Skip to content
Please enter a keyword to search

  • ISO 19092-1:2006

    View superseded by
    Withdrawn A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
    View superseded by

    Financial services Biometrics Part 1: Security framework

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Withdrawn date:  11-03-2019

    Language(s):  English

    Published date:  01-12-2006

    Publisher:  International Organization for Standardization

    Add To Cart

    Abstract - (Show below) - (Hide below)

    ISO 19092-1:2006 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092-1:2006 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.

    The following are within the scope of ISO 19092-1:2006:

    • usage of biometrics for the authentication of employees and persons seeking financial services by:
      • verification of a claimed identity;
      • identification of an individual;
    • validation of credentials presented at enrolment to support authentication as required by risk management;
    • management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;
    • security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;
    • application of biometrics for logical and physical access control;
    • surveillance to protect the financial institution and its customers;
    • security of the physical hardware used throughout the biometric information life cycle.

    ISO 19092-1:2006 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.

    General Product Information - (Show below) - (Hide below)

    Development Note DRAFT ISO/DIS 19092-1 is also available for this standard. (08/2007)
    Document Type Standard
    Publisher International Organization for Standardization
    Status Withdrawn
    Superseded By

    Standards Referenced By This Book - (Show below) - (Hide below)

    BS ISO/IEC 24713-1:2008 Information technology. Biometric profiles for interoperability and data interchange Overview of biometric systems and biometric profiles
    07/30107763 DC : 0 BS ISO/IEC 24713-2 - INFORMATION TECHNOLOGY - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 2: PHYSICAL ACCESS CONTROL FOR EMPLOYEES AT AIRPORTS
    07/30143287 DC : 0 BS ISO/IEC 24761 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS
    INCITS/ISO/IEC 24713-1 : 2009 INFORMATION TECHNOLOGY - BIOMETRIC PROFILES - FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 1: OVERVIEW OF BIOMETRIC SYSTEMS AND BIOMETRIC PROFILES
    ISO/IEC 24713-1:2008 Information technology Biometric profiles for interoperability and data interchange Part 1: Overview of biometric systems and biometric profiles

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
    ISO 15782-1:2009 Certificate management for financial services Part 1: Public key certificates
    ISO/IEC 18032:2005 Information technology Security techniques Prime number generation
    ISO 13491-1:2016 Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods
    ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
    ISO 10202-3:1998 Financial transaction cards Security architecture of financial transaction systems using integrated circuit cards Part 3: Cryptographic key relationships
    ISO/TR 13569:2005 Financial services Information security guidelines
    ISO/IEC Guide 73:2002 Risk management Vocabulary Guidelines for use in standards
    ISO/IEC 17799:2005 Information technology Security techniques Code of practice for information security management
    ISO/IEC 13335-1:2004 Information technology Security techniques Management of information and communications technology security Part 1: Concepts and models for information and communications technology security management
    ISO/IEC 19784-1:2006 Information technology Biometric application programming interface Part 1: BioAPI specification
    ISO/IEC 7816-11:2004 Identification cards Integrated circuit cards Part 11: Personal verification through biometric methods
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective