.
...
Biometric security
A new series of International Standards has just been published.
An effective means of verifying identification, the use of biometrics is increasingly widespread and ensuring its security is, therefore, essential.
Threats to biometric systems can come in the form of presentation attacks, where an attempt to subvert the system security policy is made by presenting natural biometric characteristics or artefacts holding copied or faked characteristics.
ISO/IEC 19989-2Information security – Criteria and methodology for security evaluation of biometric systems – Part 2: Biometric recognition performance, provides requirements and recommendations to the developer and the evaluator of biometric systems for the supplementary activities on biometric recognition performance specified in ISO/IEC 19989-1.
ISO/IEC 19989-3Information security – Criteria and methodology for security evaluation of biometric systems – Part 3: Presentation attack detection, is dedicated to security evaluation of presentation attack detection applying the ISO/IEC 15408 series. It provides recommendations and requirements to the developer and the evaluator for the supplementary activities on presentation attack detection specified in ISO/IEC 19989-1. The series of standards ISO/IEC 19989Information security – Criteria and methodology for security evaluation of biometric systems, has just been published to help ensure they are protected from such attacks.