ISO 19092-1:2006 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092-1:2006 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.
The following are within the scope of ISO 19092-1:2006:
- usage of biometrics for the authentication of employees and persons seeking financial services by:
- verification of a claimed identity;
- identification of an individual;
- validation of credentials presented at enrolment to support authentication as required by risk management;
- management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;
- security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;
- application of biometrics for logical and physical access control;
- surveillance to protect the financial institution and its customers;
- security of the physical hardware used throughout the biometric information life cycle.
ISO 19092-1:2006 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.
État actuel : AnnuléeDate de publication : 2006-12
Edition : 1
Comité technique:Services financiers, sécurité
Vous avez une question?
Consulter notre FAQ
De lundi à vendredi - 09:00-12:00, 14:00-17:00 (UTC+1)
Suivez l'actualité de l'ISO
Inscrivez-vous à notre Newsletter (en anglais) pour suivre nos actualités, points de vue et informations sur nos produits.