ISO27k-aligned security awareness service
ISO/IEC 27553
Creative security awareness materials

Creative security awareness materials for your ISMS

Copyright © 2018 IsecT Ltd.

ISO/IEC 27553 — Information technology — Security techniques — Security requirements for authentication using biometrics on mobile devices [DRAFT]


This standard will provide high-level requirements for biometric authentication on mobile devices, including functional components and communications.


Scope of the standard

Biometrics are increasingly used for user authentication on mobile devices.

They are easier to use and harder to steal or fake than conventional passwords and tokens.

However, proliferating devices and approaches are fragmenting the market, hence standardization offers advantages for users and manufacturers.

This standard will outline commonplace information risks that biometric authentication methods should normally address.


Content of the standard




The project has just started (June 2018).


Personal notes

Hmmm.  So an hour’s quite contemplation and brainstorming, maybe a risk workshop, isn’t enough for organizations to figure out their own information risks in this situation?  I’m unsure how this will standardize anything.


< Previous standard      ^ Up a level ^      Next standard >