ISO/IEC 27553 — Information technology — Security techniques — Security requirements for authentication using biometrics on mobile devices [DRAFT]

Introduction

This standard will provide high-level requirements for biometric authentication on mobile devices, including functional components and communications.

Scope of the standard

Biometrics are increasingly used for user authentication on mobile devices.

They are easier to use and harder to steal or fake than conventional passwords and tokens.

However, proliferating devices and approaches are fragmenting the market, hence standardization offers advantages for users and manufacturers.

This standard will outline commonplace information risks that biometric authentication methods should normally address.

Content of the standard

TBA.

Status

The project started in 2018.  The standard is due to be published at the end of 2021.

It is currently at WD stage.

Personal notes

Hmmm.  So an hour’s quite contemplation and brainstorming, maybe a risk workshop, isn’t enough for organizations to figure out their own information risks in this situation?  I’m unsure how this will standardize anything.

< Previous standard      ^ Up a level ^      Next standard >