CSA ISO/IEC 19286:19

Identification cards — Integrated circuit cards — Privacy-enhancing protocols and services
1 Scope This document aims to normalize privacy-enhancing protocols and services by — using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy, — providing discoverability means of privacy-enabling attributes, — defining requirements for attribute-based credential handling, and — identifying data objects and commands for ICCs. Existing privacy-enhancing protocols available in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced with privacy protection. Secure communication between an ICC and an on-card device is also considered. All the protocols and services described in this document contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.
SDO:
CSA
Language:
English
ICS Codes:
35.240.15
Status:
Standard
Publish date:
2019-05-31
Standard Number:
CSA ISO/IEC 19286:19