scope:

This International Standard provides guidance for the protection of biometric information under various requirements for confidentiality, integrity and renewability/revocability during storage and transfer. Additionally, this International Standard provides requirements and guidelines for the secure and privacy-compliant management and processing of biometric information. This International Standard specifies the following: . analysis of the threats to and countermeasures inherent in a biometric and biometric system application models; . security requirements for secure binding between a biometric reference and an identity reference; . biometric system application models with different scenarios for the storage of biometric references and comparison; and . guidance on the protection of an individual's privacy during the processing of biometric information. This International Standard does not include general management issues related to physical security, environmental security and key management for cryptographic techniques. - analysis of the threats to and countermeasures inherent in a biometric and biometric system application models; - security requirements for secure binding between a biometric reference and an identity reference; - biometric system application models with different scenarios for the storage of biometric references and comparison; and - guidance on the protection of an individual's privacy during the processing of biometric information. ISO/IEC 24745:2011 does not include general management issues related to physical security, environmental security and key management for cryptographic techniques.