X9A Electronic and Emerging Payments Subcommittee – Project Status
Call for Experts
ASC X9 TR 54 Framework for Auditing a Blockchain within a Distributed System
Project Description| The use of DLT by financial institutions for various applications, such as issuing letters of credit, reducing manual documentation processes in trading activity, or managing data shared with multiple parties is beginning to emerge. Major financial institutions are partnering together and with consortium groups to investigate the potential for DLT in their operations and business practices. Blockchain alone is not a platform, rather it is often used as a tool within a larger system. For this reason, many standard practices may still apply. However, where a blockchain interacts within legacy systems, or where it introduces a new method for achieving a certain result, auditors need a practical guide to understand what to look for to perform an accurate assessment and request the right data.
Project Need| The technical report aims to be a guide for auditors to understand what to look for in order to perform an accurate assessment and request the right data where a blockchain interacts within legacy systems, or where it introduces a new method for achieving a certain result.
Stakeholders| Auditors, Developers, Banks, Service Providers, Risk Management professionals, Security Professionals, Compliance officers
To participate in the development of this standard click here.
X9.58 Financial transaction messages — Electronic Benefits Transfer (EBT) — Supplemental Nutrition Assistance Program (SNAP) and cash benefit programs
The X9A Retail Payments Subcommittee will soon begin their work on revising the X9.58-2013 Financial transaction messages – Electronic benefits transfer (EBT) – Food Stamps standard. Standardization of the processing of SNAP EBT transactions provides cost efficiency, ease of conversion, data and reporting consistency for the SNAP program. Stakeholders include USDA FNS, SNAP State programs, SNAP EBT processors, SNAP third-party processors, software developers, terminal manufacturers, retail grocers and their software providers. The subcommittee is looking for subject matter experts and stakeholders who would be interested in revising this standard. If you are interested in revising this standard contact us.
X9.93 Financial Transaction Message – Electronic Benefits Transfer – Part 1: Messages and Part 2: Files
This standard provides all parties involved in Electronic Benefits Transfer (EBT) transactions with technical specifications for exchanging financial transaction files for the Women, Infants, and Children (WIC) program and the framework for adding other EBT files and detail records in the future. The document standardizes file formats and thereby maximizes EBT productivity for all stakeholders in the industry. This standard describes files & records between the acquirer & card issuer. If you are interested in developing this standard contact us.
X9.138 Distributed Ledger Technologies Terminology
There are many new DLT, blockchain and smart contract initiatives sprouting up in the US and around the world. Unfortunately, each new effort seems to assign the same terms to different meanings. Due to a lack of standards, there are misconceptions about the meanings of security capabilities, conflicts with the long agreed meanings of terms used in contract law, and a lack of understanding of requirements specific to the financial services. A set of defined terms based on those commonly understood and used in the financial services will benefit our industry. These terms will assist our regulators, inform future legislation, and provide consistency in the development of future X9 standards for the financial services. The X9A1 workgroup will be developing a standard that defines such terminology. If you are interested in developing this standard contact us.
X9.134-2 Security and Data Protection for Mobile Financial Services
Part 2 of the suite of standards for mobile banking/payments will include specific requirements applicable to all mobile financial service providers (MFSPs) detailing what an app is required to do to protect personal data and ensure security for transactions. A summary of those requirements, as initially provided by the US, through X9 (X9F4) and ISO TC68/SC2 (WG13), chaired by the US, includes but is not limited to: (1) mutual authentication; (2) protection of sensitive data from unauthorized disclosure; (3) protection of sensitive data from unauthorized modification or substitution; and (4) authentication of credentials (e.g., passwords, PINs) and account numbers (e.g., PAN). If you are interested in developing this standard contact us.
ASC X9 TR 48-2018 Card-Not-Present (CNP) Fraud Mitigation in the United States
ANSI X9.124-2-2018 Financial Services – Symmetric Key Cryptography for the Financial Services Industry – Format
Preserving Encryption- Part 2: Key Stream with Counter Mode
ANSI X9.129-2017 (Version 01) Legal Order Exchange
ANSI X9.69-2017 Framework for Key Management Extensions