ISO 19092-1:2006 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092-1:2006 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.
The following are within the scope of ISO 19092-1:2006:
usage of biometrics for the authentication of employees and persons seeking financial services by:verification of a claimed identity;identification of an individual;validation of credentials presented at enrolment to support authentication as required by risk management;management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;application of biometrics for logical and physical access control;surveillance to protect the financial institution and its customers;security of the physical hardware used throughout the biometric information life cycle.
ISO 19092-1:2006 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.
WITHDRAWN
ISO 19092-1:2006
95.99
Withdrawal of Standard
Jan 7, 2008
WITHDRAWN
ISO 19092:2008
Only informative sections of projects are publicly available. To view the full content, you will need to members of the committee. If you are a member, please log in to your account by clicking on the "Log in" button.