iTeh Standards logo
EURUSD
Your shopping cart is empty.
CEN

EN 419251-1:2013

(Main)

Security requirements for device for authentication - Part 1: Protection profile for core functionality

Security requirements for device for authentication - Part 1: Protection profile for core functionality

This European Standard is a Protection Profile that defines the security requirements for an authentication device.

Sicherheitsanforderungen für Geräte zur Authentisierung - Teil 1: Schutzprofil für Kernfunktionalitäten

Diese Europäische Norm ist ein Schutzprofil, das die Sicherheitsanforderungen an ein Gerät zur Authentisierung definiert.

Profils de protection pour dispositif d'authentification - Partie 1: Dispositif avec import de clés

Le présent document est un Profil de Protection qui définit les exigences de sécurité pour un dispositif
d’authentification.

Varnostne zahteve naprav za overjanje - 1. del: Profil za zaščito ključne funkcionalnosti

Ta evropski standard je profil za zaščito, ki določa varnostne zahteve naprav za overjanje.

General Information

Status
Published
Publication Date
05-Mar-2013
Withdrawal Date
29-Sep-2013
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
CEN/TC 224 - Machine-readable cards, related device interfaces and operations
Drafting Committee
CEN/TC 224/WG 17 - Protection Profiles in the context of SSCD
Current Stage
9093 - Decision to confirm - Review Enquiry
Start Date
27-Jun-2024
Completion Date
14-Apr-2025
Directive
910/2014 - Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing directive 1999/93/EC
Mandate
M/460 - Standardisation Mandate to the European Standardisation Organizations CEN, CENELEC and ETSI in the field of Information and Communication Technologies applied to Electronic Signatures
Ref Project
SIST EN 419251-1:2013 - Security requirements for device for authentication - Part 1: Protection profile for core functionality
EN 419251-1:2013EN 419251-1:2013
PreviousNext
Standard
EN 419251-1:2013
English language
50 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.IXQNFLRQDOQRVWLSicherheitsanforderungen für Geräte zur Authentifizierung - Teil 1: Schutzprofil für KernfunktionalitätenProfils de protection pour dispositif d'authentification - Partie 1: Dispositif avec import de clésSecurity requirements for device for authentication - Part 1: Protection profile for core functionality35.240.15Identifikacijske kartice in sorodne napraveIdentification cards and related devicesICS:Ta slovenski standard je istoveten z:EN 419251-1:2013SIST EN 419251-1:2013en01-maj-2013SIST EN 419251-1:2013SLOVENSKI
STANDARD
EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 419251-1
March 2013 ICS 35.240.15 English Version
Security requirements for device for authentication - Part 1: Protection profile for core functionality
Profils de protection pour dispositif d'authentification - Partie 1: Dispositif avec import de clés
Sicherheitsanforderungen für Geräte zur Authentisierung - Teil 1: Schutzprofil für Kernfunktionalitäten This European Standard was approved by CEN on 7 December 2012.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
Management Centre:
Avenue Marnix 17,
B-1000 Brussels © 2013 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 419251-1:2013: ESIST EN 419251-1:2013

...................................................................................... 15 8 Life Cycle ........................................................................................................................................ 16 8.1 Overview ......................................................................................................................................... 16 8.2 Pre-Personalisation phase ............................................................................................................. 17 8.3 Personalisation phase ................................................................................................................... 18 8.3.1 General ........................................................................................................................................... 18 8.3.2 Personalisation application ........................................................................................................... 18 8.4 Usage phase  Authentication application .................................................................................. 18 8.4.1 General ........................................................................................................................................... 18 8.4.2 Verifier ............................................................................................................................................ 19 9 Security problem definition ........................................................................................................... 19 SIST EN 419251-1:2013

Figures Figure 1 — TOE Security Features . 12 Figure 2 — Personalisation application environment . 13 Figure 3 — Authentication application environment . 14 Figure 4 — TOE Life Cycle . 16
Tables Table 1 — Protection of sensitive data . 24 Table 2 — Security objectives vs problem definition rationale . 27 Table 3 — Security attributes . 31 Table 4 — Core security attributes . 35 Table 5 — Core operations . 35 Table 6 — Core security attributes - Operation . 36 SIST EN 419251-1:2013

ISO/IEC 15408-21), Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components ISO/IEC 15408-31), Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components ISO/IEC 18045, Information technology — Security techniques — Methodology for IT security evaluation
3 Conformance 3.1 CC Conformance Claim This Protection Profile (PP) is CC Part 2 extended and CC Part 3 conformant and written according to
ISO/IEC 15408-1, -2, -3 and ISO/IEC 18045. 3.2 PP Claim This PP does not claim conformance to any other Protection Profile. 3.3 Package Claim The evaluation assurance level for this PP is EAL4-augmented with the assurance components AVA_VAN.5 and ALC_DVS.2. 3.4 Conformance Rationale Since this PP is not claiming conformance to any other protection profile, no rationale is necessary here.
3.5 Conformance Statement The conformance required by this PP is the demonstrable-PP conformance. This would facilitate conformance claim to both the PP “Authentication device” and other PPs for Security Target (ST) authors.
1) ISO/IEC 15408-1, -2 and -3 respectively correspond to Common Criteria for Information Technology Security Evaluation, Parts 1, 2 and 3. SIST EN 419251-1:2013

 one or more hash values of a signer's public key certificate together the identifier of the hash function used to compute these hash values, and some information which allows the signer to disambiguate between several signers certificates 4.4 Configuration set of groups Note 1 to entry: Each configuration corresponds to one PP. It has its own rationale. See [2]. 4.5 Group set Assets, threats, objectives, and Requirements, addressing a specific function Note 1 to entry: See [2]. 4.6 Holder legitimate holder of the authentication device
Note 1 to entry: See 9.2 for more details. 4.7 Issuer user of the authentication device during personalisation Note 1 to entry: See 9.2 for more details. 4.8 Protection Profile PP implementation-independent statement of security needs for a TOE [SOURCE: ISO/IEC 15408-1:2009, Clause 4 "Terms and definitions", modified  in ISO/IEC 15408-1, the protection profile refers to a TOE type instead of a TOE in this document] SIST EN 419251-1:2013

6 Overview of the target of evaluation 6.1 TOE Type The aimed objective is to define security requirements that an authentication device shall conform to in the perspective of a security evaluation. The Target of Evaluation (TOE 2)) considered in this PP corresponds to a hardware device (such as, for example, a smart card or USB token) allowing its legitimate holder to authenticate himself when accessing an on-line service or to guarantee the origin authentication of data sent by the User to a distant agent 3). This PP has been constructed such as to make it possible for an ST writer to claim conformance to both this PP and the PP-SSCD [3], [4], [5], [6], [7] and easily merge these PPs into one ST. 6.2 TOE Usage In order to connect to an on-line service with restricted access or send data whose origin should be authenticated, the Holder shall use his personal authentication device. The service provided by the device requires the prior input of authentication data by the Holder on a terminal device (as specified in 6.5). The authentication service included in the TOE relies solely on public-key cryptography mechanisms to allow the Holder to authenticate himself and access to the on-line service with restricted access or to enable the origin authentication of data sent by the Holder. Note that authentication devices implementing shared key (i.e., symmetric-key) mechanisms for authentication purposes are therefore not considered in this PP. 6.3 Security Features of the TOE The primary functionality of the TOE is to enable the Holder to authenticate himself in order to access an on-line service or guarantee the origin authentication of data sent by the Holder to a distant agent.
2) In the document the terms authentication device, device and TOE are equivalent. 3) He is a physical person that receives some authenticated data from the users. SIST EN 419251-1:2013

6.4.2 Multiple applications e-administration for tax payment requiring signature + e-commerce only requiring authentication. The e-administration and the e-commerce center may get the certificate from the PKI. But they may also rely on the authentication protocol to securely provide the public key, for example within a signed certificate. Communication between Authentication application and the TOE may be regarded as secure for:  Holder authentication;  Selection of online server;  Selection of a specific Authentication key pair;  Acceptance of authentication of the TOE. 6.5 Required non-TOE Hardware and Software The authentication device requires the services provided by a terminal device to enable the Holder to input his authentication data. Typically, this terminal device (e.g., a PINPad terminal) ensures the protection of authentication data input in confidentiality and integrity and its secure transfer to the TOE. The general features of this terminal along with the method employed to enable the input of authentication data are considered out of the TOE scope. It should be however noted that the level of security of the whole operational system including the TOE depends on the security level of the TOE operational environment. In particular, an authenticated terminal device for the input and transfer of the Holder authentication data could be required in usage environments considered as untrusted. 6.6 Protection Profile Usage The requirements present in this PP define the minimum security rules an ST of an authentication device shall conform to but are in no way exhaustive. It remains indeed possible to add functionalities or also refer to another PP. However, any modifications to this PP are restricted by the rules defined by the conformance as set forth in Clause 3. In other respects, this PP aims at ensuring compatibility with PP-SSCD [3], [4], [5], [6], [7], in order to define complementary security requirements for products offering both authentication and signature services.
Figure 1 — TOE Security Features Figure 1 shows all the security features of the TOE, in the Personnalisation and Usage environments. The legend explains how different colors identity the security features of the different groups: Core and KeyImp. Further details on groups can be found in [2].
Figure 2 — Personalisation application environment 7.2.2 Functionalities The Personalisation application interfaces the TOE at the Personalisation facility. These operations take place before the issuance of the TOE. This application initialises all data specific to the end user. These data can include:  APrK  User RAD If the TOE generates the APrK, the application retrieves the APuK and sends it to the CA that will generate the certificate. If the TOE imports the APrK, the application retrieves the APuK and sends it to the TOE. The application also ensures that the APuK is securely - protected in integrity - sent from the key pair generator to the CA that generates the certificate. 7.2.3 Communication As the environment is trusted, Transfer of sensitive data is protected by the environment. However, as APrK is of special special sensitivity, a "Trusted channel" is always required to load it. SIST EN 419251-1:2013

Figure 3 — Authentication application environment 7.3.2 Functionalities The Authentication application interfaces the TOE when the holder needs to be authenticated by the Verifier. It can run on several devices:  a PC at home to access online services (e-administration, e-commerce…).  a specific device to identify and authenticate a card holder (police control…). The TOE may contain several Authentication keys. It may also contain Signature keys. Therefore the Authentication application shall ensure a clear and secure human interface to prevent any confusion, when selecting the Verifier and the authentication key. The VAD can also be entered via a separate Human Interface. 7.3.3
Communication The Authentication application is in a trusted environment. The TOE and the Authentication application exchange the following sensitive data:  Import of Holder VAD for authentication;  Import of Holder RAD for update;  Request for authentication from a specific Verifier. SIST EN 419251-1:2013

7.5.2 Communication Communication between the Key generator and the TOE shall be secured. During the personalisation phase, which takes place in a trusted environment, this communication can be split in two phases:  Transfer from the Key Generator to the Personalisation application, then  Transfer from the Personalisation application to the TOE. 7.6
The certification authority generates a Certificate, based on the public key it receives. As the key is generated off TOE, the Environment shall ensure that the public key is securely transferred to the CA. SIST EN 419251-1:2013

Figure 4 — TOE Life Cycle This figure represents two views of the life-cycle:
a) An “end-user” view made of four phases, focusing on the following main logical phases: 1) Development phase: IC design, and embedded software development; SIST EN 419251-1:2013

b) A business view made of seven steps, focusing more on the different trades and actors involved in smartcard business. For example, the company in charge of IC manufacturing may be different from the one in charge of IC packaging, as well as from the one in charge of packaging, initialisation, pre-personalisation, not considering all other actors involved in this phase: antenna supplier, booklet supplier. The definition of the content of each step and the associated supply chain vary from one provider to another and the picture is just indicative. Referring to the life-cycle, the evaluated product is the product that comes out of the IC manufacturing, test and possible pre-personalisation operations (step 3).
At this step, the product shall already be self-protected before delivery to step 4 and all steps after. This means that if a patch is to be loaded on the product to fix a security flaw, this operation has to be performed during the IC manufacturing step, i.e. in an environment that is under control of the evaluation and assessed through assurance class of Common Criteria related to the development environment (ALC). The following options are also important to keep in mind:
 creation of the application;  applet instantiation for a JavaCard;  loading of the pre-personalisation data in the chip. These operations may or may not be performed within the IC manufacturer secure premises covered by the evaluation scope, depending on the business organisation for the TOE production. They may even be performed during the personalisation phase (step 6) under the control of the issuing state.
However, if they are not performed within the IC manufacturer secure premises, the procedures to perform these operations have to be well defined, and successfully evaluated through assurance tasks of Common Criteria related to guidance analysis (class AGD). More generally, all steps that come after step 3 are to be covered by guidance (secure delivery, secure handling, etc.). The ST writer can choose to include step 4 and also step 5 inside the perimeter of the evaluation. In this case the premises where these operations take place will be covered by ALC, not AGD and sensitive operations such as the loading of patches invoving Security Functions can be done in the included steps. 8.2 Pre-Personalisation phase Pre-Personalisation is the final phase under the control of the Smart card manufacturer.
Application initialisation During Pre-personalisation, the Smartcard manufacturer initialises the application. Import of Issuer RAD The manufacturer imports the Issuer RAD that will be used in the next phase to authenticate the Issuer. SIST EN 419251-1:2013

8.3.2 Personalisation application Issuer authentication The Issuer authenticates himself to the TOE using a RAD. Import of Holder RAD This function is mandatory in Personalisation. This function initialises the RAD. When biometrics is used, this operation requires the holder. Import of Authentication Protocol sensitive data This function is optional as these data may be empty. It is only necessary if APrK / APuK key pair is generated on TOE during Personalisation. In this case the TOE shall import the APSD, if not null, after the CA has generated the certificate.
Import of Authentication private key. This function is not necessarily used in Personalisation. The TOE can also be issued without APrK.
8.4 Usage phase  Authentication application 8.4.1 General The Authentication application interfaces the TOE to the holder. During the usage phase, the Holder can perform the following operation on the authentication device: Holder Authentication to the TOE, The Holder authenticates himself to the TOE using a RAD.
When the TOE is used both for Authentication and Signature and when the RAD is a PIN, the TOE shall provide at least one PIN for Signature and one PIN for Authentication.
Import of the private key This function is not necessarily used in Usage phase. APrK can also be imported in Personalisation phase. The TOE can also be issued with APrK. SIST EN 419251-1:2013

Allow Authentication by Verifier This function enables the Holder to accept or deny the authentication by the Verifier.
8.4.2 Verifier Authentication by Verifier This function allows the Verifier to authenticate the TOE and therefore its holder.
Other functions following the Authentication, such as exchange of data with the Verifier, are out of the scope of this PP. 9 Security problem definition 9.1 Assets 9.1.1 General The description of each asset provides the type of protection required for each asset ("Protection" part). RAD, VAD, Authentication Protocol sensitive data are not Assets, they are TSF data. The ST writer shall specify these TSF data. 9.1.2 Assets protected by the TOE D.AUTHENTICATION This asset represents the authentication function itself and all the benefits that can result from the authentication. These benefits can be:  communication data between the authentication device and an access-restricted on-line service  data or goods located in an access-restricted area  rights provided in country by an ID card 9.1.3 Sensitive assets of the TOE D. AUTHENTICATION_PRIVATE_KEY
This asset corresponds to the private key generated outside of the TOE and imported in the TOE or generated inside the TOE. The private key is associated with a public key and a public-key certificate. In addition, the private key shall remain consistent with its corresponding public key. Protection: integrity and confidentiality. Application notes: This asset is used by the authentication service running on the TOE.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

This May Also Interest You

CEN
CEN/TS 17489-5:2025(Main)
Personal identification - Secure and interoperable European breeder documents - Part 5: Trust establishment and management processes
SIST-TS CEN/TS 17489-5:2025

1.1   Objective
This document is intended for the use of breeder document issuing authorities both policymakers and technical, for having uniform formats that conform to printed as well as digital requirements of CEN member and associated states (including EU member states).
The objectives are:
a)   provision of a common set of formats of breeder documents – printed and digital to be implemented by CEN member and associated states (including EU member states), with the extended objective of their acceptance internationally;
b)   the focus is on having common recognizable formats as well as prevention of identity fraud, particularly related to the use of breeder documents to obtain national and international ID documents, such as passports, and residence permits.
1.2   Human dimension of identity management
Each country’s identity management system also provides a framework for observing and protecting many of the human rights embodied in international declarations and conventions. Depending on the provisions in place, the system can ensure that citizens can exercise a wide range of rights, such as rights to property, privacy, freedom of movement and free choice of place of residence, as well as access to social services such as education, healthcare and social security. In states with more advanced technological infrastructure, population registration provides the basis for the establishment of a number of citizen-oriented computerized services, also known as e-services and e-government. Identity management is also central to prevention of discrimination in exercising guaranteed rights.
The identity management infrastructure provides the backbone for a functioning and viable state by securing civil, population and tax registers, as well other systems such as healthcare benefits, voter lists and the issuance of travel and identity documents based on verifiable identities. Such flaws may become visible during elections, where shortcomings in voter lists can affect confidence in the election process. In essence, a secure identity management system can be seen as the foundation, a root level, that is able to then feed into and help numerous other branches of key state services function effectively and accurately (OSCE, 2017, p.13) [27].
1.3   Security dimension of identity management
One of the key elements of a secure environment for cross-border travel is that the travel documents used by visitors meet international standards in terms of security of the document itself and security in that the document reflects the genuine identity of its holder. Similarly, the systems for issuing travel documents need to be linked to identity management systems to streamline decision-making processes, preferably through modernized systems that reflect developments in document security technology. As entries in registers or officially issued identification documents provide access to specific services, criminal networks are constantly looking for possible gaps in identity management systems to obtain genuine documents under fabricated or stolen identities. Documents obtained as result of gaps in identity management have enabled criminals to target business entities and cause significant financial losses through the use of genuine documents issued to non-existent identities (OSCE, 2017, p.14) [27].
Both legal and illegal immigration breeder docs are regularly used to determine an identity if no MRTD or eMRTD is presented. An identity which will be printed on an eRP, Foreigners ppt, Refugees travel doc etc. unless other supportive evidence of identity is provided.
Organized crime has not overlooked this and fraudulently obtained or falsified travel documents are regularly presented to hide the true identity.
Since a significant portion of the world’s population cannot reliably prove their identity, they rely on verbally presented identities and/or supportive breeder documents when registering in another country.
Asylum applicants who...

  • Technical specification
    69 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 18139:2025(Main)
Personal identification - European guide for biometric recognition applications based on ID documents (ERG)
SIST-TS CEN/TS 18139:2025

This document defines requirements and provides guidance on:
•   capturing of facial images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
•   capturing of fingerprint images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
•   data quality maintenance for biometric data captured by/for verification or identification applications;
•   data authenticity maintenance for biometric data captured by/for verification or identification ap-plications.
This document addresses the following aspects which are specific for biometric data capturing:
•   biometric data quality and interoperability assurance;
•   data authenticity assurance;
•   morphing and other presentation attacks and biometric data injection attacks;
•   accessibility and usability;
•   recognition algorithms and their evaluation;
•   privacy and data protection;
•   optimal process design.
The following aspects are out of scope:
•   other aspects of IT security;
•   data capturing for ID document enrolment purposes, e.g. passport or ID card enrolment.

  • Technical specification
    30 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17489-2:2024(Main)
Secure and interoperable European Breeder Documents — Part 2: Data model
SIST-TS CEN/TS 17489-2:2025

This document specifies the abstract data model for breeder document data and the specific encodings of this abstract data model used in the CEN breeder document framework.
The abstract data model is a semantic description of the birth, marriage / partnership, and death certificate data, independently from their specific encoding. This abstract data model is extensible for further standardized and proprietary data of birth, marriage / partnership, and death certificates as well as for other types of breeder documents.
This abstract data model is technology agnostic, i.e. it is applicable for paper-based, server-based, and hardware-based breeder documents as well as further breeder document designs and technologies.
The specific encodings of this abstract data model comprise the encodings to be used for the machine readable technologies specified in part 3 of the framework as well as the encoding of human readable breeder document data. These encodings are used in the birth, marriage / partnership, and death certificate profiles specified in part 4 of the framework.

  • Technical specification
    25 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 18099:2024(Main)
Biometric data injection attack detection
SIST-TS CEN/TS 18099:2025

This document provides an overview on:
-   Definitions on Biometric Data Injection Attack,
-   Biometric Data Injection Attack use case on main biometric system hardware for enrolment and verification,
-   Injection Attack Instruments on systems using one or several biometric modalities.
This document provides guidance on:
-   System for the detection of Injection Attack Instruments (defined in 3.12),
-   Appropriate mitigation risk of Injection Attack Instruments,
-   Creation of test plan for the evaluation of Injection Attack Detection system (defined in 3.9).
If presentation attacks testing is out of scope of this document, note that these two characteristics are in the scope of this document:
-   Presentation Attack Detection systems which can be used as injection attack instrument defence mechanism and/or injection attack method defence mechanism. Yet, no presentation attack testing will be performed by the laboratory to be compliant with this document (out of scope).
-   Bona Fide Presentation testing in order to test the ability of the Target Of Evaluation to correctly classify legitimate users.
The following aspects are out of scope:
-   Presentation Attack testing (as they are covered in ISO/IEC 30107 standards),
-   Biometric attacks which are not classified as Type 2 attacks (see Figure 1),
-   Evaluation of implementation of cryptographic mechanisms like secure elements,
-   Injection Attack Instruments rejected due to quality issues.

  • Technical specification
    37 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 18108:2024(Main)
Personal identification - Usage of biometrics in breeder documents
SIST-TP CEN/TR 18108:2025

This document provides guidance on usage of biometrics in breeder documents, in particular regarding
-   encoding of biometric reference data;
-   data quality maintenance for biometric reference data;
-   data authenticity maintenance for biometric reference data; and
-   privacy preservation of biometric reference data.
This document addresses advantages and disadvantages of biometric modes, in particular regarding
-   verification performance;
-   privacy impact;
-   feasibility of biometric acquisition considering the age of the capture subjects;
-   limits of validity and need for updating biometric reference data.
The following aspects are out of scope:
-   format and structure of breeder documents;
-   general security aspects, which are covered in CEN/TS 17489-1 [1].

  • Technical report
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 18030:2023(Main)
Personal identification - Biometrics - Overview of biometric verification systems implemented across Europe
SIST-TP CEN/TR 18030:2024

This Technical Report provides an overview of the current deployment of biometric systems within Europe. It addresses the challenges that are being faced, in order to detect the current needs for improving the specifications for the implementation and deployment of biometric systems. This Technical Report considers all kind of deployments, from border control to ad-hoc services. As most of the deployed systems are based on the use of fingerprints or face recognition, this Technical Report will focus on these two biometric modalities, from the system integrator and interoperability points of view.
Identity documents, in terms of production, structure, interoperability, etc., are out of the scope of this TR. The TR is focused on the performance at system level.
The current European legislative initiatives around this topic (e.g., Entry/Exit System, framework for interoperability between EU information systems, etc.) need a robust framework study about the availability of standard technologies to improve interoperability in biometric products around the European Union.
By showing these needs, a set of recommendations for future standardization works is provided.
From a methodological perspective, the report gathers information of different entities with this classification:
- Capture/enrolment of biometrics including the quality assurance and the generation of feature or biometric models from the images.
- Best practices and guidelines to use biometrics in Europe.
- Data Quality environment using biometrics in European networks.

  • Technical report
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 17982:2023(Main)
European Digital Identity Wallets standards Gap Analysis
SIST-TP CEN/TR 17982:2024

This document identifies relevant existing standards and standards work in progress around European Digital Identity Wallets. It also identifies missing work items and overlaps in standards and is supposed to work as a roadmap for future standardization projects in the area.

  • Technical report
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO/IEC 2382-37:2023(Main)
Information technology - Vocabulary - Part 37: Biometrics (ISO/IEC 2382-37:2022)
SIST EN ISO/IEC 2382-37:2024

This document establishes a systematic description of the concepts in the field of biometrics pertaining to recognition of human beings. This document also reconciles variant terms in use in pre-existing International Standards on biometrics against the preferred terms, thereby clarifying the use of terms in this field.
This document does not cover concepts (represented by terms) from information technology, pattern recognition, biology, mathematics, etc. Biometrics uses such fields of knowledge as a basis.
In principle, mode-specific terms are outside of scope of this document.

  • Standard
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17661:2021(Main)
Personal identification – European enrolment guide for biometric ID documents (EEG)
SIST-TS CEN/TS 17661:2022

This document consolidates information relating to successful and high quality biometric enrolment processes of facial and fingerprint systems, while indicating risk factors and providing appropriate mitigations. This information supports decisions regarding procurement, design, deployment and operation of these biometric systems.
This document provides guidance on:
—   capturing of facial images to be used as reference images in identity and secure documents;
—   capturing of fingerprint images to be used as reference images in identity and secure documents;
—   data quality maintenance for biometric reference data;
—   data authenticity maintenance for biometric reference data.
The document addresses the following aspects which are specific for biometric reference data capturing:
—   biometric data quality and interoperability ensurance;
—   data authenticity ensurance;
—   morphing and other presentation attack detection as well as other unauthorized changes;
—   accessibility and usability;
—   privacy and data protection;
—   optimal enrolment design.
The following aspects are out of scope:
—   IT security;
—   data capturing for verification purposes, e.g. in ABC gates;
—   capturing biometric data for enrolment in other systems different from data enrolment for integration in secure MRTD, like entry/exit systems.
This document consolidates the role of the enrolment process in a biometric system and differentiates the enrolment from the authentication, while mentioning key factors of the enrolment process that are feature independent.
Interests of the existing stakeholders are broken down and provide an insight on different views of the enrolment. In addition, organisational enrolment approaches are covered.
This document is not concerned with IT requirements or the capturing of biometric data for inspection, identification or verification purposes without the required step of creating an identity document using the captured data.

  • Technical specification
    73 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17631:2021(Main)
Personal identification - Biometric group access control
SIST-TS CEN/TS 17631:2021

This document provides guidance on providing access:
— to areas with physical access control, e.g. entertainment facilities, train stations, shops, libraries, banks, or border control,
— for small groups of persons, e.g. families with small children or seniors, or other accompanied persons in need of support,
— by means of biometric authentication technologies, e.g. facial, fingerprint, or vein recognition,
— in the European regulatory context.
The document addresses the following aspects, which are specific for biometric and group access:
— accessibility and usability,
— user guidance including group guidance and interaction control,
— privacy including data set content,
— presentation attack detection,
— applicable biometric technologies,
— storage of reference data,
— biometric process integration,
— specific needs considering biometrics for groups,
— biometric performance and error rates, and
— group internal linkage.
The following aspects which reflect on generic access control issues are out of scope:
— IT security,
— application specific physical security,
— policy definition,
— processes not related to biometric authentication, and
— specific performance requirements of identification (1:N) and verification (1:1) applications.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day