ISO/IEC CD 27553-2.2

Information security, cybersecurity and privacy protection — Security and privacy requirements for authentication using biometrics on mobile devices — Part 2: Remote modes ISO/IEC CD 27553-2.2

General information

Current stage: 30.00 Committee draft (CD) registered Nov 30, 2023

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

Type: International Standard

ICS: 35.030 IT Security

Scope

This document provides high level security and privacy requirements for authentication using biometrics on mobile devices, including security and privacy requirements for functional components, for communication, for storage and for remote processing.
This document is applicable to remote modes, i.e., the cases that:
- the biometric sample is captured through mobile devices;
- the biometric data or derived biometric data are transmitted between the mobile devices and the remote services in either or both directions.
The cases that the biometric data or derived biometric data never leave the mobile devices (i.e., local modes) are out of scope for this document.
The preliminary steps for biometric enrolment before authentication procedure are out of scope for this document.
The use of biometric identification as part of the authentication procedure is out of scope for this document.

Life cycle

NOW

IN_DEVELOPMENT
ISO/IEC CD 27553-2.2
30.00 Committee draft (CD) registered
Nov 30, 2023