GM/T 0072-2019 PDF in English
GM/T 0072-2019 (GM/T0072-2019, GMT 0072-2019, GMT0072-2019)
Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
GM/T 0072-2019 | English | 180 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Technical requirements for the applying of cryptography in remote mobile payment
| Valid |
Standards related to (historical): GM/T 0072-2019
PDF Preview
GM/T 0072-2019: PDF in English (GMT 0072-2019) GM/T 0072-2019
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Technical requirements for the applying of
cryptography in remote mobile payment
ISSUED ON: JULY 12, 2019
IMPLEMENTED ON: JULY 12, 2019
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 3
Introduction ... 4
1 Scope ... 5
2 Normative references ... 5
3 Terms and definitions ... 6
4 Abbreviations ... 8
5 Mode for the applying of cryptography in remote mobile payment ... 8
6 Security requirements for applying of cryptography ... 10
6.1 Overview ... 10
6.2 Data confidentiality ... 10
6.3 Data integrity ... 10
6.4 Identity authentication ... 10
6.5 Non-repudiation ... 10
7 Technical requirements for cryptographic security ... 11
7.1 Overview ... 11
7.2 Requirements for using cryptographic algorithms ... 11
7.3 Device-side security requirements ... 11
7.3.1 Security requirements for cryptographic modules ... 11
7.3.2 Security requirements for key management ... 11
7.3.3 Security requirements for applying of cryptography ... 12
7.4 Platform-side security requirements ... 14
7.4.1 Cryptographic equipment security requirements ... 14
7.4.2 Key management security requirements ... 15
7.4.3 Security requirements for applying of cryptography ... 17
7.4.4 Management security requirements ... 19
7.5 Communication security requirements ... 19
Technical requirements for the applying of
cryptography in remote mobile payment
1 Scope
This Standard describes the architecture for the applying of cryptography in
remote mobile payment based on the cryptographic module and specifies the
cryptographic security elements of remote mobile payment and the technical
requirements for the applying of cryptography.
This Standard is applicable to providing guidance on cryptographic security
elements to be considered and technical requirements to be followed for the
applying of cryptography in cryptographic module-based remote mobile
payment.
2 Normative references
The following documents are indispensable for the application of this document.
For the dated references, only the editions with the dates indicated are
applicable to this document. For the undated references, the latest edition
(including all the amendments) are applicable to this document.
GB/T 32905 Information security techniques - SM3 cryptographic hash
algorithm
GB/T 32907 Information security technology - SM4 block cipher algorithm
GB/T 32915 Information security technology - Randomness test methods for
binary sequence
GB/T 32918 (all parts) Information security technology - Public key
cryptographic algorithm SM2 based on elliptic curves
GB/T 35275 Information security technology - SM2 cryptographic algorithm
encrypted signature message syntax specification
GB/T 35276 Information security technology - SM2 cryptography algorithm
usage specification
GB/T 37092 Information security technology - Security requirements for
cryptographic modules
The system used to manage all aspects of the life cycle of key such as
generation, loading, storage, backup, distribution, update, archiving, and
destruction.
3.8 Certificate authority; CA
The issuing authority of certificate, i.e. the authority responsible for issuing
certificates, certifying certificates, and managing issued certificates. It is
responsible for formulating policies and specific steps to verify and identify
users and signing user certificates, to ensure the identity of certificate holders
and the ownership of public key. It is also known as the certification center.
3.9 Client software
The application that implements financial payment functions on mobile device.
3.10 One time password; OTP
It means that it is used only once in the authentication process; another
password is used for the next authentication; each password is used only once.
One time password authentication currently has three technical modes: based
on time synchronization mechanism, based on event synchronization
mechanism, and based on challenge/response (asynchronous) mechanism.
3.11 SMS dynamic code
Also known as SMS password, which is a random number sent by the
background system to the user's bound mobile phone in the form of a mobile
phone text message. The user is authenticated by replying to the random
number.
3.12 Digital certificate
Also known as public key certificate, a data structure signed by a certificate
authority (CA) and containing public key owner information, public key, issuer
information, validity period, and extended information. According to category, it
can be divided into personal certificate, authority certificate, and equipment
certificate. According to purpose, it can be divided into signature certificate and
encryption certificate.
3.13 Digital signature
The result obtained by the cryptographic operation of the signer using the
private key to the hash value of the data to be signed. The result can only be
verified with the public key of the signer, which is used to confirm the integrity
authority (CA). If other authentication modes are used (such as OTP, etc.), the
cryptography platform includes a key management system and other
cryptography platforms. The key management system provides key
management services for the cryptographic module on the platform side. A
certificate authority is an authority that provides certificate authentication
services. In the process of applying of cryptography in remote mobile payment,
if a certificate authentication mode is not used, only a key management system
is required; if a certificate authentication mode is used, a certificate authority is
also required to provide certificate authentication services.
6 Security requirements for applying of cryptography
6.1 Overview
The security requirements for applying of cryptography are mainly the data
confidentiality, integrity, identity authentication, and non-repudiation in remote
mobile payment processes.
6.2 Data confidentiality
Transaction sensitive data, during the process of client application input,
storage on the mobile device side, transmission between the mobile device side
and the platform side, storage on the platform side, and transmission between
different system platforms on the platform side, cannot be obtained in plain text
by unauthorized entities and thus used or leaked.
6.3 Data integrity
The data transmitted between the client application and the cryptographic
module, the data transmitted between the mobile device and the remote
payment system, and the data transmitted between the remote payment system
and other system platforms cannot be modified or destroyed without
authorization.
6.4 Identity authentication
In remote mobile payment, the identity of each entity shall be confirmed, to
prevent identity from being occupied or impersonated.
6.5 Non-repudiation
In remote mobile payment, it shall be ensured that the sending entity of
transaction information cannot falsely deny the message it sent afterwards.
7.3.2.2 Key storage
If the symmetric key or SM2 private key needs to be stored, it must be securely
stored in the cryptographic module of the mobile device, to ensure the security
of key storage and prevent key leakage and illegal replacement.
When the cryptographic module of mobile device is invalidated, the stored key
must be invalidated with it.
7.3.2.3 Key use
Keys need to specify attributes, to prevent unauthorized use or misuse of keys.
Key use requirements:
a) The key can only be used for the specified application;
b) The key can only be used for the specified purpose or function;
c) When a known key is compromised, it shall be discontinued;
d) When it is suspected that a key is compromised, it is possible to actively
stop using it.
7.3.2.4 Key update
It shall be possible to update the key according to the key update policy.
7.3.2.5 Key destruction
According to the key management policy, the key can be destroyed. The key to
be destroyed is required to be destroyed from various used media. The
destruction result is required to be irreversible. The original key cannot be
recovered from the destruction result.
7.3.3 Security requirements for applying of cryptography
7.3.3.1 Device data confidentiality guarantee requirements
Device data confidentiality guarantee requirements apply to the input of client’s
sensitive information, the transmission of critical operational messages, and the
device APP processing of its own stored data. It shall enhance the
confidentiality of sensitive information data with the risk of leakage.
Security requirements:
a) USE a secure password keyboard to ensure the input security of device
client passwords (static passwords, dynamic passwords);
c) When using the bound terminal equipment method, a secure hash
algorithm or encryption algorithm shall be used to securely process the
original equipment information collected, to avoid the risk of forgery and
replay attacks caused by the leakage of the original equipment information.
d) When the device uses the digital signature method, the cryptographic
module must be able to protect the security of the private key and avoid
the leakage of the private key.
7.3.3.4 Device non-repudiation guarantee requirements
Device information non-repudiation guarantee requirements apply to high-risk
business links, such as transfer transactions. Security measures such as
certificate authentication shall be adopted to ensure that the operations and
data performed by clients in these business links have legal non-repudiation
effects.
Security requirements:
a) The device shall digitally sign critical sensitive information of the business,
and send the original text of the sensitive information along with related
signature data to the platform side for verification and storage;
b) The cryptographic module shall protect the security of the private key and
avoid the leakage of the private key.
7.3.3.5 Device cryptographic algorithm requirements
It shall choose domestic cryptographic algorithms to ensure the security of
information data. See 7.2 for the requirements of cryptographic algorithms.
7.4 Platform-side security requirements
7.4.1 Cryptographic equipment security requirements
The cryptographic equipment shall comply with relevant security regulations,
including at least the following requirements:
a) Any operation on the cryptographic equipment must be performed strictly
in accordance with the procedures after approval. RECORD the operation
log;
b) Prohibit illegal connection of cryptographic equipment or use of
cryptographic equipment for other purposes;
c) It shall use cryptographic equipment approved by the national
cryptography authority.
7.4.2.4 Key use
Keys need to specify attributes, to prevent unauthorized use or misuse of keys.
Key use requirements:
a) The key can only be used for the specified application;
b) The key can only be used for the specified purpose or function;
c) When a known key is compromised, it shall be discontinued;
d) When it is suspected that a key is compromised, it is possible to actively
stop using it.
7.4.2.5 Key update
The key management system, for the managed system and the managed
equipment, needs to set a key update policy.
It shall be possible to update the key according to the key update policy. If the
updated key is a key encryption key or root key, all keys or subkeys encrypted
by that key shall be replaced.
The application data to encryption caused by the key replacement is not the
responsibility of the key management center.
Key update requirements:
a) UPDATE strictly in accordance with the key update policy;
b) The new key cannot irreversibly derive the old key;
c) The risk of leaking other keys cannot be increased.
7.4.2.6 Key archiving
When keys expire or are no longer used, according to key management policies,
they can be archived.
Keys can be archived in the following forms:
a) Archived keys can only be used to prove the legitimacy of transactions
made before archiving;
b) Archived keys shall not be returned to operational use;
c) Archived keys must not affect the security of the key in use.
device client business operations, to avoid critical information messages from
being tampered with illegally.
Security requirements:
Methods for ensuring platform-side information integrity include, but are not
limited to, supporting verification methods such as message authentication
code (MAC) and digital signature.
7.4.3.3 Platform-side identity authentication guarantee requirements
Platform-side identity authentication guarantee requirements apply to the
platform-side acceptance and verification of client identities in businesses such
as remote mobile payment login and payment, ensuring the credibility of clients’
online identities, as well as login and payment security.
Security requirements:
a) The platform side shall support multiple identity authentication methods.
Conventional methods include, but are not limited to static passwords,
SMS dynamic codes, digital signatures, etc.;
b) USE SSL or other secure communication protocols to create a connection
between the device and the platform side and maintain a secure
connection state until exit.
7.4.3.4 Platform-side non-repudiation guarantee requirements
Platform-side information non-repudiation guarantee requirements apply to
high-risk business links, such as transfer transactions. It shall take security
measures, to ensure legal non-repudiation effect for the operations and data of
the device client in these business links.
Security requirements:
If certificate authentication is adopted, the platform side, after verifying the
validity of the digital signature, shall continue to verify the validity of the signer's
certificate, to ensure that the signer's certificate is legal and valid when the
original information of the message and its digital signature are accepted.
7.4.3.5 Platform-side cryptographic algorithm requirements
It shall choose domestic cryptographic algorithms to ensure the security of
information data. For key algorithm requirements, see 7.2.
...... Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|