Information technology - Guidance for biometric enrolment

CSA Group
Standards Development Organisation:
Canadian Standards Association (operating as CSA Group)
Working Program:
View the CSA work program
Designation Number:
CSA ISO/IEC TR 29196
Standard Type:
National Standard of Canada - Adoption of International Standard
Standard Development Activity:
New Standard
Status:
Proceeding to development
SDO Comment Period Start Date:
SDO Comment Period End Date:
Posted On:

Scope:

This document consolidates information relating to successful, secure and usable implementation of biometric enrolment processes, while indicating risk factors that organisations proposing to use biometric technologies will should address during procurement, design, deployment and operation. Much of the information is generic to many types of application, e.g. from national scale commercial and government applications, to closed systems for in-house operations, and to consumer applications.

However, the intended application and its purpose often have influence on the necessary enrolment data quality and are intended to be taken into account when specifying an enrolment system and process.

 

The document points out the differences in operation relating to specific types of application, e.g. where self-enrolment is more appropriate than attended operation. This document focuses on mandatory, attended enrolment at fixed locations. In summary, this document consolidates information relating to better practice implementation of biometric enrolment capability in various business contexts including considerations of process, function (system), and technology, as well as legal/privacy and policy aspects.

 

The document provides guidance on collection and storage of biometric enrolment data and the impact on dependent processes of verification and identification. This document does not include material specific to forensic and law enforcement applications.

 

This document does not contain any mandatory requirements. The following terms are used in this document to provide guidance.

 

The terms “should” and “should not” indicate that among several possibilities one is recommended as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessarily required, or that (in the negative form) a certain possibility or course of action is discouraged but not prohibited.

 

The term “may” indicates a course of action permissible within the limits of the publication.

 

The terms “can” and “cannot” indicate a possibility and capability, whether material, physical or causal.

Project need:

To align Canadian requirements with those of the respective international standards being proposed for adoption. To maintain alignment between Canadian information and communication technology standards and each respective international standard

Note: The information provided above was obtained by the Standards Council of Canada (SCC) and is provided as part of a centralized, transparent notification system for new standards development. The system allows SCC-accredited Standards Development Organizations (SDOs), and members of the public, to be informed of new work in Canadian standards development, and allows SCC-accredited SDOs to identify and resolve potential duplication of standards and effort.

Individual SDOs are responsible for the content and accuracy of the information presented here. The text is presented in the language in which it was provided to SCC.