ISO 13491-1:2024

Financial services — Secure cryptographic devices (retail) — Part 1: Concepts and requirements

Scope

This document specifies the security characteristics for secure cryptographic devices (SCDs) based on the cryptographic processes defined in the ISO 9564 series, ISO 16609 and ISO 11568.
This document states the security characteristics concerning both the operational characteristics of SCDs and the management of such devices throughout all stages of their life cycle.
This document does not address issues arising from the denial of service of an SCD.
This document does not address software services that use multi-party computation (MPC) to achieve some security objectives and, relying on these, offer cryptographic services.
NOTE            These are sometimes called “soft” or software hardware security modules (HSMs) in common language, which is misleading and does not correspond to the definition of HSM in this document.