Table of Contents

1 -  AS 2805.6.5.1-2000 ELECTRONIC FUNDS TRANSFER-REQUIREMENTS FOR INTERFACES - KEY MANAGEMENT-TCU INITIALIZATION-PRINCIPLES
4 -  PREFACE
5 -  CONTENTS
6 -  FOREWORD
7 -  1 SCOPE
7 -  2 APPLICATION
7 -  3 REFERENCED DOCUMENTS
8 -  4 DEFINITIONS
8 -  4.1 Acquirer
8 -  4.2 Authentication
8 -  4.3 Card issuer
8 -  4.4 Cipher text
8 -  4.5 Configuration data
8 -  4.6 Data encipherment algorithm (DEA)
8 -  4.7 Decipherment
8 -  4.8 Encipherment
8 -  4.9 Identification
8 -  4.10 Installer
8 -  4.11 Key encipherment key (KEK)
8 -  4.12 Key
8 -  4.13 Keying relationship
9 -  4.14 Plain text
9 -  4.15 Statistically unique
9 -  4.16 Terminal
9 -  4.17 Terminal cryptographic unit (TCU)
9 -  4.18 Terminal cryptographic unit identifier (TCUID)
9 -  4.19 Sponsor
9 -  4.20 Terminal master key (TMK)
9 -  4.21 Terminal identification
9 -  4.22 Terminal supplier
9 -  5 IMPLEMENTATION PRINCIPLES
9 -  5.1 General
9 -  5.2 Security
9 -  5.3 TCU operation
9 -  5.4 TCU installation
10 -  5.5 Bogus TCU protection
10 -  5.6 Bogus sponsor protection
10 -  5.7 Bogus acquirer protection
10 -  5.8 Acquirer separation
10 -  5.9 Installer authentication
10 -  5.10 Impact on operation
10 -  6 DESCRIPTION OF FUNCTIONAL ELEMENTS
10 -  6.1 Terminal cryptographic unit identifier (TCUID)
10 -  6.2 Card parameter table
10 -  7 PRINCIPLES OF OPERATION
10 -  7.1 General
10 -  7.2 Cipher systems
11 -  7.3 Establishment of multiple acquirers
11 -  7.4 Card parameter table loading

Abstract

Specifies the principles for the secure initialization of a terminal cryptographic unit (TCU) in an electronic funds transfer point-of-sale (EFTPOS) device.

RECONFIRMATION NOTICE
Technical Committee IT-005 has reviewed the content of this publication and in accordance with Standards Australia procedures for reconfirmation, it has been determined that the publication is still valid and does not require change.
Certain documents referenced in the publication may have been amended since the original date of publication. Users are advised to ensure that they are using the latest versions of such documents as appropriate, unless advised otherwise in this Reconfirmation Notice.
Approved for reconfirmation in accordance with Standards Australia procedures for reconfirmation on 14 May 2013.
The following are represented on Technical Committee IT-005:

Australian Association of Permanent Building Societies
Australian Bankers Association
Australian Industry Group
Australian Payments Clearing Association
Australian Retailers Association
Credit Union Services Corporation (Australia)
EFTPOS Payments Australia


To view or download a copy of the reconfirmation notice please go to the reconfirmation link near the top of this page.

Scope

This Standard specifies principles for the secure initialization of a terminal cryptographic unit (TCU).
Within the context of this Standard, the term initialization refers only to the initial establishment of a cryptographic keying relationship between TCU and acquirer.
This Standard does not cover—
(a) techniques for the secure entry of data;
(b) techniques for the conveyance of secret data; or
(c) procedural issues relating to the physical location of initialization.
NOTE: Principles concerning key management and physical security are dealt with in AS 2805.6.1.

General Product Information

Published
Document Type	Standard
Status	Current
Publisher	Standards Australia
ProductNote	Reconfirmed 11-07-2013
Pages
ISBN
Committee	IT-005
Supersedes	DR 99414 AS 2805.6.5.1-1992