Skip to content
Please enter a keyword to search
  • Preview

    ISO 19092:2008

    View superseded by
    Superseded A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
    View superseded by

    Financial services — Biometrics — Security framework

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Superseded date:  02-03-2023

    Language(s):  English

    Published date:  07-01-2008

    Publisher:  International Organization for Standardization

    Add To Cart

    Abstract - (Show below) - (Hide below)

    ISO 19092:2008 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092:2008 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.

    The following are within the scope of ISO 19092:2008:

    • usage of biometrics for the authentication of employees and persons seeking financial services by:
      • verification of a claimed identity;
      • identification of an individual;
    • validation of credentials presented at enrolment to support authentication as required by risk management;
    • management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;
    • security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;
    • application of biometrics for logical and physical access control;
    • surveillance to protect the financial institution and its customers;
    • security of the physical hardware used throughout the biometric information life cycle.

    ISO 19092:2008 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.

    General Product Information - (Show below) - (Hide below)

    Development Note Supersedes ISO/FDIS 19092, ISO/DIS 19092-1 and ISO 19092-1. (01/2008)
    Document Type Standard
    Publisher International Organization for Standardization
    Status Superseded
    Superseded By
    Supersedes

    Standards Referenced By This Book - (Show below) - (Hide below)

    BS ISO/IEC 19784-1 : 2006 INFORMATION TECHNOLOGY - BIOMETRIC APPLICATION PROGRAMMING INTERFACE - PART 1: BIOAPI SPECIFICATION
    ISO/IEC 19784-1:2018 Information technology — Biometric application programming interface — Part 1: BioAPI specification
    BS ISO/IEC 24713-2:2008 Information technology. Biometric profiles for interoperability and data interchange Physical access control for employees at airports
    BS ISO/IEC 24761:2009 Information technology. Security techniques. Authentication context for biometrics
    PD ISO/TS 12812-2:2017 Core banking. Mobile financial services Security and data protection for mobile financial services
    17/30349181 DC : 0 BS ISO/IEC 24760-1 AMENDMENT 1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR IDENTITY MANAGEMENT - PART 1: TERMINOLOGY AND CONCEPTS
    10/30143797 DC : 0 BS ISO/IEC 24760-1 - INFROMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR IDENTITY MANAGEMENT - PART 1: TERMINOLOGY AND CONCEPTS
    BS ISO/IEC 24760-1:2011 Information technology. Security techniques. A framework for identity management Terminology and concepts
    ISO/TS 12812-2:2017 Core banking — Mobile financial services — Part 2: Security and data protection for mobile financial services
    ANSI INCITS 383 : 2008(R2018) INFORMATION TECHNOLOGY - BIOMETRIC PROFILE - INTEROPERABILITY AND DATA INTERCHANGE - BIOMETRICS-BASED VERIFICATION AND IDENTIFICATION OF TRANSPORTATION WORKERS
    BS ISO/IEC 24745:2011 Information technology. Security techniques. Biometric information protection
    05/30107760 DC : DRAFT AUG 2005 ISO/IEC 24713-1 - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 1: BIOMETRIC REFERENCE ARCHITECTURE
    16/30335561 DC : DRAFT APR 2016 BS ISO 37102 - SUSTAINABLE DEVELOPMENT AND RESILIENCE OF COMMUNITIES - VOCABULARY
    INCITS/ISO/IEC 24713-2 : 2009 INFORMATION TECHNOLOGY - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 2: PHYSICAL ACCESS CONTROL FOR EMPLOYEES AT AIRPORTS
    ISO/IEC TR 29195:2015 Traveller processes for biometric recognition in automated border control systems
    ISO/IEC 24760-1:2011 Information technology Security techniques A framework for identity management Part 1: Terminology and concepts
    ANSI INCITS 383 : 2008 : R2013 INFORMATION TECHNOLOGY - BIOMETRIC PROFILE - INTEROPERABILITY AND DATA INTERCHANGE - BIOMETRICS-BASED VERIFICATION AND IDENTIFICATION OF TRANSPORTATION WORKERS
    10/30136309 DC : 0 BS ISO/IEC 24745 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION
    ISO/IEC 24713-2:2008 Information technology Biometric profiles for interoperability and data interchange Part 2: Physical access control for employees at airports
    INCITS/ISO/IEC 24761 : 2009(R2014) INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS
    INCITS/ISO/IEC 24745 : 2012(R2017) INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION
    PD ISO/IEC TR 29195:2015 Traveller processes for biometric recognition in automated border
    ISO/IEC 24761:2009 Information technology Security techniques Authentication context for biometrics
    ISO/IEC 24745:2011 Information technology Security techniques Biometric information protection

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
    ISO/IEC 18032:2005 Information technology Security techniques Prime number generation
    ISO 13491-1:2016 Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods
    ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
    ISO/TR 13569:2005 Financial services Information security guidelines
    ISO/IEC Guide 73:2002 Risk management Vocabulary Guidelines for use in standards
    AS ISO/IEC 19784.1:2019 Information technology - Biometric application programming interface BioAPI specification
    ISO/IEC 17799:2005 Information technology Security techniques Code of practice for information security management
    ISO/IEC 19784-1:2006 Information technology Biometric application programming interface Part 1: BioAPI specification
    ISO/IEC 7816-11:2004 Identification cards Integrated circuit cards Part 11: Personal verification through biometric methods
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective