ISO/IEC NP TS 23220-9

Cards and security devices for personal identification — Building blocks for identity management via mobile devices — Part 9: mDoc Fraud Reporting Mechanism for Verifiers

Апстракт

This new standard will define a standardized mechanism for Relying Parties (RPs) to report suspected fraudulent mobile documents (mDocs). This mechanism is triggered when an RP verifies a presented mDoc and detects potential fraud despite its verifiability and signature by the issuer.

This specification is limited to fraud scenarios where:
• The issuer of the mDoc is still trusted.
• The validity of the mDoc's signature can be confirmed.
• The fraud is detected by the RP based on contextual information after successful verification of the mDoc.

This specification does not cover:
• Impersonation of the issuer.
• Compromised issuer keys.
• Fraud detection based on the inability to verify the mDoc (e.g., signature failure).