The International Organization for Standards (ISO) and the International Electrotechnical Commission (IEC) have put out a new international standard to ensure security of biometric data processed online, according to a Manufacturing.Net article.
The new standard, called ISO/IEC 24745, was created out of a concern for the increasing use of biometric technologies for online authentication in such industries as health care and banking where personal and sensitive data could be accessed via one’s unchangeable biometric data.
More specifically, the worry that if one’s biometric data is compromised, IT departments can no longer depend on the traditional reissuance of online credentials such as a new user name and password to re-secure an account as that would require changing the user’s unique biometric characteristics.
ISO/IEC 24745 lists standards dealing with analysis of threats and countermeasures for biometric systems, security requirements for connecting a biometric profile with a user’s online data, models for different scenarios of the storage of data and models for the protection of biometric data during processing.
Read the full story here.