ASC X9 Revises and Publishes X9.112-2-2020 Wireless Management and Security Part 2: POS and ATM
The X9F4 Cybersecurity and Cryptographic Solutions workgroup has revised the X9.112-2-2020 Wireless Management and Security Part 2: POS and ATM standard. Part 2 of X9.112 provides an interpretation of Part 1 technology and general requirements for automated teller machines (ATM) and point of sale (POS) terminals environments. This standard covers financial institution enterprise operations, its bank branch operations, its authorized agents, and merchant operations.
Within the scope of this standard the following topics are addressed:
▪ Both end-to-end (E2E) and point-to-point (P2P) encryption to protect transactional and operational information from unauthorized entities.
▪ Patches and modification management to protect systems from vulnerabilities.
▪ Configuration management to protect wireless systems from weaknesses.
▪ Physical and logical security controls to protect wireless access.
▪ Network segmentation to protect against attacks originating from wired and wireless environments.
▪ Monitoring controls to detect threats from higher risk environments.
Stakeholders include ATM manufacturers, financial institutions, banks, merchants, retailers, financial networks, card brands, and Qualified PIN Assessors (QPA) and more.
ASC X9 TR 48-2018 Card-Not-Present (CNP) Fraud Mitigation in the United States
ANSI X9.124-2-2018 Financial Services – Symmetric Key Cryptography for the Financial Services Industry – Format
Preserving Encryption- Part 2: Key Stream with Counter Mode
ANSI X9.129-2017 (Version 01) Legal Order Exchange
ANSI X9.69-2017 Framework for Key Management Extensions