ISO/IEC INTERNATIONAL STANDARD 19989-1 First edition 2020-09 Information security - Criteria and methodology for security evaluation of biometric systems Part 1: Framework Sécurité de I'information - Criteres et meéthodologie pour I'évaluation de la sécurité des systemes biométriques Partie 1: Cadre Reference number IEC IS0/IEC 19989-1:2020(E) ISO @IS0/IEC 2020 IS0/IEC 19989-1:2020(E) COPYRIGHT PROTECTED DOCUMENT @IS0/IEC2020 All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may below or ISo's member body in the country of the requester. ISO copyright office CP 40i : Ch. de Blandonnet 8 CH-1214 Vernier, Geneva Phone: +4122.749 0111 Email: [email protected] Website: www.iso.org Published in Switzerland ii IS0/IEC2020-Allrightsreserved IS0/IEC19989-1:2020(E) Contents Page Foreword vi Introduction. ..vii 1 Scope. .1 2 Normative references. .1 3 Terms and definitions. .1 4 Symbols and abbreviated terms. .3 5 General remarks. .4 6 Vulnerabilities in biometric systems and security evaluation .5 6.1 Categorization of common vulnerabilities of biometric systems 5 6.2 Biometric system and presentation attack detection .8 6.3 Categorization of TOEs in relation to the type of evaluation. 9 6.3.1 Biometric recognition performance evaluation. .9 6.3.2 PAD evaluation 10 7 Extended security functional components to Class FPT: Protection of the TSF .10 7.1 General 10 7.2 Presentation attack detection (FPT_PAD) 11 7.2.1 Familybehaviour. 11 7.2.2 Component levelling. 11 7.2.3 Management of FPT_PAD.1 11 7.2.4 Audit of FPT_PAD.1 11 7.2.5 FPT_PAD.1 Presentation attack detection. 11 7.3 Biometric capture with presentation attack detection (FPT_BCP) 12 7.3.1 Family behaviour 12 7.3.2 Component levelling. .12 7.3.3 Management of FPT_BCP.1 12 7.3.4 Management of FPT_BCP.2 .13 7.3.5 Audit of FPT_BCP.1 13 7.3.6 Audit of FPT_BCP.2 13 7.3.7 FPT_BCP.1 Check of biometric samples for capture. 13 7.3.8 FPT_BCP.2 Biometric capture with low failure rate. 13 8 Extended security functional components to Class FIA: Identification and authentication 14 8.1 General 14 8.2 Enrolment of biometric reference (FIA_EBR) 14 8.2.1 Family behaviour 14 8.2.2 Component levelling. 14 8.2.3 Management of FIA_EBR.1 15 8.2.4 Management of FIA_EBR.2 15 8.2.5 Audit of FIA_EBR.1 .15 8.2.6 Audit of FIA_EBR.2 15 8.2.7 FIA_EBR.1 Check of biometric samples for enrolment .15 8.2.8 FIA_EBR.2 Biometric enrolment with low failure to enrol rate. 16 8.3 Biometric verification (FIA_BVR) 16 8.3.1 Family behaviour 16 8.3.2 Component levelling. 16 8.3.3 Management of FIA_BVR.1 16 8.3.4 Management of FIA_BVR.2 16 8.3.5 Management of FIA_BVR.3 17 8.3.6 Management of FIA_BVR.4 17 8.3.7 Audit of FIA_BVR.1 .17 8.3.8 Audit of FIA_BVR.2 .17 @ IS0/IEC 2020 - All rights reserved ii IS0/IEC19989-1:2020(E) 8.3.9 Audit of FIA_BVR.3 17 8.3.10 Audit of FIA_BVR.4. 17 8.3.11 FIA_BVR.1 Biometric verification with high performance. 18 8.3.12 FIA_BVR.2 Timing of user authentication with biometric verification 18 8.3.13 FIA_BVR.3 User authentication with biometric verification before any action... .18 8.3.14 FIA_BVR.4 Biometric verification not accepting presentation attack instruments 19 8.4 Biometric identification (FIA_BID) 19 8.4.1 Family behaviour. 19 8.4.2 Component levelling 19 8.4.3 Management of FIA_BID.1 20 8.4.4 Management of FIA_BID.2 20 8.4.5 Management of FIA_BID.3. 20 8.4.6 Management of FIA_BID.4 20 8.4.7 Audit of FIA_BID.1 20 8.4.8 Audit of FIA_BID.2 20 8.4.9 Audit of FIA_BID.3 21 8.4.10 Audit of FIA_BID.4 21 8.4.11 FIA_BID.1 Biometric identification with high performance 21 8.4.12 FIA_BID.2 Timing of biometric identification 21 8.4.13 FIA_BID.3 Biometric identification before any action. 22 8.4.14 FIA_BID.4 Biometric identification not accepting presentation attack instruments 22 9 Supplementary activities to IS0/IEC 18045 on Class APE: Protection Profile evaluation...22 10 Supplementary activities to IS0/IEC 18045 on Class