It specifies a full interface for such hardware-based biometric modules. This interface, called Embedded BioAPI, is defined by the specification of commands to be implemented by these modules. Such a specification is done on two levels.
Low level implementation is not covered by ISO/IEC 29164:2011.
Security mechanisms, although considered, are outside of the scope of ISO/IEC 29164:2011, and are referred to in other relevant standards. In particular, key management is outside of the scope of ISO/IEC 29164:2011, and is expected to be done prior to the application of ISO/IEC 29164:2011.
Specifications and requirements for Embedded BioAPI subcomponents, or any kind of devices suitable to implement Embedded BioAPI, are also outside of the scope of ISO/IEC 29164:2011.