ISO/IEC 19286:2018

Identification cards — Integrated circuit cards — Privacy-enhancing protocols and services

Publication date:   Jan 8, 2018

General information

90.93 Standard confirmed   Oct 3, 2023

ISO/IEC

ISO/IEC JTC 1/SC 17 Cards and security devices for personal identification

International Standard

35.240.15   Identification cards. Chip cards. Biometrics

Buying

  Published

PDF - €234.74

  English  



Buy

Scope

ISO/IEC 19286:2018 aims to normalize privacy-enhancing protocols and services by
- using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy,
- providing discoverability means of privacy-enabling attributes,
- defining requirements for attribute-based credential handling, and
- identifying data objects and commands for ICCs.
Existing privacy-enhancing protocols available in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced with privacy protection. Secure communication between an ICC and an on-card device is also considered.
All the protocols and services described in this document contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.

Life cycle

NOW

PUBLISHED
ISO/IEC 19286:2018
90.93 Standard confirmed
Oct 3, 2023