ISO/IEC 27553-2:2025

Information security, cybersecurity and privacy protection — Security and privacy requirements for authentication using biometrics on mobile devices — Part 2: Remote modes

Publication date: Jul 9, 2025

General information

Current stage: 60.60 Effective date: Jul 9, 2025

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27

Type: International Standard

ICS: 35.030

Languages: English

Buying

Status: Published

PDF

Paper

PDF and Paper

Language

Language in which you want to receive the document.

Scope

This document provides high-level security and privacy requirements for authentication using biometrics on mobile devices, in particular, for functional components, communication, storage and remote processing.
This document is applicable to remote modes, i.e. the cases where:
—     the biometric sample is captured through mobile devices, and
—     the biometric data or derived biometric data are transmitted between the mobile devices and the remote services in either or both directions.
The following are out of scope of this document:
—     the cases where the biometric data or derived biometric data never leave the mobile devices (i.e. local modes),
—     the preliminary steps for biometric enrolment before authentication procedure, and
—     the use of biometric identification as part of the authentication.

Life cycle

NOW

PUBLISHED
ISO/IEC 27553-2:2025
60.60 Standard published
Jul 9, 2025