ISO 19092-1:2006
Withdrawn
View Superseded by
Financial services — Biometrics — Part 1: Security framework
Hardcopy , PDF
English
12-01-2006
03-11-2019
ISO 19092-1:2006 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092-1:2006 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.
The following are within the scope of ISO 19092-1:2006:
- usage of biometrics for the authentication of employees and persons seeking financial services by:
- verification of a claimed identity;
- identification of an individual;
- validation of credentials presented at enrolment to support authentication as required by risk management;
- management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;
- security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;
- application of biometrics for logical and physical access control;
- surveillance to protect the financial institution and its customers;
- security of the physical hardware used throughout the biometric information life cycle.
ISO 19092-1:2006 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.
| Committee |
ISO/TC 68/SC 2
|
| DevelopmentNote |
DRAFT ISO/DIS 19092-1 is also available for this standard. (08/2007)
|
| DocumentType |
Standard
|
| Pages |
81
|
| PublisherName |
International Organization for Standardization
|
| Status |
Withdrawn
|
| SupersededBy |
| BS ISO/IEC 24713-1:2008 | Information technology. Biometric profiles for interoperability and data interchange Overview of biometric systems and biometric profiles |
| 07/30107763 DC : 0 | BS ISO/IEC 24713-2 - INFORMATION TECHNOLOGY - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 2: PHYSICAL ACCESS CONTROL FOR EMPLOYEES AT AIRPORTS |
| 07/30143287 DC : 0 | BS ISO/IEC 24761 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS |
| INCITS/ISO/IEC 24713-1 : 2009 | INFORMATION TECHNOLOGY - BIOMETRIC PROFILES - FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 1: OVERVIEW OF BIOMETRIC SYSTEMS AND BIOMETRIC PROFILES |
| ISO/IEC 24713-1:2008 | Information technology — Biometric profiles for interoperability and data interchange — Part 1: Overview of biometric systems and biometric profiles |
| INCITS/ISO/IEC 24713-1:2008(R2019) | Information technology - Biometric profiles for interoperability and data interchange - Part 1: Overview of biometric systems and biometric profiles<br> |
| ISO/IEC 18031:2011 | Information technology — Security techniques — Random bit generation |
| ISO 15782-1:2009 | Certificate management for financial services — Part 1: Public key certificates |
| ISO/IEC 18032:2005 | Information technology — Security techniques — Prime number generation |
| ISO 13491-1:2016 | Financial services — Secure cryptographic devices (retail) — Part 1: Concepts, requirements and evaluation methods |
| ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
| ISO 10202-3:1998 | Financial transaction cards — Security architecture of financial transaction systems using integrated circuit cards — Part 3: Cryptographic key relationships |
| ISO/TR 13569:2005 | Financial services — Information security guidelines |
| ISO/IEC Guide 73:2002 | Risk management — Vocabulary — Guidelines for use in standards |
| ISO/IEC 17799:2005 | Information technology — Security techniques — Code of practice for information security management |
| ISO/IEC 13335-1:2004 | Information technology — Security techniques — Management of information and communications technology security — Part 1: Concepts and models for information and communications technology security management |
| ISO/IEC 19784-1:2006 | Information technology — Biometric application programming interface — Part 1: BioAPI specification |
| ISO/IEC 7816-11:2004 | Identification cards — Integrated circuit cards — Part 11: Personal verification through biometric methods |
Please Login or Create an Account so you can add users to your Multi user PDF Later.
Important note : All end users must be registered with an Account prior to user licenses being assigned.
Users cannot be edited or removed once added to your Multi user PDF.