Resumen
ISO 19092:2008 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092:2008 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.
The following are within the scope of ISO 19092:2008:
- usage of biometrics for the authentication of employees and persons seeking financial services by:
- verification of a claimed identity;
- identification of an individual;
- validation of credentials presented at enrolment to support authentication as required by risk management;
- management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;
- security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;
- application of biometrics for logical and physical access control;
- surveillance to protect the financial institution and its customers;
- security of the physical hardware used throughout the biometric information life cycle.
ISO 19092:2008 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.
Informaciones generales
-
Estado: RetiradaFecha de publicación: 2008-01Etapa: Retirada de la Norma Internacional [95.99]
-
Edición: 1Número de páginas: 77
-
Comité Técnico :ISO/TC 68/SC 2
- RSS actualizaciones
Ciclo de vida
-
Anteriormente
RetiradaISO 19092-1:2006
-
Ahora
-
Revisada por
PublicadoISO 19092:2023