CEN/TR 18108:2024
(Main)Personal identification - Usage of biometrics in breeder documents
Personal identification - Usage of biometrics in breeder documents
This document provides guidance on usage of biometrics in breeder documents, in particular regarding
- encoding of biometric reference data;
- data quality maintenance for biometric reference data;
- data authenticity maintenance for biometric reference data; and
- privacy preservation of biometric reference data.
This document addresses advantages and disadvantages of biometric modes, in particular regarding
- verification performance;
- privacy impact;
- feasibility of biometric acquisition considering the age of the capture subjects;
- limits of validity and need for updating biometric reference data.
The following aspects are out of scope:
- format and structure of breeder documents;
- general security aspects, which are covered in CEN/TS 17489-1 [1].
Personenidentifizierung - Verwendung biometrischer Daten in Hoheitsdokumenten
Identification des personnes - Utilisation des données biométriques dans les documents sources
Osebna identifikacija - Uporaba biometričnih podatkov v izvornih dokumentih
General Information
Standards Content (Sample)
SLOVENSKI STANDARD
01-julij-2024
Osebna identifikacija - Uporaba biometričnih podatkov v izvornih dokumentih
Personal identification - Usage of biometrics in breeder documents
Personenidentifizierung - Verwendung biometrischer Daten in Hoheitsdokumenten
Ta slovenski standard je istoveten z: FprCEN/TR 18108
ICS:
35.240.15 Identifikacijske kartice. Čipne Identification cards. Chip
kartice. Biometrija cards. Biometrics
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
FINAL DRAFT
TECHNICAL REPORT
FprCEN/TR 18108
RAPPORT TECHNIQUE
TECHNISCHER REPORT
April 2024
ICS
English Version
Personal identification - Usage of biometrics in breeder
documents
Personenidentifizierung - Verwendung biometrischer
Daten in Hoheitsdokumenten
This draft Technical Report is submitted to CEN members for Vote. It has been drawn up by the Technical Committee CEN/TC
224.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are
aware and to provide supporting documentation.
Warning : This document is not a Technical Report. It is distributed for review and comments. It is subject to change without
notice and shall not be referred to as a Technical Report.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2024 CEN All rights of exploitation in any form and by any means reserved Ref. No. FprCEN/TR 18108:2024 E
worldwide for CEN national Members.
TC 224 WI :2024 (E)
Contents Page
European foreword . 3
Introduction . 4
1 Scope . 5
2 Normative references . 5
3 Terms and definitions . 5
4 Abbreviated terms . 6
5 General set-up . 6
6 Constraints on biometric data for reliable identity verification . 7
7 Suitability assessment of biometric modes for use on breeder documents . 7
7.1 Fingerprint . 7
7.2 Face. 8
7.3 Iris . 9
7.4 Palmprint . 10
7.5 Footprint . 10
7.6 Palm vein and finger vein patterns . 11
8 Summary . 11
8.1 General . 11
8.2 Choices for paper-based breeder documents . 14
8.3 Choices for hardware-based breeder documents . 14
8.4 Choices for server-based breeder documents . 14
Bibliography . 15
TC 224 WI :2024 (E)
European foreword
This document (FprCEN/TR 18108:2024) has been prepared by Technical Committee CEN/TC 224
“Personal identification and related personal devices with secure element, systems, operations and
privacy in a multi-sectorial environment”, the secretariat of which is held by AFNOR.
This document is currently submitted to the Vote on TR.
TC 224 WI :2024 (E)
Introduction
Birth certificates and marriage certificates are collectively referred to as breeder documents. Obtaining
authentic travel documents based on false breeder documents poses a major threat. The CEN/TS 17489
series [1] provides guidance on secure and interoperable European breeder documents that can be
used for establishing and verifying identity in various scenarios such as application for ePassports and
other identity documents.
A secure binding of breeder documents to their legitimate holders would increase the trust in the
breeder documents and prevent identity theft. This can be achieved using biometrics, but several
challenges arise in the context of breeder documents: In the case of birth certificates, the acquisition of
biometric characteristics from infants can be impractical. Furthermore, as some biometric
characteristics are sensible to ageing, linking breeder documents to their legitimate holders can become
difficult after some time.
This document discusses options for the use of biometrics in breeder documents. It compares
fingerprint, face, iris, palmprint, footprint, palm vein and finger vein recognition regarding verification
performance, privacy impact, feasibility of biometric acquisition in different age groups and
permanence of biometric features. Though resistance against presentation attacks (spoofing) is also
required, a comparison regarding presentation attack resistance is omitted because these biometric
modes can fulfil this criterion to a similar extent. Several studies have presented ways in which
biometric characteristics can be forged. Presentation attack detection is possible but can increase the
FNMR.
Even though non-coding DNA profiles allow a reliable verification of identity over the entire lifetime,
DNA profiles are not taken into consideration for use in breeder documents. The reason is that
processing of genetic material poses prohibitive risks to the rights and freedoms of natural persons
because it can give rise to discrimination as it can reveal ethnic origin or genetic diseases [2].
TC 224 WI :2024 (E)
1 Scope
This document provides guidance on usage of biometrics in breeder documents, in particular regarding
— encoding of biometric reference data,
— data quality maintenance for biometric reference data,
— data authenticity maintenance for biometric reference data, and
— privacy preservation of biometric reference data.
This document addresses advantages and disadvantages of biometric modes, in particular regarding
— verification performance,
— privacy impact,
— feasibility of biometric acquisition considering the age of the capture subjects,
— limits of validity and need for updating biometric reference data.
The following aspects are out of scope:
— format and structure of breeder documents,
— general security aspects, which are covered in CEN/TS 17489-1 [1].
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 2382-37 [3] and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia available at https://www.electropedia.org/;
— ISO Online Browsing Platform available at https://www.iso.org/obp.
3.1
biometric characteristic
biological and behavioural characteristic of an individual from which distinguishing, repeatable
biometric features can be extracted for the purpose of biometric recognition
[SOURCE: ISO/IEC 2382-37:2022 [3], 37.01.02]
3.2
biometric data
biometric sample or aggregation of biometric samples at any stage of processing
[SOURCE: ISO/IEC 2382-37:2022 [3], 37.03.06]
TC 224 WI :2024 (E)
3.3
biometric mode
combination of a biometric characteristic type, a sensor type and a processing method
[SOURCE: ISO/IEC 2382-37:2022 [3], 37.02.05]
3.4
breeder document
foundational document
evidentiary document issued as a physical token of an event or status for a person and used by issuing
authorities to establish identity and confirm entitlement
EXAMPLE Breeder documents include birth certificates and marriage certificates.
[SOURCE: ICAO TRIP Guide on evidence of identity [4]]
4 Abbreviated terms
DNA deoxyribonucleic acid
FMR false match rate
FNMR false non-match rate
MRTD machine-readable travel document
5 General set-up
According to CEN/TS 17489-1 [1], breeder document data must be digitally signed to ensure the
integrity and authenticity of the data. The digital signature can be verified using a public key
infrastructure (PKI). The signature verification can be performed offline (provided that all data
required for the signature verification, i.e. public-key certificates and certificate revocation lists, are
available) or online (server-based).
The CEN/TS 17489 series [1] distinguishes between
— Paper-based breeder documents, on which the breeder document data are printed in a human-
readable format as well as in form of machine-readable two-dimensional (2D) bar codes,
— Hardware-based breeder documents, which provide the breeder document data in a machine-
readable format on an integrated circuit, also called chip, and
— Server-based breeder documents, for which the digital signature is stored on the server.
A 2D bar code provides only limited storage space (about 3 kByte). The storage space on a chip and on a
server is much less restricted.
A digital signature has a limited validity period. After expiration of the validity period, the digital
signature cannot be used any longer to ensure the integrity and authenticity of the breeder document
data. Therefore, the breeder documents have to be re-issued after expiration of the validity period
unless the digital signature is stored and renewed on a server.
Threats to breeder documents include that someone else than the legitimate holder uses a genuine
breeder document to establish identity or confirm entitlement. To enable reliable identity verification,
biometric reference data of the document holder can be stored on the breeder document or on a trusted
and certified European server [5].
TC 224 WI :2024 (E)
6 Constraints on biometric data for reliable identity verification
This clause summarizes external constraints that do not originate from this document. To be suitable
for verifying the identity of the holder of a breeder document, biometric characteristics must fulfil the
following requirements:
— The biometric data must be adequate and limited to what is necessary for verifying the identity of
the document holder.
— It must be easy to acquire biometric samples of sufficient quality at the time of breeder document
issuance and at the time of breeder document verification.
— The biometric characteristics must be invariant over a sufficiently long time.
A system that employs biometrics for reliable identity verification of breeder-document holders must
meet requirements and recommendations defined outside this document, among others:
— Starting from a trusted enrolment system, the integrity and authenticity of the biometric reference
data must be ensured.
— Access to the biometric reference data must be controlled, and their confidentiality must be
protected during transmission.
— It must be possible to distinguish between bona-fide presentations and presentation attacks or data
injection attacks or morphing attacks.
— The biometric reference data must be technically usable by other suppliers’ subsystems.
7 Suitability assessment of biometric modes for use on breeder documents
7.1 Fingerprint
7.1.1 Verification performance
In case of two-finger comparisons and an adult population, the most accurate fingerprint comparison
systems using standardized finger minutiae templates yield an FNMR of 0,15 % (about 1 in 667) at an
FMR of 0,1 % (1 in 1000) [6]. The most accurate fingerprint comparison systems using proprietary
templates achieve an FNMR of 0,06 % (about 1 in 1667) at an FMR of 0,1 % (1 in 1000) in case of two-
finger comparisons and an adult population [7].
Babies’ fingerprints do not allow reliable verification of identity [8][9][10]. Fusing the comparison
results of baby thumb and index fingers significantly improves the verification performance [11].
A reliable verification of id
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.