FB pixel

ETSI standard for mobile biometrics and security certified by French authority

| Chris Burt
Categories Biometric R&D  |  Biometrics News  |  Mobile Biometrics
ETSI standard for mobile biometrics and security certified by French authority
 

ETSI has had its suite of specifications for mobile device security and biometrics certified by France’s cybersecurity agency (ANSSI) under the Common Criteria framework.

The certification is the first by a national authority for comprehensive smartphone security assessments based on a comprehensive set of specifications, according to the announcement, setting up third-party certification tests.

ETSI’s Consumer Mobile Device Protection Profile standard is intended to identify the key security and privacy risks for users of mobile devices. Based on them, it provides criteria for security certification that manufacturers can use, and a methodology for evaluators to use in assessing consumer products. ETSI says it will be suitable for certifications under the European Cyber Resilience Act, when it enters into force this year later this year.

TS 103 732-1 and TS 103 732-2 are a “Base Protection Profile” and “Biometric Authentication Protection Profile Module,” respectively. The base profile defines what should be evaluated, the security challenges that need to be addressed, and the objectives for doing so. The biometric authentication profile sets false acceptance rate (FAR) of 1 in 50,000 for 2D face biometrics, 1 in 100,000 for 3D face, and 1 in 50,000 for fingerprints at a false rejection rate (FRR) of 1 in 20 for 2D face, 1 in 33 for 3D face, and 1 in 33 for fingerprint biometrics. Presentation attack detection (PAD) is out of scope for the specification.

TS 103 932-1 is a complementary technical specification defining the configuration for evaluations and merging the requirements of the other two.

The revised multi-part specification was written with contributions from stakeholders among OS developers, smartphone manufacturers, network operators, regulatory authorities and user associations, ETSI says.

ETSI Cybersecurity Technical Committee Chair Alex Leadbeater notes the prevalence of smartphones and tablets in people’s everyday lives. “Research by GSMA indicates that nine out of ten consumers globally are concerned over smartphone data security and privacy, with 64 percent of consumers citing security as being ‘very important’ in their criteria for buying a smartphone,” he says.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Privacy doesn’t have to cost us great online services

By Andrew Black, Managing Director ConnectID and Sujeet Rana, Chief Digital Officer NAB For years, we accepted an implicit trade-off…

 

Alan Turing Institute reveals digital identity and DPI risks in Cyber Threats Observatory Workshop

Digital identity systems are showing growing vulnerabilities with commensurate risks for the development of DPI. The Alan Turing Institute launched…

 

Biometric identity verification gets caught up in great expectations and politics

The next generation of biometric identity verification collides with the politics of digital identity in the most-read articles of the…

 

Todd Morris named NEC NSS President as Dr. Kathleen Kiernan retires

Todd Morris is the new President of NEC National Security Systems (NEC NSS). Morris succeeds Dr. Kathleen Kiernan, who is retiring…

 

ISO’s mDL standard can’t guarantee issuer trustworthiness

The fear that the server retrieval capability supported by the ISO/IEC 18013 standard for mobile driver’s licenses (mDLs) could be…

 

One app, two app, three app, four: DECTA study shows users have ‘wallet fatigue’

While some see the concept of a “15-minute city” as sinister, advocates say they just don’t want to go very…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events