PCI
TG-3
TR-31
|
TG-3
The Electronic Funds Transfer (EFT) networks (including PULSE, STAR and NYCE) mandate TG 3 compliance for all PIN-based credit card, debit
card, and other financial transactions.
TG-3 assessments are based on the Guideline for Financial Services TG-3-2006 Retail Financial Services Compliance Guideline for Online PIN
Security and Key Management. The TG-3 Guideline contains compliance control objectives derived from the following American National
Standards and contains additional industry best practices for key management methods and techniques.
X9.8-2003, Banking - Personal Identification Number Management and Security - Part 1: PIN Protection Principles and
Techniques for Online Pin Verification in ATM & POS Systems
X9.24-2004, Retail Financial Services Symmetric Key Management
- Part 1: Using Symmetric Techniques
- Part 2: Using Asymmetric Techniques for the Distribution of Symmetric Keys
GEOBRIDGE team members have played key roles in the definition of relevant ANSI X9 and ISO standards, including serving as chairs for
the X9A10 and X9F4 working groups. With decades of combined experience in the hands-on development of these standards, GEOBRIDGE is
uniquely positioned to provide TG-3 related services, including:
- Assessments
- Pre-assessments
- Remediation services
- Educational services, including introductions to TG-3, staff awareness training and tailored compliance training programs.
- Customized TG-3 compliance consulting services, including customized best-practices guides tailored to the requirements of individual organizations.
Contact Us for more information about GEOBRIDGE TG-3 Compliance Services.
Download our TG-3 Compliance Brochure
... 
[PDF-563KB]
|
.gif)
