ISO/IEC 24745:2011 provides guidance for the protection of biometric information under various requirements for confidentiality, integrity and renewability/revocability during storage and transfer. Additionally, ISO/IEC 24745:2011 provides requirements and guidelines for the secure and privacy-compliant management and processing of biometric information.
ISO/IEC 24745:2011 specifies the following:
- analysis of the threats to and countermeasures inherent in a biometric and biometric system application models;
- security requirements for secure binding between a biometric reference and an identity reference;
- biometric system application models with different scenarios for the storage of biometric references and comparison; and
- guidance on the protection of an individual's privacy during the processing of biometric information.
ISO/IEC 24745:2011 does not include general management issues related to physical security, environmental security and key management for cryptographic techniques.
Status: WithdrawnPublication date: 2011-06
Edition: 1Number of pages: 50
Technical Committee: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection