iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC TS 22604

(Main)

Information technology — Biometric recognition of subjects in motion in access-related systems

Information technology — Biometric recognition of subjects in motion in access-related systems

This document establishes requirements for development of biometric solutions for verification and identification processes for secure access without physical contact with any device at any time. The solution acquires the biometric characteristics that are captured while the data subjects are in motion to verify or identify the individuals requiring access, and thus controlling access using contactless biometrics.

Technologies de l'information — Reconnaissance biométrique de sujets en mouvement dans les systèmes d'accès

General Information

Status
Not Published
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ISO/IEC JTC 1/SC 37 - Biometrics
Drafting Committee
ISO/IEC JTC 1/SC 37/WG 4 - Technical Implementation of Biometric Systems
Current Stage
6000 - International Standard under publication
Completion Date
12-Apr-2023
Ref Project

Buy Standard

ISO/IEC PRF TS 22604 - Information technology — Biometric recognition of subjects in motion in access-related systems Released:15. 03. 2023ISO/IEC PRF TS 22604 - Information technology — Biometric recognition of subjects in motion in access-related systems Released:15. 03. 2023
PreviousNext
Draft
ISO/IEC PRF TS 22604 - Information technology — Biometric recognition of subjects in motion in access-related systems Released:15. 03. 2023
English language
16 pages
sale 15% off
Preview
sale 15% off
Preview
REDLINE ISO/IEC PRF TS 22604 - Information technology — Biometric recognition of subjects in motion in access-related systems Released:15. 03. 2023REDLINE ISO/IEC PRF TS 22604 - Information technology — Biometric recognition of subjects in motion in access-related systems Released:15. 03. 2023
PreviousNext
Draft
REDLINE ISO/IEC PRF TS 22604 - Information technology — Biometric recognition of subjects in motion in access-related systems Released:15. 03. 2023
English language
16 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/IEC TS
SPECIFICATION 22604
First edition
Information technology — Biometric
recognition of subjects in motion in
access-related systems
Technologies de l'information — Reconnaissance biométrique de
sujets en mouvement dans les systèmes d'accès
PROOF/ÉPREUVE
Reference number
ISO/IEC TS 22604:2023(E)
© ISO/IEC 2023
---------------------- Page: 1 ----------------------
ISO/IEC TS 22604:2023(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2023

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on

the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below

or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
PROOF/ÉPREUVE © ISO/IEC 2023 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC TS 22604:2023(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................iv

Introduction .................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ..................................................................................................................................................................................... 1

3 Terms and definitions .................................................................................................................................................................................... 1

4 Biometric recognition in motion ........................................................................................................................................................2

4.1 General ........................................................................................................................................................................................................... 2

4.1.1 Purpose and constraints of in-motion biometric system .............................................................. 2

4.1.2 Biometric performance and error rate ........................................................................................................... 3

4.1.3 Quality/speed compromise ....................................................................................................................................... 3

4.2 Biometric verification vs. biometric identification ................................................................................................ 4

4.2.1 Implementing an in-motion verification system ................................................................................... 4

4.2.2 Implementing an in-motion identification system ............................................................................... 5

4.3 Process flow in access-related systems ........................................................................................................................... 5

4.4 Applicable biometric modalities ............................................................................................................................................. 5

4.4.1 General ........................................................................................................................................................................................ 5

4.4.2 Face modality ........................................................................................................................................................................ 5

4.4.3 Iris modality ........................................................................................................................................................................... 6

4.4.4 Fingerprint modality ...................................................................................................................................................... 6

4.4.5 Palm modality ....................................................................................................................................................................... 6

4.4.6 Complementary modalities ....................................................................................................................................... 6

4.5 Enrolment and its quality ............................................................................................................................................................. 6

4.6 Ergonomics ................................................................................................................................................................................................ 7

4.6.1 Capture device physical placement ................................................................................................................... 7

4.6.2 Catch attention ..................................................................................................................................................................... 7

4.6.3 Feedback signal ................................................................................................................................................................... 7

4.7 Biometric information storage ................................................................................................................................................. 7

5 Accessibility, usability and guidance .............................................................................................................................................8

5.1 General ........................................................................................................................................................................................................... 8

5.2 Accessibility .............................................................................................................................................................................................. 8

5.3 Usability ........................................................................................................................................................................................................ 9

5.4 Acceptable delay for a user for fluid passage .............................................................................................................. 9

5.5 Guidance ....................................................................................................................................................................................................... 9

6 Privacy and security considerations ...........................................................................................................................................10

6.1 Data protection ................................................................................................................................................................................... 10

6.2 Consent ....................................................................................................................................................................................................... 10

6.3 Presentation attack detection ............................................................................................................................................... 10

6.4 Security considerations ............................................................................................................................................................... 11

7 Examples of deployment ...........................................................................................................................................................................11

7.1 General ........................................................................................................................................................................................................ 11

7.2 Use cases ................................................................................................................................................................................................... 11

7.2.1 Example of system with fingerprint .............................................................................................................. 11

7.2.2 Example of system with multimodal biometrics ................................................................................12

Bibliography .............................................................................................................................................................................................................................16

iii
© ISO/IEC 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 3 ----------------------
ISO/IEC TS 22604:2023(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance

are described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria

needed for the different types of ISO document should be noted. This document was drafted in

accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives) or

www.iec.ch/members_experts/refdocs).

ISO draws attention to the possibility that the implementation of this document may involve the use

of (a) patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed

patent rights in respect thereof. As of the date of publication of this document, ISO had not received

notice of (a) patent(s) which may be required to implement this document. However, implementers

are cautioned that this may not represent the latest information, which may be obtained from the

patent database available at www.iso.org/patents or the IEC list of patent declarations received (see

patents.iec.ch). ISO shall not be held responsible for identifying any or all such patent rights.

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to

the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see

www.iso.org/iso/foreword.html. In the IEC, see www.iec.ch/understanding-standards.

This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,

Subcommittee SC 37, Biometrics.

Any feedback or questions on this document should be directed to the user’s national standards

body. A complete listing of these bodies can be found at www.iso.org/members.html and

www.iec.ch/national-committees.
PROOF/ÉPREUVE © ISO/IEC 2023 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC TS 22604:2023(E)
Introduction

The purpose of this document is to provide guidance on the use of in-motion biometric recognition

technologies in access-related systems, where the previous enrolment and management of the identity

of individuals needing access is required.

To satisfy increasing security demands, biometric recognition technologies are used in access-related

systems to provide a more robust approach to identity authentication, and to mitigate security risks.

However, this can come at a cost of increased processing times and lead to delays in user identification

or verification.

Biometric identification and verification should be comprehensive and flexible for effective use in an

access-related environment. Solutions should reduce user burden, be easy to manage, cost effective,

maintain the security requirements, and provide permission-based access and global interoperability as

necessary. Biometric systems should effectively allow authorized users’ access, incorporate mechanical

and behavioural mechanisms to refer unenrolled persons to human personnel and alert facilities to

unauthorized users attempting to gain access. Systems should also provide a seamless, accurate and

non-invasive user experience.

Considerable improvements in the performance of in-motion biometric recognition, have resulted in

applications that enable automated, convenient and non-intrusive face, iris or fingerprint recognition

across a range of scenarios including border control, passenger flow facilitation, access control and

work place time and attendance. This provides a positive and non-intrusive user experience, as the user

does not need to carry anything or stop and stand still to be recognized and does not need to touch

anything.

There are several considerations that are unique to in-motion biometric solutions for design of

contactless biometric recognition systems. Design considerations include:
— Selection and placement of biometric data capturing devices (e.g. cameras).

— Control of the flow of individuals requiring access to ensure that only those that are authorized gain

access.

— Proximity of capture devices to individuals seeking access for the contactless in-motion capture of

the needed information. The proximity of the biometric capture devices can depend on the employed

biometric modalities.
— Management of exceptions.

— Mutual placement of capture devices and equipment dedicated to physical access-control (e.g. door,

barrier, turnstile).

A number of use cases involving in-motion biometrics address different scenarios including:

— where access is on the basis of the prior enrolment of all individuals well in advance of interacting

with the biometric system (identification);

— where access is on the basis of credentials presented just prior to interacting with the biometric

system (verification) (e.g. wireless technology, RFID token or a vehicle number plate or any other

token available without any interruption to the person's flow of movement).

These scenarios present different challenges to in-motion verification and identification processes.

Critical to the success of biometrics-based secure access is implementation of state-of-the-art data

[1]

protection technology and procedures (see ISO/IEC 20889 on privacy enhancing data de-identification

[3]

techniques, according to the privacy principles established in ISO/IEC 29100, taking into account

legal, common practice, business, industry and privacy considerations).

An important factor in in-motion biometric recognition is its ability to sense/detect presentation

[5]
attacks per ISO/IEC 30107-3.
© ISO/IEC 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 5 ----------------------
TECHNICAL SPECIFICATION ISO/IEC TS 22604:2023(E)
Information technology — Biometric recognition of
subjects in motion in access-related systems
1 Scope

This document establishes requirements for development of biometric solutions for verification and

identification processes for secure access without physical contact with any device at any time. The

solution acquires the biometric characteristics that are captured while the data subjects are in motion

to verify or identify the individuals requiring access, and thus controlling access using contactless

biometrics.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO/IEC 2382-37, Information technology — Vocabulary — Part 37: Biometrics

ISO/IEC 19795-1, Information technology — Biometric performance testing and reporting — Part 1:

Principles and framework
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO/IEC 2382-37, ISO/IEC 19795-1

and the following apply.

ISO and IEC maintain terminology databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
in-motion identification

identification for which a person in motion can be identified without physical contact with any device

at any time
3.2
non in-motion identification
identification for which a person needs to stop to be identified
3.3
in-motion verification

verification for which a person in motion can be verified without physical contact with any device at

any time
3.4
recognition area

area where biometric characteristics are captured and biometric recognition can be performed

3.5
attraction point

distraction in the field of view of the people in the recognition area that pulls the attention of the people

making them look in a specific direction
© ISO/IEC 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 6 ----------------------
ISO/IEC TS 22604:2023(E)
3.6
access point

location, typically with a physical barrier, where users are identified and pass through to enter an

access-controlled area
3.7
feedback signal

signal for the identified user providing him or her information on the status of his or her access

authorization
3.8
authorized user list
list containing the information and biometrics for identifying authorized users
3.9
unauthorized user list

list containing the information and biometrics for identifying unauthorized users

3.10
alert list

list containing the information and biometrics for identifying unauthorized users for which an alert

needs to be raised in case of identification
4 Biometric recognition in motion
4.1 General
4.1.1 Purpose and constraints of in-motion biometric system

In-motion access-related systems allow users to be identified without stopping and without any physical

contact with any device. The targeted optimal solution should be handled to grant access to an area

using biometrics without asking the users to perform any specific action and without any additional

constraint on them compared to a crossing without biometric identification. However, the live biometric

data needed to identify the users should be as good as possible to avoid a false rejection, and this tends

to add constraints on the users (e.g. look in a specific direction, perform a specific action like removing

their glasses). At the end, it is all about the user experience; additional constraints on how to behave

while crossing the access control point are bad for the user experience. One of these constraints is to

be obliged to stop, and in-motion systems try to remove it. But a false rejection of an authorized user is

also a very bad experience for them and should be avoided in any case. Therefore, there is a trade-off to

find between a complete freedom of movement and behaviour and the constraints added to the user to

get captured with good quality images. One positive aspect is that, in the authorized user list use case,

the biometric capture subject wants to get access to the secured area protected by the biometric check

and can be expected to be more or less cooperative. In this case, there is definitely a way to provide a

good user experience with an in-motion system with low FTA and low FRR.

A biometric system can be considered in-motion when subjects do not stop/pause for the biometric

capture process. They can slow down and perform few actions (without any physical contact with a

sensor). It is not required that all authorized users cross the access control point without stopping but

most of them should be able to. The operator should decide the trade-off between convenience and

security depending on the application.

Systems for secure and effective recognition of individual people are essential for the management of

many types of facilities, including office buildings, residential facilities, private clubs, campuses and

other locations that include sensitive and/or private assets. They are also needed to secure borders.

There are three cases used to recognize users for access-related applications:
— biometric verification of a provided credential;
PROOF/ÉPREUVE © ISO/IEC 2023 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC TS 22604:2023(E)
— biometric identification against a database of pre-enrolled people;

— multi-factor authentication using biometrics for identification and for verification and a token as a

secondary means of authentication.
From the viewpoint of user actions, there are:

— non in-motion identification or verification – the user is required to stop in the recognition area to

be properly identified or verified;

— in-motion identification or verification - as the user is approaching an access point from a distance,

he or she is identified or verified without any stop or physical contact with any device.

4.1.2 Biometric performance and error rate

The challenge for in-motion access-related systems is to limit the increase of false rejection due to

the lower quality of the images captured in motion compared to non in-motion systems. This can be

achieved by different means like using more robust detection and matching algorithms, dedicating the

hardware to in-motion capture, ensuring the quality of the enrolment data, putting constraints on the

environment, improving the user interface and overall ergonomics or even limiting the database size.

Like for all biometric systems, biometric accuracy of in-motion system needs to be expressed in

terms of failure to acquire rate (FTAR), a false acceptance metric (FMR for verification system, FPIR

for identification) and a false rejection metric (FNMR in verification, FNIR in identification). The

specificities of in-motion biometric systems actually concern the FTAR and the FNMR/FNIR, but should

have no impact on the security level, meaning the FMR/FPIR.
The technical levers include:

— more robust detection (improve FTAR) and biometric comparison algorithms (improve FNMR/

FNIR);

— dedicating the hardware to in-motion capture (improve on FTAR and FNMR/FNIR, see 4.1.3);

EXAMPLE The system uses camera with smaller shutter speed or higher frame per second rate. The

camera is motorized to focus on a refined region of interest.
— ensuring the quality of the enrolment data (improve on FNMR/FNIR, see 4.5);

— putting constraints on the environment as lighting (improve on FTAR and FNMR/FNIR);

EXAMPLE With a shutter speed optimized for in-motion capture, a too dark acquisition environment

results in weak signal.
— optimizing the database size (improve FNIR);

EXAMPLE Dataset is carefully maintained in order to only have the relevant and current users

registered for a specific access control point.

— improving the user interface and overall ergonomics (improve FTAR, see Clause 5);

— improving mutual placement of capture device and equipment dedicated to physical access control

(e.g. door, barrier, turnstile) (improve FTAR, see 4.6.1).
4.1.3 Quality/speed compromise

For many biometric modalities, the quality of a sample captured in motion is lower than that of a sample

captured without motion. This assumption is valid for several reasons:

— For photographic reasons, images taken in motion can be darker, less contrasted, with lower

resolution, and noisier than the static images. For instance, for in-motion biometric capture, it is

interesting to have a large depth of field (get a focused image in a wide depth range in order to

maximize the number of images that can be used for biometric feature extraction) and then decrease

© ISO/IEC 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 8 ----------------------
ISO/IEC TS 22604:2023(E)

the aperture. In the same time, motion blur should be avoided, and a small shutter value should be

used.

EXAMPLE 1 When the acquisition is performed in motion for face recognition modality, good practice to

prevent motion blur is to use a shutter speed from 1/125 s to 1/50 s for a normal walking rate of around 1 m/s to

1,5 m/s. These two settings decrease the amount of light coming on the photographic sensor and then produce

darker and less contrasted images. A way to get brighter images is to illuminate the scene more strongly but there

are limitations on user acceptance and experience. Another way is to use higher ISO values, but this will bring

electronic noise on the captured image. As the images can be captured from a longer distance than in static mode

where the user is standing in front of the biometric capture device, resolution can also be smaller, decreasing the

global quality of the biometric data.

EXAMPLE 2 For face recognition modality, good practice regarding resolution is 10 pixels per centimetre on

the face.

— Time to acquire a valid image is much smaller in motion than statically. When the user stops and

looks at the device, or places their finger on a sensor, there is time to choose images of sufficient

quality while the user doesn’t move. In opposite, in the in-motion biometric capture, the user is

moving during the acquisition and the biometric decision should be taken at the latest when the

biometric capture subject reaches the access point.

— Considering that the system should be as seamless as possible, the available images that are valid

for a biometric comparison are much fewer because the user has very limited interaction with the

biometric capture device. Even in a cooperative case, the main purpose of an in-motion system is to

have as low impact as possible on the user normal behaviour, thus leading to few exploitable images.

The challenge for in-motion access-related systems is then to limit the increase of false rejection rate,

due to the lower quality of the images captured in motion:

— more robust algorithm able to deal with various acquisition environments and behaviours from

data capture subject;
— capture device hardware improvement;
— constraints on the capturing environment;
— ergonomics/user interface;
— limitation of the database size.
4.2 Biometric verification vs. biometric identification
4.2.1 Implementing an in-motion verification system

When implementing biometric verification, the way to provide the biometric reference shall be specified.

The individual can provide directly the reference biometric data to the system (for instance, presenting

a smartcard or other token where the biometric reference is stored or scanning a 2D barcode containing

a biometric template), or use credentials allowing the access to the reference biometric data stored in

a database (using a contactless card or a PIN code). These examples show interactions of the user with

a reading device, which is not compatible with a fully contactless and in-motion access control system.

However other solutions can be implemented to keep a seamless use of an in-motion access control

system in verification mode.

The idea is to design an access control system which is able to retrieve biometric reference data from

the user without any action from the user approaching the system. Such a system should be able to

sense the user when he/she is in a predefined area around, and to retrieve the necessary reference

data for future use. This can be achieved by a wireless connection between the system and a token

possessed by the user, which can be any connected device.
EXAMPLE The token is a smartphone.
PROOF/ÉPREUVE © ISO/IEC 2023 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/IEC TS 22604:2023(E)

When the user approaches the system, the token is detected and starts communicating with the

system, exchanging the necessary data even before the live user biometrics is captured. When closer to

the access control point, the live user biometrics is captured, and compared against the reference data

(biometric verification). If access is granted, the user can go through without stopping and touching

anything.

If multiple tokens can be present and detected at the same time with ambiguity about which one belongs

to the individual trying to gain access, some mechanisms need to be implemented.

The live biometrics should be matched against the closest one, but can also be matched against the

reference data of all detected present users, giving access if one of them is considered as genuine. The

sensing area should be small enough to avoid that too many users are considered as possible candidates,

...

ISO/IEC PRF TS 22604
ISO/IEC JTC1 JTC 1/SC 37/WG 4
Secretariat: XXXX ANSI
Date: 2023-03-15
Information technology — Biometric recognition of subjects in
motion in access-related systems

Technologies de l'information — Reconnaissance biométrique de sujets en mouvement dans les systèmes

d'accès
FDIS stage
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 1 ----------------------
ISO/IEC PRF TS 22604:(E)
© ISO 2017/IEC 2023

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this

publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical,

including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can

be requested from either ISO at the address below or ISO'sISO’s member body in the country of the requester.

ISO copyright office
Case postale 56 • CP 401 • Ch. de Blandonnet 8
CH-12111214 Vernier, Geneva 20
Tel. Phone: + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail : copyright@iso.org
Web www.iso.org
Website: www.iso.org
Published in Switzerland.
ii © ISO/IEC 2023 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC PRF TS 22604:(E)
Contents

Foreword ............................................................................................................................................................................................ vi

Introduction .................................................................................................................................................................................... viii

1 Scope ....................................................................................................................................................................................... 1

2 Normative references ....................................................................................................................................................... 1

3 Terms and definitions ...................................................................................................................................................... 1

4 Biometric recognition in motion ................................................................................................................................. 2

4.1 General ................................................................................................................................................................................... 2

4.1.1 Purpose and constraints of in-motion biometric system ............................................................................. 2

4.1.2 Biometric performance and error rate ................................................................................................................ 3

4.1.3 Quality/speed compromise ...................................................................................................................................... 4

4.2 Biometric verification vs. biometric identification .............................................................................................. 5

4.2.1 Implementing an in-motion verification system .............................................................................................. 5

4.2.2 Implementing an in-motion identification system .......................................................................................... 5

4.3 Process flow in access-related systems .................................................................................................................... 5

4.4 Applicable biometric modalities .................................................................................................................................. 6

4.4.1 General ............................................................................................................................................................................... 6

4.4.2 Face modality .................................................................................................................................................................. 6

4.4.3 Iris modality .................................................................................................................................................................... 6

4.4.4 Fingerprint modality.................................................................................................................................................... 6

4.4.5 Palm modality ................................................................................................................................................................. 6

4.4.6 Complementary modalities ....................................................................................................................................... 6

4.5 Enrolment and its quality ............................................................................................................................................... 6

4.6 Ergonomics ........................................................................................................................................................................... 7

4.6.1 Capture device physical placement ....................................................................................................................... 7

4.6.2 Catch attention ............................................................................................................................................................... 7

4.6.3 Feedback signal .............................................................................................................................................................. 7

4.7 Biometric information storage ..................................................................................................................................... 7

5 Accessibility, usability and guidance ......................................................................................................................... 8

5.1 General ................................................................................................................................................................................... 8

5.2 Accessibility .......................................................................................................................................................................... 8

5.3 Usability ................................................................................................................................................................................. 9

5.4 Acceptable delay for a user for fluid passage ......................................................................................................... 9

5.5 Guidance ................................................................................................................................................................................ 9

6 Privacy and security considerations ....................................................................................................................... 10

6.1 Data protection ................................................................................................................................................................ 10

6.2 Consent ................................................................................................................................................................................ 10

6.3 Presentation attack detection .................................................................................................................................... 10

6.4 Security considerations ................................................................................................................................................ 11

© ISO/IEC 2023 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC PRF TS 22604:(E)

7 Examples of deployment .............................................................................................................................................. 11

7.1 General ................................................................................................................................................................................ 11

7.2 Use cases ............................................................................................................................................................................. 11

7.2.1 Example of system with fingerprint ................................................................................................................... 11

7.2.2 Example of system with multimodal biometrics........................................................................................... 12

Bibliography .................................................................................................................................................................................... 17

Foreword ............................................................................................................................................................................................. 4

Introduction ........................................................................................................................................................................................ 5

1 Scope ............................................................................................................................................................................................ 7

2 Normative references ........................................................................................................................................................... 7

3 Terms and definitions ........................................................................................................................................................... 7

4 Biometric recognition in-motion ...................................................................................................................................... 8

4.1 General ............................................................................................................................................................................... 8

4.1.1 Purpose and constraints of in-motion biometric system .................................................................... 8

4.1.2 Biometric Performance and error rate ....................................................................................................... 9

4.1.3 Quality/Speed compromise ............................................................................................................................ 9

4.2 Biometric verification vs. biometric identification ...................................................................................... 10

4.2.1 Implementing an in-motion verification system ................................................................................. 10

4.2.2 Implementing an in-motion identification system ............................................................................. 11

4.3 Process Flow in access-related systems ........................................................................................................... 11

4.4 Applicable biometric technologies ...................................................................................................................... 11

4.4.1 Face Modality ..................................................................................................................................................... 11

4.4.2 Iris Modality ........................................................................................................................................................ 11

4.4.3 Fingerprint Modality ....................................................................................................................................... 12

4.4.4 Palm Modality .................................................................................................................................................... 12

4.4.5 Complementary modalities .......................................................................................................................... 12

4.5 Enrolment and its quality ....................................................................................................................................... 12

4.6 Ergonomics ................................................................................................................................................................... 12

4.6.1 Capture device physical placement ........................................................................................................... 12

4.6.2 Catch Attention .................................................................................................................................................. 13

4.6.3 Feedback signal ................................................................................................................................................. 13

4.7 Biometric information storage ............................................................................................................................. 13

5 Accessibility, usability and guidance ........................................................................................................................... 14

5.1 General ............................................................................................................................................................................ 14

5.2 Accessibility .................................................................................................................................................................. 14

5.3 Usability ......................................................................................................................................................................... 14

5.4 Acceptable Delay for a user for fluid passage ................................................................................................. 15

5.5 Guidance ........................................................................................................................................................................ 15

iv © ISO/IEC 2023 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC PRF TS 22604:(E)

6 Privacy and security considerations ............................................................................................................................ 15

6.1 Data Protection ........................................................................................................................................................... 15

6.2 Presentation attack detection ............................................................................................................................... 16

6.3 Security Considerations........................................................................................................................................... 16

6.4 Consent ........................................................................................................................................................................... 16

7 Examples of deployment .................................................................................................................................................. 16

7.1 General ............................................................................................................................................................................ 16

7.2 Use Cases ....................................................................................................................................................................... 17

7.2.1 Example of system with fingerprint ......................................................................................................... 17

7.2.2 Example of system with multimodal biometrics ................................................................................. 17

8 Bibliography ........................................................................................................................................................................... 21

© ISO/IEC 2023 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/IEC PRF TS 22604:(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for is a worldwide standardization. Nationalfederation of

national standards bodies that are members of (ISO or IEC participate in the developmentmember

bodies). The work of preparing International Standards is normally carried out through ISO technical

committees established by the respective organization to deal with particular fields of technical activity.

ISO and IEC technical committees collaborate in fields of mutual interest. Other international . Each

member body interested in a subject for which a technical committee has been established has the right

to be represented on that committee. International organizations, governmental and non-governmental,

in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC

have established a joint technical committee, ISO/IEC JTC 1.collaborates closely with the International

Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO document should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). www.iso.org/directives)

or www.iec.ch/members_experts/refdocs).

Attention is drawnISO draws attention to the possibility that some of the elementsimplementation of this

document may beinvolve the subjectuse of (a) patent(s). ISO takes no position concerning the evidence,

validity or applicability of any claimed patent rights. ISO and IEC in respect thereof. As of the date of

publication of this document, ISO had not received notice of (a) patent(s) which may be required to

implement this document. However, implementers are cautioned that this may not represent the latest

information, which may be obtained from the patent database available at www.iso.org/patents or the

IEC list of patent declarations received (see patents.iec.ch). ISO shall not be held responsible for

identifying any or all such patent rights. Details of any patent rights identified during the development

of the document will be in the Introduction and/or on the ISO list of patent declarations received (see

www.iso.org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation onof the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the World

Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following URL

www.iso.org/iso/foreword.html), see www.iso.org/iso/foreword.html. In the IEC, see

www.iec.ch/understanding-standards.

The committee responsible for thisThis document iswas prepared by Joint Technical Committee ISO/IEC

JTC 1, Information technology, Subcommittee SC 37, Biometrics .
vi © ISO/IEC 2023 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/IEC PRF TS 22604:(E)

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www.iso.org/members.html and www.iec.ch/national-

committees.
© ISO/IEC 2023 – All rights reserved vii
---------------------- Page: 7 ----------------------
ISO/IEC PRF TS 22604:(E)
Introduction

The purpose of this document is to provide guidance on the use of in-motion biometric recognition

technologies in access-related systems, where the previous enrolment and management of the identity

of individuals needing access is required.

To satisfy increasing security demands, biometric recognition technologies are used in access-related

systems to provide a more robust approach to identity authentication, and to mitigate security risks.

However, this can come at a cost of increased processing times and lead to delays in user identification

or verification.

Biometric identification and verification should be comprehensive and flexible for effective use in an

access-related environment. Solutions should reduce user burden, be easy to manage, cost effective,

maintain the security requirements, and provide permission-based access and global interoperability as

necessary. Biometric systems should effectively allow authorized users’ access, incorporate mechanical

and behavioural mechanisms to refer unenrolled persons to human personnel and alert facilities to

unauthorized users attempting to gain access. Systems should also provide a seamless, accurate and non-

invasive user experience.

Considerable improvements in the performance of in-motion biometric recognition, have resulted in

applications that enable automated, convenient and non-intrusive face, iris or fingerprint recognition

across a range of scenarios including border control, passenger flow facilitation, access control and work

place time and attendance. This provides a positive and non-intrusive user experience, as the user does

not need to carry anything or stop and stand still to be recognized and does not need to touch anything.

There are several considerations that are unique to in-motion biometric solutions for design of

contactless biometric recognition systems. Design considerations include:

— selectionSelection and placement of biometric data capturing devices (e.g. cameras);).

— controlControl of the flow of individuals requiring access to ensure that only those that are authorized

gain access;.

— proximityProximity of capture devices to individuals seeking access for the contactless in-motion

capture of the needed information. The proximity of the biometric capture devices can depend on the

employed biometric modalities; .
— managementManagement of exceptions;.

— mutualMutual placement of capture devices and equipment dedicated to physical access-control (e.g.

door, barrier, turnstile, …).).

A number of use cases involving in-motion biometrics address different scenarios including:

— where access is on the basis of the prior enrolment of all individuals well in advance of interacting

with the biometric system (identification);

— where access is on the basis of credentials presented just prior to interacting with the biometric

system (verification) (e.g. Bluetooth/Wi-Fi/wireless technology, RFID token or a vehicle number

plate or any other token available without any interruption to the person's flow of movement).

These scenarios present different challenges to in-motion verification and identification processes.

Critical to the success of biometrics-based secure access is implementation of state-of-the-art data

[1]

protection technology and procedures (see too ISO/IEC 20889 [1] on Privacyprivacy enhancing data

de-identification techniques, in accordance withaccording to the privacy principles established in

[3]

ISO/IEC 29100 [3],, taking into account legal, common practice, business, industry and privacy

considerations).
viii © ISO/IEC 2023 – All rights reserved
---------------------- Page: 8 ----------------------
ISO/IEC PRF TS 22604:(E)

An important factor in in-motion biometric recognition is its ability to sense/detect presentation attacks

[5]
per ISO/IEC 30107-3 [5] (Testing and reporting). .
© ISO/IEC 2023 – All rights reserved ix
---------------------- Page: 9 ----------------------
ISO/IEC PRF TS 22604:202#(X:(E)
Information Technologytechnology — Biometric recognition of
subjects in motion in access-related systems
1 Scope

This document establishes requirements for development of biometric solutions for verification and

identification processes for secure access without physical contact with any device at any time. The

solution acquires the biometric characteristics that are captured while the data subjects are in motion to

verify or identify the individuals requiring access, and thus controlling access using contactless

biometrics.
2 Normative references

The following documents, are referred to in wholethe text in such a way that some or in part, are

normatively referenced inall of their content constitutes requirements of this document and are

indispensable for its application. For dated references, only the edition cited applies. For undated

references, the latest edition of the referenced document (including any amendments) applies.

ISO/IEC 2382-37, Information Technology –technology — Vocabulary –— Part 37: Biometrics

ISO/IEC 19795-1, Information technology — Biometric performance testing and reporting — Part 1:

Principles and framework
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO/IEC 2382-37, ISO/IEC 19795-

1 and the following apply.

ISO and IEC maintain terminologicalterminology databases for use in standardization at the following

addresses:
– IEC Electropedia: available at http://www.electropedia.org/

— ISO Online browsing platform: available at http://www.iso.org/obphttps://www.iso.org/obp

— IEC Electropedia: available at https://www.electropedia.org/
3.1
in-motion identification

identification for which a person in motion can be identified without physical contact with any device at

any time
3.2
non in-motion identification
identification for which a person needs to stop to be identified
3.3
in-motion verification

verification for which a person in motion can be verified without physical contact with any device at any

time
3.4
recognition area

area where biometric characteristics are captured and biometric recognition can be performed

© ISO #### /IEC 2023 – All rights reserved 1
---------------------- Page: 10 ----------------------
ISO/IEC PRF TS 22604:202#(X:(E)
3.5
attraction point

distraction in the field of view of the people in the recognition area that pulls the attention of the people

making them look in a specific direction
3.6
access point

location, typically with a physical barrier, where users are identified and pass through to enter an access-

controlled area
3.7
feedback signal

signal for the identified user providing him or her information on the status of his or her access

authorization
3.8
authorized user list
list containing the information and biometrics for identifying authorized users
3.9
unauthorized user list

list containing the information and biometrics for identifying unauthorized users

3.10
alert list

list containing the information and biometrics for identifying unauthorized users for which an alert

needneeds to be raised in case of identification
4 Biometric recognition in motion
4.1 General
4.1.1 Purpose and constraints of in-motion biometric system

In-motion access-related systems allow users to be identified without stopping and without any physical

contact with any device. The targeted optimal solution should be handled to grant access to an area using

biometrics without asking the users to perform any specific action and without any additional constraint

on them compared to a crossing without biometric identification. However, the live biometric data

needed to identify the users should be as good as possible to avoid a false rejection, and this tends to add

constraints on the users (e.g. look in a specific direction, perform a specific action like removing their

glasses, …).). At the end, it is all about the user experience: of course,; additional constraints on how to

behave while crossing the access control point are bad for the user experience. One of these constraints

is to be obliged to stop, and in-motion systems try to remove it. But a false rejection of an authorized user

is also a very bad experience for them and should be avoided in any case. Therefore, there is a trade-off

to find between a complete freedom of movement and behaviorbehaviour and the constraints added to

the user to get captured with good quality images. The good thingOne positive aspect is that, in the

authorized user list use case, the biometric capture subject wants to get access to the secured area

protected by the biometric check and can be expected to be more or less cooperative. In this case, there

is definitely a way to provide a good user experience with an in-motion system with low FTA and low

FRR.

A biometric system can be considered in-motion when subjects do not stop/pause for the biometric

capture process. They can slow down and perform few actions (without any physical contact with a

sensor). It is not required that all authorized users cross the access control point without stopping but

most of them should be able to. The operator should decide the tradeofftrade-off between convenience

and security depending on the application.
2 © ISO #### /IEC 2023 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/IE
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC TR 20322:2023(Main)
Information technology — Cross-jurisdictional and societal aspects of implementation of biometric technologies — Biometrics and elderly people

This document builds upon the information provided in ISO/IEC TR 24714-1, ISO/IEC TR 29194 and ISO/IEC 29138-1 in order to highlight in a more detailed way the medical, physical and cognitive aspects that are specific for the use of biometrics by elderly persons.

  • Technical report
    9 pages
    English language
    sale 15% off
  • Draft
    9 pages
    English language
    sale 15% off
  • Draft
    9 pages
    English language
    sale 15% off
ISO
ISO/IEC 30107-3:2023(Main)
Information technology — Biometric presentation attack detection — Part 3: Testing and reporting

This document establishes: — principles and methods for the performance assessment of presentation attack detection (PAD) mechanisms; — reporting of testing results from evaluations of PAD mechanisms; and — a classification of known attack types (Annex A). Outside the scope are: — standardization of specific PAD mechanisms; — detailed information about countermeasures (i.e. anti-spoofing techniques), algorithms or sensors; and — overall system-level security or vulnerability assessment. The attacks considered in this document take place at the biometric capture device during presentation. Any other attacks are considered outside the scope of this document.

  • Standard
    39 pages
    English language
    sale 15% off
ISO
ISO/IEC 29120-1:2022(Main)
Information technology — Machine-readable test data for biometric testing and reporting — Part 1: Test reports

This document establishes: — machine-readable records for documenting the output of a biometric test; — formats for data that ISO/IEC 19795 series tests are required to report; and — an ASN.1 syntax for test reports. This document does not: — require, prohibit, or otherwise specify the format of biometric samples or templates used in a test; — require, prohibit or otherwise specify the encapsulation of biometric samples or templates used in a test; or — regulate metrics for tests. NOTE The reportable metrics are established in ISO/IEC 19795-1.

  • Standard
    36 pages
    English language
    sale 15% off
ISO
ISO/IEC 19794-14:2022(Main)
Information technology — Biometric data interchange formats — Part 14: DNA data

This document specifies a data interchange format for the exchange of deoxyribonucleic acid (DNA) data for person identification or verification technologies that utilize human DNA. Consideration of laboratory procedures is out of scope of this document. This document provides the ability for DNA profile data to be exchanged and used for comparison (subject to privacy regulations) with DNA profile data produced by any other system that is based on a compatible DNA profiling technique and where the data format conforms to this document. This document is intended to cover current forensic DNA profiling or typing techniques that are based on short tandem repeats (STRs), including STRs on the X chromosome (X-STRs) the Y chromosome (Y-STRs), as well as mitochondrial DNA. A single DNA profile for a subject can contain data resulting from more than one of these different DNA techniques. This document enables data from multiple DNA techniques to be presented in a single DNA profile for a given subject. This document has been prepared in light of ongoing efforts to reduce human involvement in the processing (enrolment and comparison) of DNA. In anticipation of the data format requirements for automated DNA techniques, this document describes a format for both processed and raw (electrophoretic) DNA data. A normative XML schema definition (XSD) is provided in Clause A.1 for the syntax of DNA data XML documents. In Clause A.2, there is a sample DNA data XML document. This document is not intended for any other purposes than exchange of DNA for biometric verification and identification of individuals. In particular, it is not intended for the exchange of medical and other health-related information. This document also specifies elements of conformance testing methodology, test assertions and test procedures as applicable to this document. It establishes test assertions pertaining to the structure of the DNA data format (Type A Level 1 as defined in ISO/IEC 19794-1:2011/Amd. 1:2013) and test assertions pertaining to internal consistency of the values contained within each field (Type A,ind Level 2 as defined in ISO/IEC 19794-1:2011/Amd. 1:2013). This document also specifies test assertions pertaining to the content of DNA data XML documents (Level 3 as defined in ISO/IEC 19794-1:2011/Amd. 1:2013). The successful completion of Level 1 and Level 2 is a prerequisite for carrying out the tests at Level 3. The conformance testing methodology specified in this document does not establish: — tests of other characteristics of biometric products or other types of testing of biometric products (e.g. acceptance, performance, robustness, security); — tests of systems not claimed to conform to the requirements of this document.

  • Standard
    135 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 49794:2022(Main)
Information technology — Transition examples from the ISO/IEC 19794:2005 series to the ISO/IEC 39794 series for ID documents

This document provides transition examples from ISO/IEC 19794-4:2005 and ISO/IEC 19794-5:2005 formats to ISO/IEC 39794-4:2019 and ISO/IEC 39794-5:2019 formats for eMRTD application. This document also provides an implementation example for the ISO/IEC 39794-6:2021 format. This document includes: — information for eMRTD issuers and eMRTD-reader vendors; — summarized tables of data elements of ISO/IEC 19794-4:2005 and ISO/IEC 19794-5:2005 and ISO/IEC 39794-4:2019, ISO/IEC 39794-5:2019 and ISO/IEC 39794-6:2021; — correspondence tables of data elements between ISO/IEC 19794-4:2005 and ISO/IEC 19794-5:2005 and ISO/IEC 39794-4:2019 and ISO/IEC 39794-5:2019, providing: — information on whether each data element is normative or optional, and — a brief note of each data element from the viewpoint of transition; — tag, length, value (TLV) data examples of ISO/IEC 39794-4:2019, ISO/IEC 39794-5:2019 and ISO/IEC 39794-6:2021 for implementation, and, — tag lists of ISO/IEC 39794-4:2019, ISO/IEC 39794-5:2019 and ISO/IEC 39794-6:2021, and an extended example of ISO/IEC 39794-5 as informative annexes. The following are not within the scope of this document: — second and later editions of the ISO/IEC 19794 series (2011 and after), and, — ASN.1 formats and XML formats specified in the ISO/IEC 39794 series.

  • Technical report
    53 pages
    English language
    sale 15% off
  • Draft
    53 pages
    English language
    sale 15% off
ISO
ISO/IEC 19785-2:2021(Main)
Information technology — Common Biometric Exchange Formats Framework — Part 2: Biometric registration authority

This document describes the identification scheme used by the Biometric Registration Authority (BRA) in preparing, maintaining and publishing registers of identifiers for biometric organizations and biometric objects, and provides a description of BRA responsibilities and services. Procedural requirements and recommendations are not within the scope of this document and are maintained separately on the ISO/IEC JTC 1/SC 37 website.

  • Draft
    6 pages
    English language
    sale 15% off
ISO
ISO/IEC 19794-7:2021(Main)
Information technology — Biometric data interchange formats — Part 7: Signature/sign time series data

This document specifies data interchange formats for signature/sign behavioural data captured in the form of a multi-dimensional time series using devices such as digitizing tablets or advanced pen systems. The data interchange formats are generic, in that they can be applied and used in a wide range of application areas where handwritten signs or signatures are involved. No application-specific requirements or features are addressed in this document. This document contains: — a description of what data can be captured; — three binary data formats for containing the data: a full format for general use, a compression format capable of holding the same amount of information as the full format but in compressed form, and a compact format for use with smart cards and other tokens that does not require compression/ decompression but conveys less information than the full format; — an XML schema definition; and — examples of data record contents and best practices in capture. Specifying which of the format types and which options defined in this document are to be applied in a particular application is out of scope; this needs to be defined in application-specific requirements specifications or application profiles. It is advisable that cryptographic techniques be used to protect the authenticity, integrity, and confidentiality of stored and transmitted biometric data; yet such provisions are beyond the scope of this document. This document also specifies elements of conformance testing methodology, test assertions and test procedures as applicable to this document. It establishes test assertions on the structure and internal consistency of the signature/sign time series data formats defined in this document (type A level 1 and 2 as defined in ISO/IEC 19794-1) and semantic test assertions (type A level 3 as defined in ISO/IEC 19794-1). The conformance testing methodology specified in this document does not establish: — tests of other characteristics of biometric products or other types of testing of biometric products (e.g. acceptance, performance, robustness, security); or — tests of conformance of systems that do not produce data records claimed to conform to the requirements of this document.

  • Standard
    84 pages
    English language
    sale 15% off
  • Draft
    84 pages
    English language
    sale 15% off
ISO
ISO/IEC 21472:2021(Main)
Information technology — Scenario evaluation methodology for user interaction influence in biometric system performance

This document addresses: — requirements for planning, executing and reporting the influence of user interaction on biometric system performance based on scenario test methodologies, considering three kinds of factors: a) factors related to the design, position or condition of the capture device, b) factors depending on users and user attributes, c) factors depending on the interaction of users with the biometric system; — specifications for the definition, establishment and measurement of conditions needed for evaluation, including those relating to equipment; — requirements for establishing a reference evaluation condition (REC) and target evaluation condition(s) (TEC) to compare the influence of user interaction factors; — a specification of the biometric evaluation including requirements for test population, test protocols, data to record, test results; and — procedures for carrying out the overall evaluation. This document does not: — determine which parameters ought to be analysed for a specific biometric modality. This is currently covered in ISO/IEC TR 19795-3; — specify requirements for performing a vulnerability analysis modifying user interaction influence factors; — include procedures for performing usability testing.

  • Standard
    14 pages
    English language
    sale 15% off
  • Draft
    14 pages
    English language
    sale 15% off
ISO
ISO/IEC 30137-4:2021(Main)
Information technology — Use of biometrics in video surveillance systems — Part 4: Ground truth and video annotation procedure

This document establishes requirements for the annotation of humans, human faces and other body parts, and arbitrary objects appearing in imagery. It specifies the following: — metadata to be inserted in a video stream; — encoding of full and partial spatial and temporal ground truth information for: — objects present in a video, and — objects absent in a video; — procedures for different annotation of known and unknown subjects. This document does not specify: — encoding of video data.

  • Standard
    18 pages
    English language
    sale 15% off
  • Draft
    18 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 22116:2021(Main)
Information technology — A study of the differential impact of demographic factors in biometric recognition system performance

This document introduces the effects of population demographics on biometric functions. It: — establishes terms and definitions relevant to the study of demographic factors in biometric recognition system performance; — identifies areas where biometric systems can exhibit different performances based on different demographic factors of the individuals submitting the biometric samples; — explains how different demographic factors can influence the biometric characteristics captured by different biometric modalities and how these influences can affect biometric performance measures; — presents a case study on existing scientific material that explores the impact of demographic factors on biometric system performance. Only biometric modalities where quantitative information is available on the impact of demographic factors are considered. Outside of the scope of this document are: — effects of disease and injury on biometric performance; and — how religious and cultural norms can affect biometric operations.

  • Technical report
    21 pages
    English language
    sale 15% off
  • Draft
    21 pages
    English language
    sale 15% off