DANSK DS/ISO 12931 PDF

This document specifies performance criteria and evaluation methodology for authentication solutions used to establish material good authenticity throughout the entire material good lifecycle. It does not specify how technical solutions achieve these performance criteria. This document is intended for all types and sizes of organisations that require the ability to validate the authenticity of material goods. It is intended to guide such organisations in the determination of the categories of authentication elements they need to combat those risks, and the criteria for selection of authentication elements which provide those categories, having undertaken a counterfeiting risk analysis. The performance criteria will be considered by organisations in relation to their specific situation. This document is focused upon the authentication of material goods: - covered by intellectual property rights, - and/or covered by relevant national or regional regulation, - and/or with safety and public health implications, - and/or otherwise with a distinctive identity. This document focuses on material goods. It is not intended to apply to for example: goods used in the financial sector, official administrative papers, identity documents or to downloadable products. Nor does this document apply to technologies or systems designed for the tracking and tracing of material goods. Track and trace on its own is not an authentication solution and is therefore outside the scope of this document. This document does not deal with economical criteria aiming to correlate performance and costs of the authentication solutions. Some industries and services may have special regulatory requirements which would require additional functionality to supersede part(s) of the present standard. All entities making use of this standard shall respect national, regional and international laws and regulations especially on privacy and safety. This international standard is intended to contribute to an organisation's understanding of its authentication needs, possible strategies, and challenges. The standard is intended to give the organisation a set of criteria to analyse, specify and implement its authentication solutions. The organisation will determine the level of security assurance required for the selected authentication solution. The authentication solution provider shall match the risk and security requirements of the organisation. This standard is not intended to constrain the organisation's choice of authentication technologies.