X9 X9。84-2018描述了使用生物识别技术对金融服务中的个人进行身份验证的安全框架。它介绍了生物识别技术的类型，并解决了有关其应用的问题。本标准还描述了实施架构，规定了有效管理的最低安全要求，并提供了适合专业从业者使用的控制目标和建议。在本标准的范围内，讨论了以下主题:生物特征数据收集、分发和处理的安全性，包括数据完整性、数据保密性、来源真实性和不可否认性。在整个生命周期内管理生物特征数据，包括注册、传输和存储、验证、识别和终止过程。生物识别技术的使用，包括- 一对一和一对多匹配，用于识别和认证银行客户和员工。生物识别技术在内部和外部以及逻辑和物理访问控制中的应用。生物特征信息的封装和加密保护，以实现安全性、互操作性和数据保密性。加密、签密、标记化方法和生物特征政策，用于在生物特征信息的生命周期内安全传输和存储生物特征信息。在整个生物特征数据生命周期中使用的物理硬件的安全性。用于生物特征信息的数据完整性、来源真实性和数据保密性的加密技术。根据风险管理的要求，验证注册时出示的凭证，以支持认证；监督以保护金融机构及其客户。

X9 X9.84-2018 describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. This standard also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner. Within the scope of this standard the following topics are addressed:Security for the collection, distribution, and processing, of biometric data, encompassing data integrity, data confidentiality, origin authenticity, and non-repudiation.Management of biometric data across its life cycle comprised of the enrollment, transmission and storage, verification, identification, and termination processes.Usage of biometric technology, including one-to-one and one-to-many matching, for the identification and authentication of banking customers and employees.Application of biometric technology for internal and external, as well as logical and physical access control.Encapsulation and cryptographic protection of biometric information for security, interoperability, and data confidentiality.Encryption, signcryption, tokenization methods, and biometric policy for privacySecure transmission and storage of biometric information during its life cycle.Security of the physical hardware used throughout the biometric data life cycle.Cryptographic techniques for data integrity, origin authenticity, and data confidentiality of biometric information.Validation of credentials presented at enrollment to support authentication as required by risk management;Surveillance to protect the financial institution and its customers.