Identification cards - Integrated circuit cards - Privacy-enhancing protocols and services

Designation Number:
CSA ISO/IEC 19286:19
Standard Type:
National Standard of Canada - Adoption of International Standard
Standard Development Activity:
Reaffirmation
ICS code(s):
35.040.15
Status:
Proceeding to development
SDO Comment Period Start Date:
SDO Comment Period End Date:
Posted On:

Scope:

Scope

This document aims to normalize privacy-enhancing protocols and services by

— using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy
— providing discoverability means of privacy-enabling attributes
— defining requirements for attribute-based credential handling, and
— identifying data objects and commands for ICCs.

Existing privacy-enhancing protocols available in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced with privacy protection. Secure communication between an ICC and an on-card device is also considered.

All the protocols and services described in this document contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.

Project need:

Project Need
To review the Standard within the required 5 year period.

Note: The information provided above was obtained by the Standards Council of Canada (SCC) and is provided as part of a centralized, transparent notification system for new standards development. The system allows SCC-accredited Standards Development Organizations (SDOs), and members of the public, to be informed of new work in Canadian standards development, and allows SCC-accredited SDOs to identify and resolve potential duplication of standards and effort.

Individual SDOs are responsible for the content and accuracy of the information presented here. The text is presented in the language in which it was provided to SCC.