ISO 19092:2008
Superseded
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Financial services — Biometrics — Security framework
Available format(s)
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
Superseded date
02-03-2023
Superseded by
Language(s)
English
Published date
07-01-2008
Important note : All end users must be registered with an Account prior to user licenses being assigned.
ISO 19092:2008 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092:2008 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.
The following are within the scope of ISO 19092:2008:
- usage of biometrics for the authentication of employees and persons seeking financial services by:
- verification of a claimed identity;
- identification of an individual;
- validation of credentials presented at enrolment to support authentication as required by risk management;
- management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;
- security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;
- application of biometrics for logical and physical access control;
- surveillance to protect the financial institution and its customers;
- security of the physical hardware used throughout the biometric information life cycle.
ISO 19092:2008 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.
| DevelopmentNote |
Supersedes ISO/FDIS 19092, ISO/DIS 19092-1 and ISO 19092-1. (01/2008)
|
| DocumentType |
Standard
|
| Pages |
77
|
| PublisherName |
International Organization for Standardization
|
| Status |
Superseded
|
| SupersededBy | |
| Supersedes |
| Standards | Relationship |
| PN ISO 19092 : 2010 | Identical |
| BS ISO/IEC 19784-1 : 2006 | INFORMATION TECHNOLOGY - BIOMETRIC APPLICATION PROGRAMMING INTERFACE - PART 1: BIOAPI SPECIFICATION |
| ISO/IEC 19784-1:2018 | Information technology — Biometric application programming interface — Part 1: BioAPI specification |
| BS ISO/IEC 24713-2:2008 | Information technology. Biometric profiles for interoperability and data interchange Physical access control for employees at airports |
| BS ISO/IEC 24761:2009 | Information technology. Security techniques. Authentication context for biometrics |
| PD ISO/TS 12812-2:2017 | Core banking. Mobile financial services Security and data protection for mobile financial services |
| 17/30349181 DC : 0 | BS ISO/IEC 24760-1 AMENDMENT 1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR IDENTITY MANAGEMENT - PART 1: TERMINOLOGY AND CONCEPTS |
| 10/30143797 DC : 0 | BS ISO/IEC 24760-1 - INFROMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR IDENTITY MANAGEMENT - PART 1: TERMINOLOGY AND CONCEPTS |
| BS ISO/IEC 24760-1:2011 | Information technology. Security techniques. A framework for identity management Terminology and concepts |
| ISO/TS 12812-2:2017 | Core banking — Mobile financial services — Part 2: Security and data protection for mobile financial services |
| ANSI INCITS 383 : 2008(R2018) | INFORMATION TECHNOLOGY - BIOMETRIC PROFILE - INTEROPERABILITY AND DATA INTERCHANGE - BIOMETRICS-BASED VERIFICATION AND IDENTIFICATION OF TRANSPORTATION WORKERS |
| BS ISO/IEC 24745:2011 | Information technology. Security techniques. Biometric information protection |
| 05/30107760 DC : DRAFT AUG 2005 | ISO/IEC 24713-1 - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 1: BIOMETRIC REFERENCE ARCHITECTURE |
| 16/30335561 DC : DRAFT APR 2016 | BS ISO 37102 - SUSTAINABLE DEVELOPMENT AND RESILIENCE OF COMMUNITIES - VOCABULARY |
| INCITS/ISO/IEC 24713-2 : 2009 | INFORMATION TECHNOLOGY - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 2: PHYSICAL ACCESS CONTROL FOR EMPLOYEES AT AIRPORTS |
| ISO/IEC TR 29195:2015 | Traveller processes for biometric recognition in automated border control systems |
| ISO/IEC 24760-1:2011 | Information technology Security techniques A framework for identity management Part 1: Terminology and concepts |
| ANSI INCITS 383 : 2008 : R2013 | INFORMATION TECHNOLOGY - BIOMETRIC PROFILE - INTEROPERABILITY AND DATA INTERCHANGE - BIOMETRICS-BASED VERIFICATION AND IDENTIFICATION OF TRANSPORTATION WORKERS |
| 10/30136309 DC : 0 | BS ISO/IEC 24745 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION |
| ISO/IEC 24713-2:2008 | Information technology Biometric profiles for interoperability and data interchange Part 2: Physical access control for employees at airports |
| INCITS/ISO/IEC 24761 : 2009(R2014) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS |
| INCITS/ISO/IEC 24745 : 2012(R2017) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION |
| PD ISO/IEC TR 29195:2015 | Traveller processes for biometric recognition in automated border |
| ISO/IEC 24761:2009 | Information technology Security techniques Authentication context for biometrics |
| ISO/IEC 24745:2011 | Information technology Security techniques Biometric information protection |
| ISO/IEC 18031:2011 | Information technology Security techniques Random bit generation |
| ISO/IEC 18032:2005 | Information technology Security techniques Prime number generation |
| ISO 13491-1:2016 | Financial services — Secure cryptographic devices (retail) — Part 1: Concepts, requirements and evaluation methods |
| ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
| ISO/TR 13569:2005 | Financial services Information security guidelines |
| ISO/IEC Guide 73:2002 | Risk management Vocabulary Guidelines for use in standards |
| AS ISO/IEC 19784.1:2019 | Information technology - Biometric application programming interface BioAPI specification |
| ISO/IEC 17799:2005 | Information technology Security techniques Code of practice for information security management |
| ISO/IEC 19784-1:2006 | Information technology Biometric application programming interface Part 1: BioAPI specification |
| ISO/IEC 7816-11:2004 | Identification cards Integrated circuit cards Part 11: Personal verification through biometric methods |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.