ISO/IEC 19792:2009
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
View Superseded by
Information technology — Security techniques — Security evaluation of biometrics
Hardcopy , PDF
English
30-07-2009
06-01-2026
ISO/IEC 19792:2009 specifies the subjects to be addressed during a security evaluation of a biometric system.
It covers the biometric-specific aspects and principles to be considered during the security evaluation of a biometric system. It does not address the non-biometric aspects which might form part of the overall security evaluation of a system using biometric technology (e.g. requirements on databases or communication channels).
ISO/IEC 19792:2009 does not aim to define any concrete methodology for the security evaluation of biometric systems but instead focuses on the principal requirements. As such, the requirements in ISO/IEC 19792:2009 are independent of any evaluation or certification scheme and will need to be incorporated into and adapted before being used in the context of a concrete scheme.
ISO/IEC 19792:2009 defines various areas that are important to be considered during a security evaluation of a biometric system.
ISO/IEC 19792:2009 is relevant to both evaluator and developer communities.
- It specifies requirements for evaluators and provides guidance on performing a security evaluation of a biometric system.
- It serves to inform developers of the requirements for biometric security evaluations to help them prepare for security evaluations.
Although ISO/IEC 19792:2009 is independent of any specific evaluation scheme it could serve as a framework for the development of concrete evaluation and testing methodologies to integrate the requirements for biometric evaluations into existing evaluation and certification schemes.
| Committee |
ISO/IEC JTC 1/SC 27
|
| DocumentType |
Standard
|
| Pages |
37
|
| PublisherName |
International Organization for Standardization
|
| Status |
Withdrawn
|
| SupersededBy |
| Standards | Relationship |
| IS/ISO/IEC 19792 : 2009 | Identical |
| INCITS/ISO/IEC 19792 : 2012 | Identical |
| NEN ISO/IEC 19792 : 2009 | Identical |
| BS ISO/IEC 19792:2009 | Identical |
| DS ISO/IEC 19792 : 2009 | Identical |
| INCITS/ISO/IEC 19792:2009(R2022) | Identical |
| 18/30361485 DC : 0 | BS ISO/IEC 19896-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - COMPETENCE REQUIREMENTS FOR INFORMATION SECURITY TESTERS AND EVALUATORS - PART 3: KNOWLEDGE, SKILLS AND EFFECTIVENESS REQUIREMENTS FOR ISO/IEC 15408 EVALUATORS |
| BS ISO/IEC 30107-3:2017 | Information technology. Biometric presentation attack detection Testing and reporting |
| BS ISO/IEC 17922:2017 | Information technology. Security techniques. Telebiometric authentication framework using biometric hardware security module |
| 17/30331331 DC : DRAFT MAY 2017 | BS ISO/IEC 30136 - INFORMATION TECHNOLOGY - PERFORMANCE TESTING OF BIOMETRIC TEMPLATE PROTECTION SCHEMES |
| INCITS/ISO/IEC 29115 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION ASSURANCE FRAMEWORK |
| ISO/IEC 30107-3:2017 | Information technology — Biometric presentation attack detection — Part 3: Testing and reporting |
| BS ISO/IEC 24761:2009 | Information technology. Security techniques. Authentication context for biometrics |
| BS ISO/IEC 29115:2013 | Information technology. Security techniques. Entity authentication assurance framework |
| BS ISO/IEC 24745:2011 | Information technology. Security techniques. Biometric information protection |
| 16/30266969 DC : 0 | BS ISO/IEC 17922 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - TELEBIOMETRIC AUTHENTICATION FRAMEWORK USING BIOMETRIC HARDWARE SECURITY MODULE |
| BS ISO/IEC 30136:2018 | Information technology. Performance testing of biometric template protection schemes |
| 10/30136309 DC : 0 | BS ISO/IEC 24745 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION |
| 15/30255471 DC : 0 | BS ISO/IEC 30107-1 - INFORMATION TECHNOLOGY - BIOMETRICS PRESENTATION ATTACK - PART 1: FRAMEWORK |
| 12/30168696 DC : 0 | BS ISO/IEC 29115 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION ASSURANCE FRAMEWORK |
| ISO/IEC 30136:2018 | Information technology — Performance testing of biometric template protection schemes |
| ISO/IEC 24761:2009 | Information technology — Security techniques — Authentication context for biometrics |
| 07/30143287 DC : 0 | BS ISO/IEC 24761 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS |
| INCITS/ISO/IEC 24761 : 2009(R2014) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS |
| ISO/IEC 29115:2013 | Information technology — Security techniques — Entity authentication assurance framework |
| 16/30329605 DC : 0 | BS ISO/IEC 30107-3 - INFORMATION TECHNOLOGY - BIOMETRIC PRESENTATION ATTACK DETECTION - PART 3: TESTING AND REPORTING |
| INCITS/ISO/IEC 24745 : 2012(R2017) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION |
| ISO/IEC 17922:2017 | Information technology — Security techniques — Telebiometric authentication framework using biometric hardware security module |
| ISO/IEC TR 30117:2014 | Information technology — Guide to on-card biometric comparison standards and applications |
| ISO/IEC 24745:2011 | Information technology — Security techniques — Biometric information protection |
| INCITS/ISO/IEC 19896-3:2018(R2019) | IT security techniques -- Competence requirements for information security testers and evaluators -- Part 3: Knowledge, skills and effectiveness requirements for ISO/IEC 15408 evaluators |
| INCITS/ISO/IEC 29115:2013[R2019] | Information technology - Security techniques - Entity authentication assurance framework |
| INCITS/ISO/IEC 30107-3:2023(2024) | Information technology — Biometric presentation attack detection — Part 3: Testing and reporting |
| ISO/IEC 24713-1:2008 | Information technology — Biometric profiles for interoperability and data interchange — Part 1: Overview of biometric systems and biometric profiles |
| ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
| ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
| ISO/IEC 19795-1:2006 | Information technology — Biometric performance testing and reporting — Part 1: Principles and framework |
| ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
Access your standards online with a subscription
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.
Important note : Users cannot be edited or removed once added to your Multi user PDF.