1、 STD-ITU-T RECMN E.ZZ3-ENGL 1997 D 48b2591 0638738 98b INTERNATIONAL TELECOMMUNICATION UNION ITU-T TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU E.113 (05/97) SERIES E: OVERALL NETWORK OPERATION, TELEPHONE SERVICE, SERVICE OPERATION AND HUMAN FACTORS Operation, numbering, routing and mobile servic
2、es - International operation - General provisions concerning Administrations Validation procedures for the international telecommunications charge card service ITU-T Recommendation E113 (Previously CCITT Recommendation) STD-ITU-T RECMN E-LL3-ENGL 1997 W Li8b2571 Ob38719 812 M ITU-T E-SERIES RECOMMEN
3、DATIONS OVERALL NETWORK OPERATION, TELEPHONE SERVICE, SERVICE OPERATION AND HUMAN FACTORS IPERATION, NUMBERING, ROUTING AND MOBILE SERVICES INTERNATIONAL OPERATION Definitions E. 100-E.229 E.100-E.103 - _ General provisions concerdg Administrations E.104-E.119. *- General provisions concerning users
4、 Operation of international telephone services Numbering plan of the international telephone service International routing plan Tones in national signalling systems Maritime mobile service and public land mobile service - OPERATIONAL PROVISIONS RELATING TO CHARGING AND ACCOUNTING IN THE INTERNATIONA
5、L TELEPHONE SERVICE Charging in the international telephone service Procedures for remuneration of Administrations for facilities made available Measuring and recording call durations for accounting purposes Establishment and exchange of international accounts UTILIZATION OF THE INTERNATIONAL TELEPH
6、ONE NETWORK FOR NON- TELEPHONY APPLICATIONS General Phototelegraphy ISDN PROVISIONS CONCERNING USERS QUALITY OF SERVICE, NETWORK MANAGEMENT AND TRAFFIC ENGINEERING NETWORK MANAGEMENT TRAFFIC ENGINEERING QUALITY OF TELECOMMUNICATION SERVICES: CONCEPTS, MODELS, OBJECTIVES AND DEPENDABILITY PLANNING E.
7、 120-E. 139 E. 140-E. 159 E. 160-E. 169 E. 170-E. 179 E. 180-E. 199 E.200-E.229 E.230-E.299 E.230-E.249 E.250-E.259 E.260-E.269 E.270-E.299 E.300-E.329 E.300-E.319 E.320-E.329 E.330-E.399 E.400-E.489 E.490-E.799 E.800-E.899 For further details, please refer to ITU-T List of Recommendations. - STD-IT
8、U-T RECMN E.LL3-ENGL 1777 4862571 Ob38720 534 ITU-T RECOMMENDATION E.113 VALIDATION PROCEDURES FOR THE INTERNATIONAL TELECOMMUNICATIONS CHARGE CARD SERVICE Summary The expanded use and the increased number of charge cards require Card Issuers (or authorized agents) to implement adequate security aga
9、inst fraudulent use. Therefore, a critical facet in the provision of such a system is the ability to ensure the validity of the card and its authorized use in a uniform manner. The purpose of this Recommendation is to define the procedures for the validation process between Administrations. This val
10、idation process makes no attempt to specify any equipment, facilities and data transmission techniques. - Source ITU-T Recommendation E.113 was revised by ITU-T Study Group 1 (1997-2000) and was approved under the WTSC Resolution No. 1 procedure on the 26th of May 1997. Recommendation E.113 (05/97)
11、1 STDSITU-T RECMN E-113-ENGL 1997 48b2571 Ob3872L 470 FOREWORD ITU (International Telecommunication Union) is the United Nations Specialized Agency in the field of telecommuni- cations. The IT Telecommunication Standardization Sector (ITU-T) is a permanent organ of the ITLJ. The ITU-T is responsible
12、 for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Conference (WTSC), which meets every four years, establishes the topics for study by the ITU-T
13、 Study Groups which, in their turn, produce Recommendations on these topics. - The approval of Recommendations by the Members of the IT-T is covered by the procedure laid down in WTSC Resolution No. 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards
14、are prepared on a collaborative basis with IS0 and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. INTELLECTUAL PROPERTY RIGHTS The IT draws attention to the possibility t
15、hat the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. The IT takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recomm
16、endation development process. As of the date of approval of this Recommendation, the ITU hadhad not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementors are cautioned that this may not represent the latest infor
17、mation and are therefore strongly urged to consult the TSB patent database. O ITU 1997 All rights reserved. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the IT
18、U. 11 Recommendation E.113 (0997) STD-ITU-T RECMN E.113-ENGL 1977 W YBb2591 b38722 307 CONTENTS Introduction . 1 Methods of validation 2 Full validation procedures 2.1 Validation information flow . 2.2 Authorization request 2.3 Request response 2.4 Call disposition (optional) 3 Limited validation pr
19、ocedures . : Types of limited validation procedures . Location of personal identifying information . Annex A - Security during validation over an X.25 network A.3 Validation security procedures . 3.1 3.2 A.2 Recommendations . Page iv 1 1 1 3 4 5 6 6 7 7 8 8 Recommendation E.113 (05/97) . 111 STD-ITU
20、-T RECMN E-LLI-ENGL 1777 48b257L Ob38723 243 Introduction Work is progressing to develop the international telecommunications charge card service as defined in Recommen- dation E.116. The expanded use and the increased number of charge cards require Card Issuers (or authorized agents) to implement a
21、dequate security against fraudulent use. Therefore, a critical facet in the provision of such a system is the ability to ensure the validity of the card and its authorized use in a uniform manner. The purpose of this Recommendation is to define the procedures for the validation process between Admin
22、istrations. This validation process makes no attempt to specify any equipment, facilities and data transmission techniques. It should be recognized that the procedures for validation of telecommunications charge cards between Administrations will vary, based on such factors as the capabilities of th
23、e card systems, bilateral agreements, and the manner in which the card is presented. Flexibility in this process must be maintained in order to maximize participation of Administrations where automated interfaces may not exist or may not be uniformly available. Where such automated interfaces exist,
24、 a defined uniform implementation is desirable. - iv Recommendation E.113 (05/97) Recommendation E.113 VALIDATION PROCEDURES FOR THE INTERNATIONAL TELECOMMUNICATIONS CHARGE CARD SERVICE (Melbourne, 1988; revised in 1993 and 1997) 1 Methods of validation There are several methods to test the validity
25、 of charge cards. These may be divided into two general categories - full validation and limited validation. Full validation requires checking the card number against the Card Issuers database, as well as real-time communication between the Card Acceptor and the Card Issuer. Full validation is more
26、thorough than other methods and is practical for automated or semi-automated charge card systems. Limited validation may involve one or more techniques, such as a special character, a code, or a check against a partial database, as determined by the Card Issuer and outlined in a service agreement. L
27、imited validation methods minimize the need for communication between Administrations. - 2 Full validation procedures 2.1 Validation information flow The information from the card and/or the user is presented to a terminal having access to an Administrations telecommunication charge card system. Tha
28、t system should then communicate with the Card Issuer to validate the card and authorize its use. The validation information flow comprises three messages: - authorization request; - request response; - cai1 disposition. The authorization request is a message from the Card Acceptor to the Card Issue
29、r which provides details of an attempt to use a telecommunication charge card. This allows the Card Issuer to query its own internai systems to respond to the Card Acceptor. The Card Issuer should then communicate with the Card Acceptor to provide either a positive or negative response (with a speci
30、fic indication as to why the authorization should not be granted) to the authorization request. This message is defined herein as the request response. Feedback should then be given to the user of the card as to the status of the call attempt to the extent possible within the capabilities of the par
31、ticular Administrations telephone system. A third message denoted as the call disposition would be sent, subject to agreements between Administrations and Card Issuers, by the Card Acceptor to the Card Issuer in a timely manner after completion of a call or call attempt. It would contain information
32、 to allow a more complete estimate of call activity. Subclauses 2.2, 2.3 and 2.4 describe the functional components of the authorization request, the request response, and the call disposition messages respectively. Table 1 validation provides a summary of the functional components and indicates the
33、 components which are required and those which are optional. Annex A provides security guidance for validation over X.25 networks. - * This Recommendation replaces existing Recommendation E.113, Fascicle 11.2 Blue Book. Recommendation E.113 (05/97) 1 STD-ITU-T RECMN E.LL3-ENGL 1777 48b2571 b38725 OL
34、b = 2 Recommendation E.113 (05197) STDSITU-T RECMN E-LL3-ENGL 1997 LiBb2S91 Ob3872b T52 2.2 Authorization request The following describes the basic component of a request from the Card Acceptor to the Card Issuer to validate a charge card and authorize its use. 2.2.1 Message type identifier (require
35、d) A message type identifier should be included in this message. It is provided by the Card Accept or to identify this message to the Card Issuer as the authorization request. 2.2.2 Message reference identifier (required) A message reference identifier should be included in this message. Its purpose
36、 is to uniquely relate this message to a specific validation transaction. - 2.2.3 Primary account number (required) The primary account number (19 visible characters - maximum) of the card as defined in Recommendation E.118 should be included in this message as it was obtained from the card or the u
37、ser. Part of the primary account number, the issuer identification number, can be used by the Card Acceptor to identify the card and to route the authorization request to the appropriate database. 2.2.4 Card Acceptor issuer identifier (required) The Card Acceptor identifier should be included in thi
38、s message and can be used by the Card Issuer to identify the Administration accepting the telecommunication card. The Card Acceptor identifier should contain the issuer identification number of the Card Acceptor. 2.2.5 Expiry date (optional) The expiry date of the card, if one is specified, may be i
39、ncluded in this message. The inclusion of this information should not relieve the Card Acceptor, within the capabilities of its local charge card system, from ensuring that the card has not expired. 2.2.6 Personal Identification Number (PIN) (required) The use of a PIN is left to the discretion of t
40、he Card Issuer. This information can be used by the Card Issuer to authenticate the user and, as applicable, authorize the use of the card. If the Card Issuer has implemented a PIN, it should be included in this message and preferably be encrypted. For telecommunication Card Issuers, it is recommend
41、ed that the maximum length of the PIN be 6 digits; Card Issuers from other industries may implement PINS of longer length. 2.2.7 Service identifier (optional) An indication of the service for which the user is charging against their telecommunication charge card should be included in the message. Th
42、is information will allow the Card Issuer to manage any service-related restrictions against the charge card being used. The information should denote the bearer service and any supplementary services involved in the transaction. 2.2.8 Calling telephone number (optional) The full international calli
43、ng telephone number, where available, should be included in this message. As an alternative, the ITU country code may be provided where the calling telephone number is not available. The use of this information is subject to agreements between Administrations. This information is necessary for some
44、Administrations to manage the restricted use of some cards as well as for Card Issuers to ensure that the proper agreements exist to bill, collect, and settle the call. It is also used in the detection of fraud. Recommendation E.113 (0997) 3 2.2.9 Called telephone number (required) The full internat
45、ional called telephone number should be included in this message. The use of this information is subject to agreements between Administrations. This information is necessary for some Administrations to manage the restricted use of some cards as well as for Card Issuers to ensure that the proper agre
46、ements exist to bill, collect and settle the call. It is also used in the detection of fraud. 2.2.10 Time and date stamp (optional) A time and date stamp should be included in this message. This information should contain the month, day, hour, minute and second in Coordinated Universal Time (UTC), t
47、hat the authorization request is entered into the system. 2.3 Request response The following describes the basic components of the response from the Card Issuer to an authorization request. 2.3.1 Message type identifier (required) A message type identifier should be included in this message. It is p
48、rovided by the Card Issuer to identify this message to the Card Acceptor as the request response. 2.3.2 Message reference identifier (required) A message reference identifier should be included in this message. Its purpose is uniquely to relate this message to a specific validation transaction. 2.3.
49、3 Primary account number (optional) The primary account number as described in 2.2.3 should be included in this message. It is provided here for closure between the authorization request and the request response. 2.3.4 Response code (required) The response code should be included in this message to indicate the result of the authorization request. Specific definitions and their corresponding codes are left for further study. Possible conditions for responses may include: - service approved; - service approved on a limited basis: see 2.3.6 and 2.3.7; - - - service
