. For example, a PIN mailer must not include the account number, but only sufficient information for its physical delivery (e.g. name and address). The PIN and the associated card shall not be mailed together, nor at the same time.

PIN encryption

To protect the PIN during transmission from the PIN entry device to the verifier, the standard requires that the PIN be encrypted, and specifies several formats that may be used. In each case, the PIN is encoded into a PIN block, which is then encrypted by an "approved algorithm", according to part 2 of the standard).

The PIN block formats are:

Format 0

The PIN block is constructed by XOR-ing two 64-bit fields: the plain text PIN field and the account number field, both of which comprise 16 four-bit nibbles.

The plain text PIN field is:

  • one nibble with the value of 0, which identifies this as a format 0 block
  • one nibble encoding the length N of the PIN
  • N nibbles, each encoding one PIN digit
  • 14−N nibbles, each holding the "fill" value 15 (i.e. 11112)

The account number field is:

Format 1

This format should be used where no PAN is available. The PIN block is constructed by concatenating the PIN with a transaction number thus:

  • one nibble with the value of 1, which identifies this as a format 1 block
  • one nibble encoding the length N of the PIN
  • N nibbles, each encoding one PIN digit
  • 14−N nibbles encoding a unique value, which may be a transaction sequence number, time stamp or random number
Format 2

Format 2 is for local use with off-line systems only, e.g. smart cards. The PIN block is constructed by concatenating the PIN with a filler value thus:

  • one nibble with the value of 2, which identifies this as a format 2 block
  • one nibble encoding the length N of the PIN
  • N nibbles, each encoding one PIN digit
  • 14−N nibbles, each holding the "fill" value 15 (i.e. 11112)

(Except for the format value in the first nibble, this is identical to the plain text PIN field of format 0.)

Format 3

Format 3 is the same as format 0, except that the "fill" digits are random values from 10 to 15, and the first nibble (which identifies the block format) has the value 3.

Extended PIN blocks

Formats 0 to 3 are all suitable for use with the Triple Data Encryption Algorithm, as they correspond to its 64-bit block size. However the standard allows for other encryption algorithms with larger block sizes, e.g. the Advanced Encryption Standard has a block size of 128 bits. In such cases the PIN must be encoding into an extended PIN block, the format of which is defined in a 2015 amendment to ISO 9564-1. [2]

Part 2: Approved algorithms for PIN encipherment

ISO 9564-2:2014 [3] specifies which encryption algorithms may be used for encrypting PINs. The approved algorithms are:

Part 3 (withdrawn)

ISO 9564-3 Part 3: Requirements for offline PIN handling in ATM and POS systems, [4] most recently published in 2003, was withdrawn in 2011 and its contents merged into part 1.

Part 4: Requirements for PIN handling in eCommerce for Payment Transactions

ISO 9564-4:2016 [5] defines minimum security requirements and practices for the use of PINs and PIN entry devices in electronic commerce.

Notes

  1. Parts 1, 2 and 4. Part 3 was withdrawn in 2011.

Related Research Articles

Secure cryptoprocessor Device used for encryption

A secure cryptoprocessor is a dedicated computer-on-a-chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained.

Smart card Pocket-sized card with embedded integrated circuits for identification or payment functions

A smart card, chip card, or integrated circuit card is a physical electronic authorization device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, mobile phones (SIM), public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.

SIM card Integrated circuit card for a mobile device

A subscriber identity module or subscriber identification module (SIM), widely known as a SIM card, is an integrated circuit that is intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices. It is also possible to store contact information on many SIM cards. SIM cards are always used on GSM phones; for CDMA phones, they are needed only for LTE-capable handsets. SIM cards can also be used in satellite phones, smart watches, computers, or cameras.

Magnetic stripe card Card which stores data on a stripe of magnetic material

A magnetic stripe card is a type of card capable of storing data by modifying the magnetism of tiny iron-based magnetic particles on a band of magnetic material on the card. The magnetic stripe, sometimes called swipe card or magstripe, is read by swiping past a magnetic reading head. Magnetic stripe cards are commonly used in credit cards, identity cards, and transportation tickets. They may also contain an RFID tag, a transponder device and/or a microchip mostly used for business premises access control or electronic payment.

Personal identification number

A personal identification number (PIN), or sometimes redundantly a PIN number, is a numeric or alpha-numeric passcode used in the process of authenticating a user accessing a system.

EMV

EMV is a payment method based upon a technical standard for smart payment cards and for payment terminals and automated teller machines which can accept them. EMV originally stood for "Europay, Mastercard, and Visa", the three companies which created the standard.

ISO 8583 is an international standard for financial transaction card originated interchange messaging. It is the International Organization for Standardization standard for systems that exchange electronic transactions initiated by cardholders using payment cards.

Hardware security module

A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.

Contactless smart card

A contactless smart card is a contactless credential whose dimensions are credit-card size. Its embedded integrated circuits can store data and communicate with a terminal via NFC. Commonplace uses include transit tickets, bank cards and passports.

In cryptography, Derived Unique Key Per Transaction (DUKPT) is a key management scheme in which for every transaction, a unique key is used which is derived from a fixed key. Therefore, if a derived key is compromised, future and past transaction data are still protected since the next or prior keys cannot be determined easily. DUKPT is specified in ANSI X9.24 part 1.

PIN pad

A PIN pad or PIN entry device (PED) is an electronic device used in a debit, credit or smart card-based transaction to accept and encrypt the cardholder's personal identification number (PIN).

A payment card number, primary account number (PAN), or simply a card number, is the card identifier found on payment cards, such as credit cards and debit cards, as well as stored-value cards, gift cards and other similar cards. In some situations the card number is referred to as a bank card number. The card number is primarily a card identifier and does not directly identify the bank account number/s to which the card is/are linked by the issuing entity. The card number prefix identifies the issuer of the card, and the digits that follow are used by the issuing entity to identify the cardholder as a customer and which is then associated by the issuing entity with the customer's designated bank accounts. In the case of stored-value type cards, the association with a particular customer is only made if the prepaid card is reloadable. Card numbers are allocated in accordance with ISO/IEC 7812. The card number is usually prominently embossed on the front of a payment card, and is encoded on the magnetic stripe and chip, but may be imprinted on the back of the card.

E.161 ITU-T Recommendation

E.161 is an ITU-T Recommendation that defines the arrangement of digits, letters, and symbols on telephone keypads and rotary dials. It also defines the recommended mapping between the basic Latin alphabet and digits. Uses for this mapping include:

In cryptography, format-preserving encryption (FPE), refers to encrypting in such a way that the output is in the same format as the input. The meaning of "format" varies. Typically only finite domains are discussed, for example:

Card security code Security feature on payment cards

A card security code (CSC), card verification data (CVD), card verification number, card verification value (CVV), card verification value code, card verification code (CVC), verification code, or signature panel code (SPC) is a security feature for "card not present" payment card transactions instituted to reduce the incidence of credit card fraud.

Point-to-point encryption (P2PE) is a standard established by the PCI Security Standards Council. Payment solutions that offer similar encryption but do not meet the P2PE standard are referred to as end-to-end encryption (E2Ee) solutions. The objective of P2PE and E2Ee is to provide a payment security solution that instantaneously converts confidential payment card data and information into indecipherable code at the time the card is swiped to prevent hacking and fraud. It is designed to maximize the security of payment card transactions in an increasingly complex regulatory environment.

Utimaco Atalla, founded as Atalla Technovation and formerly known as Atalla Corporation or HP Atalla, is a security vendor, active in the market segments of data security and cryptography. Atalla provides government-grade end-to-end products in network security, and hardware security modules (HSMs) used in automated teller machines (ATMs) and Internet security. The company was founded by Egyptian engineer Mohamed M. Atalla in 1972. Atalla HSMs are the payment card industry's de facto standard, protecting 250 million card transactions daily as of 2013, and securing the majority of the world's ATM transactions as of 2014.

The IBM 4767 PCIe Cryptographic Coprocessor is a hardware security module (HSM) that includes a secure cryptoprocessor implemented on a high-security, tamper resistant, programmable PCIe board. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed. Sensitive key material is never exposed outside the physical secure boundary in a clear format.

The IBM 4768 PCIe Cryptographic Coprocessor is a hardware security module (HSM) that includes a secure cryptoprocessor implemented on a high-security, tamper resistant, programmable PCIe board. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed. Sensitive key material is never exposed outside the physical secure boundary in a clear format.

The IBM 4769 PCIe Cryptographic Coprocessor is a hardware security module (HSM) that includes a secure cryptoprocessor implemented on a high-security, tamper resistant, programmable PCIe board. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed. Sensitive key material is never exposed outside the physical secure boundary in a clear format.

References