ISO/IEC 24745:2022

Information security, cybersecurity and privacy protection — Biometric information protection

Publication date:   Feb 8, 2022

General information

60.60 Standard published   Feb 8, 2022

ISO/IEC

ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

International Standard

35.030   IT Security

Buying

  Published

PDF - €234.74

  English  



Buy

Scope

This document covers the protection of biometric information under various requirements for confidentiality, integrity and renewability/revocability during storage and transfer. It also provides requirements and recommendations for the secure and privacy-compliant management and processing of biometric information.
This document specifies the following:
—    analysis of the threats to and countermeasures inherent to biometrics and biometric system application models;
—    security requirements for securely binding between a biometric reference (BR) and an identity reference (IR);
—    biometric system application models with different scenarios for the storage and comparison of BRs;
—    guidance on the protection of an individual's privacy during the processing of biometric information.
This document does not include general management issues related to physical security, environmental security and key management for cryptographic techniques.

Life cycle

PREVIOUSLY

WITHDRAWN
ISO/IEC 24745:2011

NOW

PUBLISHED
ISO/IEC 24745:2022
60.60 Standard published
Feb 8, 2022