ISO 19092-1:2006
w
ISO 19092-1:2006
40559

Abstract 

ISO 19092-1:2006 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092-1:2006 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.

The following are within the scope of ISO 19092-1:2006:

  • usage of biometrics for the authentication of employees and persons seeking financial services by:
    • verification of a claimed identity;
    • identification of an individual;
  • validation of credentials presented at enrolment to support authentication as required by risk management;
  • management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;
  • security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;
  • application of biometrics for logical and physical access control;
  • surveillance to protect the financial institution and its customers;
  • security of the physical hardware used throughout the biometric information life cycle.

ISO 19092-1:2006 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.


General information 

  •  :  Withdrawn
     : 2006-12
  •  : 1
     : 81
  •  : ISO/TC 68/SC 2 Financial Services, security
  •  :
    03.060 Finances. Banking. Monetary systems. Insurance
    35.240.40 IT applications in banking

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information.