ISO/IEC 19286:2018 aims to normalize privacy-enhancing protocols and services by
- using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy,
- providing discoverability means of privacy-enabling attributes,
- defining requirements for attribute-based credential handling, and
- identifying data objects and commands for ICCs.
Existing privacy-enhancing protocols available in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced with privacy protection. Secure communication between an ICC and an on-card device is also considered.
All the protocols and services described in this document contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.
Status: PublishedPublication date: 2018-01
Edition: 1Number of pages: 76
Technical Committee: ISO/IEC JTC 1/SC 17 Cards and security devices for personal identification
- ICS :
- 35.240.15 Identification cards. Chip cards. Biometrics
This standard contributes to the following Sustainable Development Goal:
Buy this standard
|std 1 187|
|std 2 187||Paper|
A standard is reviewed every 5 years
Stage: 90.20 (Under review)
Got a question?
Check out our FAQs
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)
Keep up to date with ISO
Sign up to our newsletter for the latest news, views and product information.