# Standards & Specifications

At MOSIP (Modular Open Source Identity Platform), we are committed to building a secure, interoperable, and privacy-centric identity system for nations worldwide. MOSIP adheres to internationally recognized standards in biometric authentication, security, cryptography, privacy, and interoperability to ensure the highest levels of security, efficiency, and compliance.

#### **1. Why Standards Matters?** <a href="#id-1.-why-standard-matters" id="id-1.-why-standard-matters"></a>

By following these global standards, MOSIP ensures that our identity platform is:\
\
✅ **Secure** – Protecting citizens’ data from cyber threats.\
✅ **Privacy-First** – Upholding the highest standards of data protection.\
✅ **Scalable & Future-Ready** – Enabling nations to build robust digital identity programs.\
✅ **Interoperable** – Seamlessly integrating with digital identity solutions worldwide.

#### **2. Our Adherence to Global Standards** <a href="#id-2.-our-adherence-to-global-standards" id="id-2.-our-adherence-to-global-standards"></a>

### **1. Biometric Standards for Secure Identity Verification** <a href="#id-1.-biometric-standards-for-secure-identity-verification" id="id-1.-biometric-standards-for-secure-identity-verification"></a>

To ensure seamless biometric interoperability and security, MOSIP follows:

* **ISO/IEC 19794** – Standardized biometric data formats for fingerprints, iris, and facial recognition.
* [**CBEFF** ](https://docs.mosip.io/1.2.0/id-lifecycle-management/supporting-components/biometrics/cbeff-xml#cbeff)**(Common Biometric Exchange Formats Framework)** – Facilitates interoperability and efficient biometric data exchange.
* **IEEE P3167 (DRAFT)** – Strengthening the trustworthiness of biometric devices and their captured data while ensuring overall data security.

### **2. Security & Cryptography Standards for Data Protection** <a href="#id-2.-security-and-cryptography-standards-for-data-protection" id="id-2.-security-and-cryptography-standards-for-data-protection"></a>

To guarantee robust data security and encryption, MOSIP aligns with:

* **NIST Cybersecurity Framework** – Provides guidelines for IT security evaluation and risk management.
* **RSA, EC, JSE** – Implements industry-standard cryptographic algorithms for secure encryption and data integrity.

### **3. Open Standards for Seamless Interoperability** <a href="#id-3.-open-standards-for-seamless-interoperability" id="id-3.-open-standards-for-seamless-interoperability"></a>

To enable effortless integration with national and global identity ecosystems, MOSIP adopts:

* **OAuth 2.0 / OpenID Connect** – Providing secure and scalable authentication mechanisms.
* **REST, OpenAPI Standards** – Ensuring standardized communication across different platforms.
* **JMS (Java Message Service) & WebSub** – Facilitating real-time messaging and event-driven architecture.

### **4. MOSIP Standards** <a href="#id-3.-open-standards-for-seamless-interoperability" id="id-3.-open-standards-for-seamless-interoperability"></a>

* **Claim 169** – A globally registered specification under the [IANA CBOR Web Token (CWT) registry](https://www.iana.org/assignments/cwt/cwt.xhtml), developed by [MOSIP (Modular Open Source Identity Platform).](https://www.mosip.io/) It allows demographic and biometric data (like a low-res face image) to be embedded in a digitally signed QR code, enabling reliable offline identity verification. [Click here](https://docs.mosip.io/1.2.0/readme/standards-and-specifications/mosip-standards/169-qr-code-specification) to know more.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.mosip.io/1.2.0/readme/standards-and-specifications.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.