FB pixel

ETSI standard for mobile biometrics and security certified by French authority

ETSI standard for mobile biometrics and security certified by French authority
 

ETSI has had its suite of specifications for mobile device security and biometrics certified by France’s cybersecurity agency (ANSSI) under the Common Criteria framework.

The certification is the first by a national authority for comprehensive smartphone security assessments based on a comprehensive set of specifications, according to the announcement, setting up third-party certification tests.

ETSI’s Consumer Mobile Device Protection Profile standard is intended to identify the key security and privacy risks for users of mobile devices. Based on them, it provides criteria for security certification that manufacturers can use, and a methodology for evaluators to use in assessing consumer products. ETSI says it will be suitable for certifications under the European Cyber Resilience Act, when it enters into force this year later this year.

TS 103 732-1 and TS 103 732-2 are a “Base Protection Profile” and “Biometric Authentication Protection Profile Module,” respectively. The base profile defines what should be evaluated, the security challenges that need to be addressed, and the objectives for doing so. The biometric authentication profile sets false acceptance rate (FAR) of 1 in 50,000 for 2D face biometrics, 1 in 100,000 for 3D face, and 1 in 50,000 for fingerprints at a false rejection rate (FRR) of 1 in 20 for 2D face, 1 in 33 for 3D face, and 1 in 33 for fingerprint biometrics. Presentation attack detection (PAD) is out of scope for the specification.

TS 103 932-1 is a complementary technical specification defining the configuration for evaluations and merging the requirements of the other two.

The revised multi-part specification was written with contributions from stakeholders among OS developers, smartphone manufacturers, network operators, regulatory authorities and user associations, ETSI says.

ETSI Cybersecurity Technical Committee Chair Alex Leadbeater notes the prevalence of smartphones and tablets in people’s everyday lives. “Research by GSMA indicates that nine out of ten consumers globally are concerned over smartphone data security and privacy, with 64 percent of consumers citing security as being ‘very important’ in their criteria for buying a smartphone,” he says.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Privacy, free speech, children’s online safety collide in age assurance legal wars

By this point, the amount of collective hand wringing over children’s online safety and related age assurance legislation could surely…

 

St. Kitts and Nevis chooses Cybernetica as strategic adviser for digital ID system

St. Kitts and Nevis has chosen Cybernetica as strategic adviser as it implements a national digital identity system. Cybernetica is…

 

UK needs unified regulation for facial recognition: Biometrics Institute

The UK needs a clearer and consistent framework for governing facial recognition in public spaces as missteps in deploying the…

 

Cambodia: IDPoor Programme alleviates poverty as system continues digitization

The United Nations Development Programme has provided additional ICT equipment for Cambodia’s IDPoor Programme. The equipment includes 546 tablets, software…

 

Growth of digital wallet use shaking up payment regulations and benefits delivery

Digital wallets are transforming online, offline and cross-border payments around the world, prompting calls for regulatory change in Australis and…

 

Sardine nets $70M in Series C funding for automated fraud prevention platform

Sardine, a startup that employs machine learning for fraud prevention, compliance and credit underwriting, has announced a $70 million Series…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events