Biometric Payments Standard Issued
0802
The International Organization for Standardization (ISO) has published a standard for the implementation and management of biometric identification technology within the financial services industry.
The ISO says that the new standard, ISO 19092:2008, Financial services – Biometrics – Security Framework, is designed to increase the security of financial transactions that take place over electronic networks.
Biometrics, which includes technologies such as finger images, voice identification, eye scan and facial images, is increasingly considered as a reliable means of authentication, the ISO says. “Its (biometrics) advantage and appeal lies in its convenience and ease of use, its level of apparent security, performance and non-invasiveness,” the standards body says.
According to the ISO, the huge volume of electronic payments transactions exposes the financial community and its customers to severe risks from accidental or deliberate alteration, substitution or destruction of data. “There is therefore a strong need for an ironclad authentication method,” the ISO says.
ISO 19092:2008 describes the security framework for using biometrics for authentication of individuals in financial services. It outlines the various types of biometric technologies and addresses issues concerning their application, the ISO says.
Gartner payments security expert Avivah Litan says she welcomes the new standard.
“There is heightened interest among financial institutions and others in using biometric technology to authenticate individuals accessing their networks in a non-face-to-face environment,” Litan tells ePaynews. “With an increase in electronic fraud, user authentication based on biometrics – especially voice identification - is shaping up to be a practical and effective method to increase security, while maintaining customer convenience.”
According to Litan warns that delays in setting standards would run the risk that a large number of rival biometric protocols would be established. “This would make implementations much more costly to maintain further down the road,” Litan says.