ASC X9 Revises and Publishes X9.112-2-2020 Wireless Management and Security Part 2: POS and ATM

The X9F4 Cybersecurity and Cryptographic Solutions workgroup has revised the X9.112-2-2020 Wireless Management and Security Part 2: POS and ATM standard. Part 2 of X9.112 provides an interpretation of Part 1 technology and general requirements for automated teller machines (ATM) and point of sale (POS) terminals environments. This standard covers financial institution enterprise operations, its bank branch operations, its authorized agents, and merchant operations.

Within the scope of this standard the following topics are addressed:
▪ Both end-to-end (E2E) and point-to-point (P2P) encryption to protect transactional and operational information from unauthorized entities.
▪ Patches and modification management to protect systems from vulnerabilities.
▪ Configuration management to protect wireless systems from weaknesses.
▪ Physical and logical security controls to protect wireless access.
▪ Network segmentation to protect against attacks originating from wired and wireless environments.
▪ Monitoring controls to detect threats from higher risk environments.

Stakeholders include ATM manufacturers, financial institutions, banks, merchants, retailers, financial networks, card brands, and Qualified PIN Assessors (QPA) and more.

We’d like to thank the X9F4 workgroup for their hard work and timely deliverance of this standard. This revised standard is available for download.