FB pixel

ETSI standard for mobile biometrics and security certified by French authority

ETSI standard for mobile biometrics and security certified by French authority
 

ETSI has had its suite of specifications for mobile device security and biometrics certified by France’s cybersecurity agency (ANSSI) under the Common Criteria framework.

The certification is the first by a national authority for comprehensive smartphone security assessments based on a comprehensive set of specifications, according to the announcement, setting up third-party certification tests.

ETSI’s Consumer Mobile Device Protection Profile standard is intended to identify the key security and privacy risks for users of mobile devices. Based on them, it provides criteria for security certification that manufacturers can use, and a methodology for evaluators to use in assessing consumer products. ETSI says it will be suitable for certifications under the European Cyber Resilience Act, when it enters into force this year later this year.

TS 103 732-1 and TS 103 732-2 are a “Base Protection Profile” and “Biometric Authentication Protection Profile Module,” respectively. The base profile defines what should be evaluated, the security challenges that need to be addressed, and the objectives for doing so. The biometric authentication profile sets false acceptance rate (FAR) of 1 in 50,000 for 2D face biometrics, 1 in 100,000 for 3D face, and 1 in 50,000 for fingerprints at a false rejection rate (FRR) of 1 in 20 for 2D face, 1 in 33 for 3D face, and 1 in 33 for fingerprint biometrics. Presentation attack detection (PAD) is out of scope for the specification.

TS 103 932-1 is a complementary technical specification defining the configuration for evaluations and merging the requirements of the other two.

The revised multi-part specification was written with contributions from stakeholders among OS developers, smartphone manufacturers, network operators, regulatory authorities and user associations, ETSI says.

ETSI Cybersecurity Technical Committee Chair Alex Leadbeater notes the prevalence of smartphones and tablets in people’s everyday lives. “Research by GSMA indicates that nine out of ten consumers globally are concerned over smartphone data security and privacy, with 64 percent of consumers citing security as being ‘very important’ in their criteria for buying a smartphone,” he says.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

EU watchdog rules airport biometrics must be passenger-controlled to comply with GDPR

The use of facial recognition to streamline air passenger’s travel journeys only complies with Europe’s data protection regulations in certain…

 

NZ’s biometric code of practice could worsen privacy: Business group

New Zealand is working on creating a biometrics Code of Practice as the country introduces more facial recognition applications. A…

 

Demonstrating value, integrated payments among key digital ID building blocks

Estonia has achieved an enviable level of user-centricity with its national digital identity system through careful legislation and fostering collaboration…

 

Strata Identity launches uninterrupted identity services product

There are a few things that can be more annoying than your office computer logging you out of applications because…

 

Digital identities shaking up identity verification industry: Regula

The arrival of digital identities is shaking up how companies operate and verify identities. Regula has published a survey with…

 

Digital ID for air travel is DPI that could lift Africa’s economy, HID argues

As the African continent experiences economic growth and increasing global integration, the potential for enhancing air travel through improved digital…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events