Customer Support: 131 242

  • There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Dismiss alert

ISO 19092:2008

Superseded
Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by
superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

Financial services — Biometrics — Security framework
Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Superseded date

02-03-2023

Language(s)

English

Published date

07-01-2008

Preview

ISO 19092:2008 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. ISO 19092:2008 also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner.

The following are within the scope of ISO 19092:2008:

  • usage of biometrics for the authentication of employees and persons seeking financial services by:
    • verification of a claimed identity;
    • identification of an individual;
  • validation of credentials presented at enrolment to support authentication as required by risk management;
  • management of biometric information across its life cycle comprised of the enrolment, transmission and storage, verification, identification and termination processes;
  • security of biometric information during its life cycle, encompassing data integrity, origin authentication and confidentiality;
  • application of biometrics for logical and physical access control;
  • surveillance to protect the financial institution and its customers;
  • security of the physical hardware used throughout the biometric information life cycle.

ISO 19092:2008 provides the mandatory means whereby biometric information may be encrypted for data confidentiality or other reasons.

DevelopmentNote
Supersedes ISO/FDIS 19092, ISO/DIS 19092-1 and ISO 19092-1. (01/2008)
DocumentType
Standard
Pages
77
PublisherName
International Organization for Standardization
Status
Superseded
SupersededBy
Supersedes

Standards Relationship
PN ISO 19092 : 2010 Identical
SANS 19092 : 1ED 2009(R2015) Identical
SANS 19092:2009(R2020) Identical

BS ISO/IEC 19784-1 : 2006 INFORMATION TECHNOLOGY - BIOMETRIC APPLICATION PROGRAMMING INTERFACE - PART 1: BIOAPI SPECIFICATION
ISO/IEC 19784-1:2018 Information technology — Biometric application programming interface — Part 1: BioAPI specification
BS ISO/IEC 24713-2:2008 Information technology. Biometric profiles for interoperability and data interchange Physical access control for employees at airports
BS ISO/IEC 24761:2009 Information technology. Security techniques. Authentication context for biometrics
PD ISO/TS 12812-2:2017 Core banking. Mobile financial services Security and data protection for mobile financial services
17/30349181 DC : 0 BS ISO/IEC 24760-1 AMENDMENT 1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR IDENTITY MANAGEMENT - PART 1: TERMINOLOGY AND CONCEPTS
10/30143797 DC : 0 BS ISO/IEC 24760-1 - INFROMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR IDENTITY MANAGEMENT - PART 1: TERMINOLOGY AND CONCEPTS
BS ISO/IEC 24760-1:2011 Information technology. Security techniques. A framework for identity management Terminology and concepts
ISO/TS 12812-2:2017 Core banking — Mobile financial services — Part 2: Security and data protection for mobile financial services
ANSI INCITS 383 : 2008(R2018) INFORMATION TECHNOLOGY - BIOMETRIC PROFILE - INTEROPERABILITY AND DATA INTERCHANGE - BIOMETRICS-BASED VERIFICATION AND IDENTIFICATION OF TRANSPORTATION WORKERS
BS ISO/IEC 24745:2011 Information technology. Security techniques. Biometric information protection
05/30107760 DC : DRAFT AUG 2005 ISO/IEC 24713-1 - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 1: BIOMETRIC REFERENCE ARCHITECTURE
16/30335561 DC : DRAFT APR 2016 BS ISO 37102 - SUSTAINABLE DEVELOPMENT AND RESILIENCE OF COMMUNITIES - VOCABULARY
INCITS/ISO/IEC 24713-2 : 2009 INFORMATION TECHNOLOGY - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 2: PHYSICAL ACCESS CONTROL FOR EMPLOYEES AT AIRPORTS
ISO/IEC TR 29195:2015 Traveller processes for biometric recognition in automated border control systems
ISO/IEC 24760-1:2011 Information technology Security techniques A framework for identity management Part 1: Terminology and concepts
ANSI INCITS 383 : 2008 : R2013 INFORMATION TECHNOLOGY - BIOMETRIC PROFILE - INTEROPERABILITY AND DATA INTERCHANGE - BIOMETRICS-BASED VERIFICATION AND IDENTIFICATION OF TRANSPORTATION WORKERS
10/30136309 DC : 0 BS ISO/IEC 24745 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION
ISO/IEC 24713-2:2008 Information technology Biometric profiles for interoperability and data interchange Part 2: Physical access control for employees at airports
INCITS/ISO/IEC 24761 : 2009(R2014) INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - AUTHENTICATION CONTEXT FOR BIOMETRICS
INCITS/ISO/IEC 24745 : 2012(R2017) INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BIOMETRIC INFORMATION PROTECTION
PD ISO/IEC TR 29195:2015 Traveller processes for biometric recognition in automated border
ISO/IEC 24761:2009 Information technology Security techniques Authentication context for biometrics
ISO/IEC 24745:2011 Information technology Security techniques Biometric information protection

ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
ISO/IEC 18032:2005 Information technology Security techniques Prime number generation
ISO 13491-1:2016 Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods
ISO/IEC 19790:2012 Information technology Security techniques Security requirements for cryptographic modules
ISO/TR 13569:2005 Financial services Information security guidelines
ISO/IEC Guide 73:2002 Risk management Vocabulary Guidelines for use in standards
AS ISO/IEC 19784.1:2019 Information technology - Biometric application programming interface BioAPI specification
ISO/IEC 17799:2005 Information technology Security techniques Code of practice for information security management
ISO/IEC 19784-1:2006 Information technology Biometric application programming interface Part 1: BioAPI specification
ISO/IEC 7816-11:2004 Identification cards Integrated circuit cards Part 11: Personal verification through biometric methods

View more information
$118.72
Including GST where applicable

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Need help?
Call us on 131 242, then click here to start a Screen Sharing session
so we can help right away! Learn more