iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CEN

FprCEN/TS 18139

(Main)

Personal identification - European guide for biometric recognition applications based on ID documents (ERG)

Personal identification - European guide for biometric recognition applications based on ID documents (ERG)

This document defines requirements and provides guidance on:
-   capturing of facial images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
-   capturing of fingerprint images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
-   data quality maintenance for biometric data captured by/for verification or identification applica-tions;
-   data authenticity maintenance for biometric data captured by/for verification or identification ap-plications.
This document addresses the following aspects which are specific for biometric data capturing:
-   biometric data quality and interoperability assurance;
-   data authenticity assurance;
-   morphing and other presentation attacks and biometric data injection attacks;
-   accessibility and usability;
-   recognition algorithms and their evaluation;
-   privacy and data protection;
-   optimal process design.
The following aspects are out of scope:
-   other aspects of IT security;
-   data capturing for ID document enrolment purposes, e.g. passport or ID card enrolment.

Persönliche Identifikation - Europäischer Leitfaden für Verifikationsanwendungen auf der Grundlage von ID-Dokumenten (EVG)

Identification des personnes - Guide européen pour les applications de reconnaissance biométrique basées sur des documents d'identité (ERG)

Osebna identifikacija - Evropski vodnik za aplikacije biometričnega prepoznavanja na podlagi osebnih dokumentov (ERG)

General Information

Status
Not Published
Publication Date
02-Apr-2025
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
CEN/TC 224 - Machine-readable cards, related device interfaces and operations
Drafting Committee
CEN/TC 224/WG 18 - Interoperability of biometric recorded data
Current Stage
5020 - Submission to Vote - Formal Approval
Start Date
14-Nov-2024
Due Date
13-Jan-2025
Completion Date
14-Nov-2024
Ref Project
kSIST-TS FprCEN/TS 18139:2025 - Personal identification - European guide for biometric recognition applications based on ID documents (ERG)

Buy Standard

kTS FprCEN/TS 18139:2025 - BARVEkTS FprCEN/TS 18139:2025 - BARVE
PreviousNext
Draft
kTS FprCEN/TS 18139:2025 - BARVE
English language
30 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-januar-2025
Osebna identifikacija - Evropski vodnik za aplikacije biometričnega
prepoznavanja na podlagi osebnih dokumentov (ERG)
Personal identification - European guide for biometric recognition applications based on
ID documents (ERG)
Persönliche Identifikation - Europäischer Leitfaden für Verifikationsanwendungen auf der
Grundlage von ID-Dokumenten (EVG)
Identification des personnes - Guide européen pour les applications de reconnaissance
biométrique basées sur des documents d'identité (ERG)
Ta slovenski standard je istoveten z: FprCEN/TS 18139
ICS:
35.240.15 Identifikacijske kartice. Čipne Identification cards. Chip
kartice. Biometrija cards. Biometrics
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

FINAL DRAFT
TECHNICAL SPECIFICATION
SPÉCIFICATION TECHNIQUE
TECHNISCHE SPEZIFIKATION
November 2024
ICS 35.240.15
English Version
Personal identification - European guide for biometric
recognition applications based on ID documents (ERG)
Identification des personnes - Guide européen pour les Persönliche Identifikation - Europäischer Leitfaden für
applications de reconnaissance biométrique basées sur Verifikationsanwendungen auf der Grundlage von ID-
des documents d'identité (ERG) Dokumenten (EVG)

This draft Technical Specification is submitted to CEN members for Vote. It has been drawn up by the Technical Committee
CEN/TC 224.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are
aware and to provide supporting documentation.

Warning : This document is not a Technical Specification. It is distributed for review and comments. It is subject to change
without notice and shall not be referred to as a Technical Specification.

EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2024 CEN All rights of exploitation in any form and by any means reserved Ref. No. FprCEN/TS 18139:2024 E
worldwide for CEN national Members.

Contents Page
European foreword . 3
Introduction . 4
1 Scope . 5
2 Normative references . 5
3 Terms and definitions . 6
4 Abbreviated terms . 8
5 Overview of biometric recognition systems . 9
5.1 Concept . 9
5.2 Biometric references . 9
5.3 Types of identity documents . 9
5.3.1 General. 9
5.3.2 ePassport . 10
5.3.3 National identity cards. 10
5.3.4 Schengen visa . 10
5.3.5 Driving licence . 10
5.3.6 Residence permit . 10
5.4 Topologies of identity recognition systems . 10
6 Data protection and privacy . 11
6.1 General. 11
6.2 Obligation to provide information about data processing . 11
6.3 Right of access and right to erasure . 12
6.4 Sharing data with third countries and international organizations . 12
6.5 Saving data for statistic reasons . 12
7 Biometric systems used for recognition . 12
7.1 General requirements and recommendations . 12
7.1.1 Usability and accessibility . 12
7.1.2 Quality or score driven approaches . 14
7.1.3 Evaluation . 16
7.1.4 Biometric security functions . 16
7.1.5 Interoperability assurance . 19
7.1.6 Biometric data quality . 19
7.1.7 Data authenticity assurance . 19
7.1.8 Logging . 20
7.2 Recommendations for biometric systems . 20
7.2.1 Recommendations for face biometrics . 20
7.2.2 Requirements and recommendations for fingerprint biometrics . 24
7.3 Contexts for recognition via biometrics . 26
7.3.1 Automated border control. 26
7.3.2 Manual border control . 27
7.3.3 Mobile recognition . 27
7.3.4 Passenger flow facilitation . 27
Bibliography . 29
European foreword
This document (FprCEN/TS 18139:2024) has been prepared by Technical Committee CEN/TC 224 “Per-
sonal identification, electronic signature and cards and their related systems and operations”, the secre-
tariat of which is held by AFNOR.
This document is currently submitted to the Vote on TS.
Introduction
Biometric reference data for ID documents meanwhile are highly standardized by ISO, ICAO, and CEN.
Within CEN, this work is done by TC 224/WG 18 in close cooperation with the Article 6 Technical Sub-
group and FRONTEX. Several International Standards, in particular ISO/IEC 19794 series and
ISO/IEC 39794 series, achieve technical interoperability of biometric data.
With CEN/TS 17661 [1] the enrolment of biometric data for identity documents has been profiled specif-
ically for European needs. However, biometric data is captured in many other situations as well, even in
the context of ID documents, in particular for verification applications like automated or manual border
control, or temporary enrolment into entry/exit systems. This gap shall be addressed by this TS.
During the development of the TS, a close cooperation between WG18 and the EU has been maintained
to ensure that the needs of the Member States are exactly met.
The document gives recommendations for
• Capturing of facial images for verification applications mainly using reference data stored in identity
documents or traveller/visa databases, covering data quality and interoperability, data authenticity,
morphing and presentation attack detection in several environments,
• Capturing of fingerprint images for verification applications mainly using reference data stored in
identity documents or traveller/visa databases, covering data quality and interoperability, data au-
thenticity, and presentation attack detection in several environments, and
• Processes handling such biometric data for verification and identification purposes considering se-
curity as well as privacy aspects.
This document covers biometric recognition applications based on ID documents. Biometric recognition
applications within the frame of this document are corresponding to the definition of biometric recogni-
tion systems in ISO/IEC 2382-37:2022 encompassing identification and verification systems. This means
that biometric recognition applications should be considered as a subsystem of a complete identity veri-
fication system. Identity verification systems can be ABC gates, inspection systems, mobile phones etc.
1 Scope
This document defines requirements and provides guidance on:
• capturing of facial images to be used for verification or identification purposes in applications based
on reference images in identity or similar documents and traveller or visa databases;
• capturing of fingerprint images to be used for verification or identification purposes in applications
based on reference images in identity or similar documents and traveller or visa databases;
• data quality maintenance for biometric data captured by/for verification or identification applica-
tions;
• data authenticity maintenance for biometric data captured by/for verification or identification ap-
plications.
This document addresses the following aspects which are specific for biometric data capturing:
• biometric data quality and interoperability assurance;
• data authenticity assurance;
• morphing and other presentation attacks and biometric data injection attacks;
• accessibility and usability;
• recognition algorithms and their evaluation;
• privacy and data protection;
• optimal process design.
The following aspects are out of scope:
• other aspects of IT security;
• data capturing for ID document enrolment purposes, e.g. passport or ID card enrolment.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content consti-
tutes requirements of this document. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 2382-37:2022, Information technology - Vocabulary - Part 37: Biometrics
ISO/IEC 29794-4, Information technology - Biometric sample quality – Part 4: Finger image data
ISO/IEC 29794-5, Information technology - Biometric sample quality – Part 5: Face image data
ISO/IEC 39794-4, Information technology - Extensible biometric data interchange formats - Part 4: Finger
image data
ISO/IEC 39794-5, Information technology - Extensible biometric data interchange formats - Part 5: Face
image data
3 Terms and definitions
For the purpose of this document, the terms and definitions given in ISO/IEC 2382-37 and the following
apply:
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
• IEC Electropedia available at https://www.electropedia.org/
• ISO Online Browsing Platfo
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
CEN/TS 18099:2024(Main)
Biometric data injection attack detection
kSIST-TS FprCEN/TS 18099:2024

This document provides an overview on:
-   Definitions on Biometric Data Injection Attack,
-   Biometric Data Injection Attack use case on main biometric system hardware for enrolment and verification,
-   Injection Attack Instruments on systems using one or several biometric modalities.
This document provides guidance on:
-   System for the detection of Injection Attack Instruments (defined in 3.12),
-   Appropriate mitigation risk of Injection Attack Instruments,
-   Creation of test plan for the evaluation of Injection Attack Detection system (defined in 3.9).
If presentation attacks testing is out of scope of this document, note that these two characteristics are in the scope of this document:
-   Presentation Attack Detection systems which can be used as injection attack instrument defence mechanism and/or injection attack method defence mechanism. Yet, no presentation attack testing will be performed by the laboratory to be compliant with this document (out of scope).
-   Bona Fide Presentation testing in order to test the ability of the Target Of Evaluation to correctly classify legitimate users.
The following aspects are out of scope:
-   Presentation Attack testing (as they are covered in ISO/IEC 30107 standards),
-   Biometric attacks which are not classified as Type 2 attacks (see Figure 1),
-   Evaluation of implementation of cryptographic mechanisms like secure elements,
-   Injection Attack Instruments rejected due to quality issues.

  • Draft
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 18108:2024(Main)
Personal identification - Usage of biometrics in breeder documents
kSIST-TP FprCEN/TR 18108:2024

This document provides guidance on usage of biometrics in breeder documents, in particular regarding
-   encoding of biometric reference data;
-   data quality maintenance for biometric reference data;
-   data authenticity maintenance for biometric reference data; and
-   privacy preservation of biometric reference data.
This document addresses advantages and disadvantages of biometric modes, in particular regarding
-   verification performance;
-   privacy impact;
-   feasibility of biometric acquisition considering the age of the capture subjects;
-   limits of validity and need for updating biometric reference data.
The following aspects are out of scope:
-   format and structure of breeder documents;
-   general security aspects, which are covered in CEN/TS 17489-1 [1].

  • Draft
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 18030:2023(Main)
Personal identification - Biometrics - Overview of biometric verification systems implemented across Europe
SIST-TP CEN/TR 18030:2024

This Technical Report provides an overview of the current deployment of biometric systems within Europe. It addresses the challenges that are being faced, in order to detect the current needs for improving the specifications for the implementation and deployment of biometric systems. This Technical Report considers all kind of deployments, from border control to ad-hoc services. As most of the deployed systems are based on the use of fingerprints or face recognition, this Technical Report will focus on these two biometric modalities, from the system integrator and interoperability points of view.
Identity documents, in terms of production, structure, interoperability, etc., are out of the scope of this TR. The TR is focused on the performance at system level.
The current European legislative initiatives around this topic (e.g., Entry/Exit System, framework for interoperability between EU information systems, etc.) need a robust framework study about the availability of standard technologies to improve interoperability in biometric products around the European Union.
By showing these needs, a set of recommendations for future standardization works is provided.
From a methodological perspective, the report gathers information of different entities with this classification:
- Capture/enrolment of biometrics including the quality assurance and the generation of feature or biometric models from the images.
- Best practices and guidelines to use biometrics in Europe.
- Data Quality environment using biometrics in European networks.

  • Technical report
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 17982:2023(Main)
European Digital Identity Wallets standards Gap Analysis
SIST-TP CEN/TR 17982:2024

This document identifies relevant existing standards and standards work in progress around European Digital Identity Wallets. It also identifies missing work items and overlaps in standards and is supposed to work as a roadmap for future standardization projects in the area.

  • Technical report
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO/IEC 2382-37:2023(Main)
Information technology - Vocabulary - Part 37: Biometrics (ISO/IEC 2382-37:2022)
SIST EN ISO/IEC 2382-37:2024

This document establishes a systematic description of the concepts in the field of biometrics pertaining to recognition of human beings. This document also reconciles variant terms in use in pre-existing International Standards on biometrics against the preferred terms, thereby clarifying the use of terms in this field.
This document does not cover concepts (represented by terms) from information technology, pattern recognition, biology, mathematics, etc. Biometrics uses such fields of knowledge as a basis.
In principle, mode-specific terms are outside of scope of this document.

  • Standard
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17661:2021(Main)
Personal identification – European enrolment guide for biometric ID documents (EEG)
SIST-TS CEN/TS 17661:2022

This document consolidates information relating to successful and high quality biometric enrolment processes of facial and fingerprint systems, while indicating risk factors and providing appropriate mitigations. This information supports decisions regarding procurement, design, deployment and operation of these biometric systems.
This document provides guidance on:
—   capturing of facial images to be used as reference images in identity and secure documents;
—   capturing of fingerprint images to be used as reference images in identity and secure documents;
—   data quality maintenance for biometric reference data;
—   data authenticity maintenance for biometric reference data.
The document addresses the following aspects which are specific for biometric reference data capturing:
—   biometric data quality and interoperability ensurance;
—   data authenticity ensurance;
—   morphing and other presentation attack detection as well as other unauthorized changes;
—   accessibility and usability;
—   privacy and data protection;
—   optimal enrolment design.
The following aspects are out of scope:
—   IT security;
—   data capturing for verification purposes, e.g. in ABC gates;
—   capturing biometric data for enrolment in other systems different from data enrolment for integration in secure MRTD, like entry/exit systems.
This document consolidates the role of the enrolment process in a biometric system and differentiates the enrolment from the authentication, while mentioning key factors of the enrolment process that are feature independent.
Interests of the existing stakeholders are broken down and provide an insight on different views of the enrolment. In addition, organisational enrolment approaches are covered.
This document is not concerned with IT requirements or the capturing of biometric data for inspection, identification or verification purposes without the required step of creating an identity document using the captured data.

  • Technical specification
    73 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17631:2021(Main)
Personal identification - Biometric group access control
SIST-TS CEN/TS 17631:2021

This document provides guidance on providing access:
— to areas with physical access control, e.g. entertainment facilities, train stations, shops, libraries, banks, or border control,
— for small groups of persons, e.g. families with small children or seniors, or other accompanied persons in need of support,
— by means of biometric authentication technologies, e.g. facial, fingerprint, or vein recognition,
— in the European regulatory context.
The document addresses the following aspects, which are specific for biometric and group access:
— accessibility and usability,
— user guidance including group guidance and interaction control,
— privacy including data set content,
— presentation attack detection,
— applicable biometric technologies,
— storage of reference data,
— biometric process integration,
— specific needs considering biometrics for groups,
— biometric performance and error rates, and
— group internal linkage.
The following aspects which reflect on generic access control issues are out of scope:
— IT security,
— application specific physical security,
— policy definition,
— processes not related to biometric authentication, and
— specific performance requirements of identification (1:N) and verification (1:1) applications.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17489-1:2020(Main)
Personal identification - Secure and interoperable European Breeder Documents - Part 1: Framework overview
SIST-TS CEN/TS 17489-1:2020

This document provides an overview of a framework on breeder documents. It introduces the document structure of CEN/TS 17489 (all parts) that specifies how citizens retain the control of breeder document data and how they can use them to support identity proofing and verification. Moreover, the framework provides methodologies to assess and increase the level of trust in breeder documents.
This framework specifies methods for:
-   defining physical and logical/digital representations of a secure breeder document (hardware based, paper-based, server-based),
-   securing breeder document processes,
-   linking the document to its legitimate holder.
The following types of breeder documents are in the scope of the framework:
-   birth certificates,
-   marriage and partnership certificates,
-   death certificates.
The following breeder documents management processes including first-time application, later-in-life registration of an identity, and content update (e.g. name-changing) are in the scope of this framework:
-   registration,
-   issuance,
-   renewal,
-   inspection/verification,
-   revocation.
The specification of policies is out of scope.

  • Technical specification
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 1332-3:2020(Main)
Identification card systems - User Interface - Part 3: Key pads
SIST EN 1332-3:2020

This document covers the ergonomic layout and usability of keypads. The keypad consists of numeric, command and function keys and alphanumeric characters. On the basis that keypad layout impacts performance (keying speed, and errors), this document aims to:
-   enhance usability,
-   ensure ease of use through consistency,
-   increase customer confidence,
-   reduce customer error,
-   improve operating time,
-   ensure ergonomic data entry.
This document specifies the arrangement, the number and location of numeric, function and command keys, including placement of alphabetic characters on numeric keys. Design requirements and recommendations are also provided.
This document applies to all identification card systems with a numeric keypad for use by the public for stationary or non-stationary devices. This document also covers keypads on touch sensitive devices.

  • Standard
    20 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17261:2018(Main)
Biometric authentication for critical infrastructure access control - Requirements and Evaluation
SIST-TS CEN/TS 17261:2019

This document addresses biometric recognition systems that are used as part of an automated access control system to provide a second and independent authentication factor of the individual using the AACS to access secured areas of critical infrastructure.
This document:
-   specifies requirements for biometric recognition systems to be used as part of an AACS for critical infrastructure,
-   describes a methodology for the evaluation of biometric authentication for AACSs against the specified requirements.
The requirements and test methods address biometric authentication for AACS that: (i) operate in an internal environment constituting part of a larger site, access to which is restricted and controlled by a separate access control system; and (ii) use biometrics as a second authentication factor to a token or proximity card.
This document does not consider access by the general public, e.g. passengers in an airport, or visitors to a hospital.
Products that meet the requirements of this document will comprise (i) a biometric sensor(s) external to the secured area, which reads the biometric characteristics of the user at the point of access; and (ii) a biometric server system performing biometric enrolment, signal processing, storage of biometric references and biometric comparison within a secured area.
This document does not address AACS or AACS portals (turnstiles) but is only concerned with the biometric components which integrate with the AACS. Other standards address requirements and testing of the non-biometric parts of the AACS.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day