iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 19794-1:2011/Amd 1:2013

(Amendment)

Information technology — Biometric data interchange formats — Part 1: Framework — Amendment 1: Conformance testing methodology

Information technology — Biometric data interchange formats — Part 1: Framework — Amendment 1: Conformance testing methodology

Technologies de l'information — Formats d'échange de données biométriques — Partie 1: Cadre — Amendement 1: Méthodologie d'essai de conformité

General Information

Status
Published
Publication Date
05-Feb-2013
ICS
35.040 - Information coding
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ISO/IEC JTC 1/SC 37 - Biometrics
Drafting Committee
ISO/IEC JTC 1/SC 37/WG 3 - Biometric data interchange formats
Current Stage
6060 - International Standard published
Due Date
12-Sep-2014
Completion Date
06-Feb-2013
Ref Project

Relations

Amends
ISO/IEC 19794-1:2011 - Information technology — Biometric data interchange formats — Part 1: Framework
Effective Date
08-Jan-2022

Buy Standard

ISO/IEC 19794-1:2011/Amd 1:2013 - Conformance testing methodologyISO/IEC 19794-1:2011/Amd 1:2013 - Conformance testing methodology
PreviousNext
Standard
ISO/IEC 19794-1:2011/Amd 1:2013 - Conformance testing methodology
English language
29 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 19794-1
Second edition
2011-07-15
AMENDMENT 1
2013-02-01

Information technology — Biometric data
interchange formats —
Part 1:
Framework
AMENDMENT 1: Conformance testing
methodology
Technologies de l'information — Formats d'échange de données
biométriques —
Partie 1: Cadre
AMENDEMENT 1: Méthodologie d'essai de conformité




Reference number
ISO/IEC 19794-1:2011/Amd.1:2013(E)
©
ISO/IEC 2013

---------------------- Page: 1 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)

COPYRIGHT PROTECTED DOCUMENT


©  ISO/IEC 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2013 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees established
by the respective organization to deal with particular fields of technical activity. ISO and IEC technical
committees collaborate in fields of mutual interest. Other international organizations, governmental and non-
governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology,
ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
Amendment 1 to ISO/IEC 19794-1:2011 was prepared by Joint Technical Committee ISO/IEC JTC 1,
Information technology, Subcommittee SC 37, Biometrics.
© ISO/IEC 2013 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)

Information technology — Biometric data interchange
formats —
Part 1:
Framework
AMENDMENT 1: Conformance testing methodology
Page vi, Introduction
Add the following paragraphs after Figure 1:
Users of biometric systems desire to use this and other standards to ensure that components of the
biometric system can be substituted with other components from different vendors with a minimum of
effort, and also to ensure that biometric data produced by one system can be used by another system. In
order to achieve this, it is critical that systems claimed to conform to a standard actually are conformant,
and thus there is a need for a standardized conformance testing methodology for each of the biometric
data interchange formats described in ISO/IEC 19794, in order to provide a reasonable degree of
assurance that a conformance claim has validity. While conformance of individual elements of data
interchange records to relevant requirements can be determined, no test can be absolutely
comprehensive and prove that a given system generating or using biometric data interchange records is
conformant under all possible circumstances, especially when there are optional components of the
standard. A well designed conformance test can, however, test all of the most likely sources of problems
and ensure that the implementation under test conforms under a reasonable set of circumstances, giving
assurance, but not a guarantee, of conformance.
There are many different types of conformance testing that may be appropriate for the various parts of
ISO/IEC 19794. Some of these tests are highly specific to each data interchange format but some of them
have many common elements across all of the formats. This part of ISO/IEC 19794 also describes the
different types of conformance testing, and provides details of the common elements for defining test
assertions. It also provides guidelines for conducting the tests and reporting the results of the tests. Tests
and assertions common for most or all biometric data interchange formats (e.g., for common elements of
the general headers and the common elements of the representation headers) are specified in this part of
ISO/IEC 19794; the specific tests and assertions for each biometric data interchange format are left to the
subsequent parts of ISO/IEC 19794.
Annex A of this part of ISO/IEC 19794 is distinct from the ISO/IEC 29109-1 which addressed
conformance testing only of the first edition of ISO/IEC 19794. The normative Annex A of this part of
ISO/IEC 19794 addresses conformance testing of data formats specified in the second edition of ISO/IEC
19794.
Page 1, Scope
Add the following text at the end of the Scope:
This part of ISO/IEC 19794 also specifies the concepts, test types and conformance testing
methodologies to test biometric data interchange records or computer algorithms that create biometric
data interchange records. It defines two types (type A, i.e., biometric data interchange records and
systems generating such records; and type B, i.e., systems using biometric data interchange records),
and three levels (Level1, i.e., checking internal content of each field; Level 2, i.e., checking internal
consistency of the entire record; and Level 3, i.e., checking whether the data record is a faithful
© ISO/IEC 2013 – All rights reserved 1

---------------------- Page: 4 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
representation of the original biometric data) of conformance testing, but it only provides a detailed
description and methodology for the three levels of Type A testing. This part of ISO/IEC 19794 specifies
test requirements, assertions, and test execution and reporting procedures that are common for most or
all biometric data interchange formats. It explicitly does not cover the following areas:
• Modality-specific detailed test elements and assertions or descriptions of any mandatory standard
datasets required for testing. They are provided in the subsequent parts of ISO/IEC 19794.
• Testing whether implementations under test (IUTs) that claim to be able to use conformant biometric
data interchange records are able to correctly process such biometric data interchange records (Type B
testing).
• Conformance testing of CBEFF requirements
• Testing of other characteristics of biometric products or other types of testing of biometric products
(i.e., acceptance, performance, robustness, security).

Page 1
Add the following clause after the Scope and renumber all subsequent clauses accordingly:
2 Conformance
Biometric data interchange format conformance tests that claim conformance to this part of ISO/IEC
19794 shall satisfy the normative requirements of the methodology for those levels of test they are
claiming to perform, as described in Clauses A.1, A.2 and A.3. Any conformance tests shall use the
assertion types defined in Clause A.2 with the specific assertion details given in this and the relevant
subsequent parts of this standard.
Implementations of subsequent parts of ISO/IEC 19794 tested according to the methodology specified in
this part of ISO/IEC 19794 shall be able to claim conformance only to those requirements specified in
ISO/IEC 19794 that are tested by the test methods established by this methodology.

Pages 1 to 8, Terms and definitions
Add the following terms and definitions alphabetically , renumbering accordingly:
4.x
assertion
specification for testing a conformance requirement in an implementation under test expressed in a formal
assertion definition language
4.x
assertion test
specification of software or procedural methods that generate the test outcomes used for assessment of
conformance to an assertion
NOTE This is adapted from the definition of “assertion test” in ISO/IEC 13210:1999.
4.x
attestation
issue of a statement, based on a decision that fulfillment of specified requirements has been
demonstrated
NOTE This is adapted from the definition of “attestation” in ISO/IEC 17000:2004.
2
© ISO/IEC 2013 – All rights reserved

---------------------- Page: 5 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
4.x
certification
third-party attestation related to products
[ISO/IEC 17000:2004]
4.x
conformance
conformity
fulfillment by a product, process, or service of all relevant specified conformance requirements
NOTE For all practical purposes, data records are considered to be a type of a “product”, i.e., provisions of this
standard that are applicable to “products” apply to data records.
4.x
conformance requirement
requirement stated in a data format specification and defined in a finite, measurable, and unambiguous
manner
NOTE This is adapted from the definition of “conformance requirement” in ISO/IEC 13210:1999.
4.x
conformance test
specified technical procedure of conformance testing
4.x
conformance testing
testing
determination of one or more characteristics of an object of conformity assessment, according to a
procedure

[ISO/IEC 17000:2004]

4.x
conformance testing laboratory
organization that carries out conformance testing.
EXAMPLE This may be the creator of the IUT, the user of the IUT, or an unbiased third party.
4.x
conformance test specification
test specification
provisions of ISO/IEC 19794 biometric data interchange format standard that is concerned with test
methods, sometimes supplemented with other provisions related to testing, such as sampling, use of
statistical methods, and sequence of tests

NOTE This is adapted from the definition of “testing standard” in ISO/IEC GUIDE 2:2004.

4.x
conformance testing suite
CTS
test software used to automate certain types of conformance testing
4.x
conformity assessment
demonstration that specified requirements relating to a product, process, system, person or body are
fulfilled
[ISO/IEC 17000:2004]
© ISO/IEC 2013 – All rights reserved 3

---------------------- Page: 6 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
4.x
data format specification
provisions of ISO/IEC 19794 biometric data interchange format standard containing the specification that
is the subject of the conformance testing

4.x
declaration
declaration of conformity
first-party attestation
[ISO/IEC 17000:2004]
4.x
Implementation conformance statement
ICS
statement by the supplier of an implementation under test that indicates which mandatory and optional
components of the data format specification are supported by the implementation
4.x
implementation under test
IUT
that which implements the data format specification being tested
NOTE Depending on the conformance requirements of the data format specification, this may simply be a set of
biometric data interchange records or it may be a computer algorithm in the form that creates the BDIR and/or uses
the data contained in the BDIR.
4.x
input biometric data record
IBDR
data package containing a less processed form of biometric data which is suitable for use in the creation
of a BDIR
NOTE In some cases, this may be an image, but it may also be raw sensor output such as a time series of data
points from a digitization tablet.
4.x
level 1 testing
conformance testing methodology that checks field by field and byte by byte conformance with the
specification of the BDIR as specified in the data format specification, both in terms of fields included and
the ranges of the values in those fields
NOTE This type of testing tests syntactic requirements of the data format specification.
4.x
level 2 testing
conformance testing methodology that tests the internal consistency of the BDIR under test, relating
values from one part or field of the BDIR to values from other parts or fields of the BDIR
NOTE This type of testing tests syntactic requirements of the data format specification.
4.x
level 3 testing
conformance testing methodology that tests that a BDIR produced by an IUT is a faithful representation of
the IBDR subject to the constraints of the parameters in the metadata records
NOTE This type of testing tests semantic requirements of the data format specification.
4
© ISO/IEC 2013 – All rights reserved

---------------------- Page: 7 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
4.x
metadata record
data record containing any specific parameters related to the data itself, particularly required by an IUT to
transform an IBDR into a BDIR
EXAMPLE Type of image (basic, full frontal, token frontal or other) and the level of compression for a face image
BDIR; the presence of core, delta, or ridgecounts in the extended area for finger minutiae BDIR; the size of each
pattern in a finger pattern BDIR.
4.x
procedure
specified way to carry out an activity or a process
[ISO 9000:2005]
4.x
requirement
provision that conveys criteria to be fulfilled
[ISO/IEC GUIDE 2:2004]
4.x
test method
specified technical procedure for performing a test
NOTE This is adapted from the definition of “test method” in ISO/IEC GUIDE 2:1996. More recent edition of
ISO/IEC GUIDE 2 or ISO/IEC 17000:2004 no longer contain this definition
4.x
test report
document that presents test results and other information relevant to the execution of the test methods
against an Implementation Under Test
NOTE This is adapted from the definition of “test report” in ISO/IEC 13210:1999 and ISO/IEC GUIDE 2:1996.
4.x
Type A conformance claim
conformance claim that an IUT is a conformant BDIR, or can create conformant BDIRs from appropriate
IBDRs
4.x
Type B conformance claim
conformance claim that an IUT can read conformant BDIRs, interpret them correctly, and perform its
desired function upon them


Page 8, Abbrevaited terms
Add the following abbreviated terms alphabetically:
CTS Conformance Testing Suite
ICS Implementation Conformance Statement
IUT Implementation Under Test
IBDR Input Biometric Data Record

© ISO/IEC 2013 – All rights reserved 5

---------------------- Page: 8 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
Page 14, 8.1 (now renumbered as 9.1)
In the last sentence, change "Annex A" to "Annex B".
Page 25, Annex A
Rename Annex A as Annex B.
Page 24
After Table 7, insert the following annex:
6
© ISO/IEC 2013 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
Annex A
(normative)
Conformance testing methodology

A.1 Conformance testing framework
A.1.1 Limitations
While conformance of individual elements of each data interchange record to relevant requirements can be
determined, no conformance test of a given system generating or using biometric data interchange records
can be complete or perfect. Ultimately, it is only possible to prove that an IUT is non-conformant. The goal of
conformance testing is therefore to capture enough of the requirements of the data format specification and
test them under enough conditions, that any IUT that passes the conformance test is likely to be conformant.
Two problems with a data format specification that may only become apparent during conformance testing are
that some areas may be undefined (so that the specification of these areas is left to each vendor) or ill-defined
(so that there is a contradiction between parts of the data format specification or an easy misinterpretation
caused by the wording of the data format specification). The latter problem may be resolved by an
amendment to the standard, but the former problem may be difficult to resolve. An obvious example is the use
of proprietary extended data blocks within a BDIR. There may be good reasons to allow such proprietary data,
but very little conformance testing is possible while the data remains proprietary. Also, if the data format
specification includes a requirement to interpret the BDIR or use it for biometric comparison, then it is difficult
to be sure of the effect of a proprietary data block produced by one IUT when another IUT is attempting to
interpret it.
A.1.2 Managing data records
Note that since CBEFF conformance testing is out of scope for this standard, it is generally assumed that the
BDIRs will have been removed from any CBEFF data structures prior to beginning the conformance test.
Typically, for Type A testing as described in Clause A.1.3, either the IUT will provide BDIRs without a CBEFF
encapsulator or the CTS will remove them from such an encapsulator if one exists. Regardless of the method
used, the test shall provide a means of passing the CBEFF format type corresponding to the IBDRs in the IUT
or produced by the IUT to the CTS. This may be as simple as the supplier of the IUT sending a written
instruction to the testing laboratory that all BDIRs produced by this IUT would have a particular format type, or
it may involve the IUT passing a special parameter or using a specific CBEFF patron format that is not part of
its normal function outside the test. The reason this is required is that several parts of ISO/IEC 19794 have
different format types that determine whether or not certain optional data is present. Thus format type is an
extra field that shall always be present together with a BDIR when conformance testing using that BDIR
occurs.
A.1.3 Conformance testing types
Generally, the goal of biometric data interchange format conformance testing is to assure the users of
conformant biometric products that a BDIR produced by any conformant product can be interpreted and used
correctly by any other conformant product. There are thus two types of fundamental conformance claims.
Type A is the ability to produce conformant BDIRs and Type B is the ability to use conformant BDIRs.
Different IUTs may have different purposes for which they use a conformant BDIR, and thus Type B testing is
more complex than Type A testing because it has to account for all of these purposes. ISO/IEC 19794 is
focused on Type A testing exclusively. When biometric data interchange records themselves are tested in the
absence of any software or hardware that produced them or uses them, this is treated as Type A testing.
© ISO/IEC 2013 – All rights reserved 7

---------------------- Page: 10 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
A.1.4 Conformance testing levels
A.1.4.1 Hierarchy of Conformance Tests
A first step towards the goal of demonstrating conformance is ensuring that all of the specified fields and data
structures in the BDIR are correct and self-consistent. This does not validate the fidelity of the information
contained in the BDIR, however, since that depends on the relationship between the original IBDR and the
BDIR. This leads to a natural hierarchy of conformance testing levels.
The conformance testing hierarchy presented in this standard has three levels. Generally they progress from
least complex and expensive to test to most complex and expensive to test. They also progress from less
useful in predicting the performance of real world systems using conformant products, to more useful,
although even Level 1 conformance testing represents a significant step towards that goal. The types of
assertions for Level 1 and Level 2 testing for all parts of ISO/IEC 19794 are similar and so a list of assertion
operators and operands that should be used to define assertions is given in Clause A.2 of this part of
ISO/IEC 19794. The details of all the Level 1 and Level 2 assertions for each data format specification are
given in the appropriate subsequent parts of ISO/IEC 19794. For the more complex Level 3 testing, where the
actual fidelity of the information in the BDIR is compared to that in the IBDR, the subsequent parts of
ISO/IEC 19794 provide, as far as it is possible, guidance on how to carry out Level 3 testing for their specific
data interchange formats. A given conformance test may therefore involve conformance testing at different
levels.
It will ultimately be up to application profiles or to individual users of ISO/IEC 19794 to determine which level
of conformance testing will be required for a specific application, as well as any requirements on performance
or interoperability. This will be dependent on time, cost, and importance of biometric performance, implications
of non-interoperability and the current state of the published versions of the various parts of ISO/IEC 19794.
A.1.4.2 Level 1 – Data format conformance
In Level 1 testing, a set of BDIRs shall be checked for field-by-field and byte-by-byte conformance with the
specification of the data format specification, both in terms of fields included and the ranges of the values in
those fields. The specific assertions tested for each data format specification shall be those described in the
appropriate part of ISO/IEC 19794.
The advantage of this testing is that it does not require an IUT to be a computer algorithm or a set of hardware
and software. It can simply be a set of BDIRs. Thus, any hardware or software components of the
implementation being tested do not have to come into the possession of the testing lab, only BDIRs created
with those components.
An IUT may have the capability to produce multiple BDIRs, depending on the requirements of the application
in which it is used. Some of these BDIRs may be conformant and others may not, and so it is important to
specify which types were tested and how many of each type. In an ideal world every possible combination of
parameters for a particular biometric data interchange format would be tested, but this is not realistic given the
resources that would be required for such testing. Provided a test reports the presence or absence of optional
fields and the values for variable structural fields it is possible for a user of the data format specification to
determine if the particular variant of the standard tested is appropriate for their needs. The user may also
require conformance test results for a specific type of BDIR. An obvious example would be a two finger BDIR
or two iris BDIR, since many applications require enrollment of more than one biometric characteristic in order
to allow for a back-up if one of them becomes damaged or temporarily unusable. Some IUTs might be
conformant with a single-representation BDIR, or even with multiple representations of a single finger or iris,
but might fail conformance testing when the BDIR contains more than one finger or iris.
A.1.4.3 Level 2 – Internal consistency checking
In Level 2 testing, a set of BDIRs shall be checked to determine if they are internally consistent. The specific
assertions tested for each data format specification shall be those described in the appropriate part of
ISO/IEC 19794.
8
© ISO/IEC 2013 – All rights reserved

---------------------- Page: 11 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
The nature of Level 2 testing is that it relates values from one part of the BDIR to values from other parts of
the BDIR. This may be due to explicit requirements in the data format specification, such as a requirement
that the record length actually does indicate the number of bytes in the BDIR. It may also be implicit in the
standard, such as determining that the coordinates of a particular feature (such as eye positions in a face
image record or minutiae positions in a finger minutiae record) actually fall within the specified size of the
image.
In some cases, test assertions for Level 2 and higher conformance testing will have to make specific
assumptions about interpreting the data format specification requirements. In those cases, testing
methodology as set forth in ISO/IEC 19794 shall be considered normative in its interpretation of the data
format specification requirements, and any other interpretations shall be considered non-conformant to the
data format specification.
Once again the advantage of this testing is that it does not require an IUT to be a computer algorithm or a set
of hardware and software. It can simply be a set of BDIRs. Then the hardware or software of the IUT does not
have to be part of the test, only BDIRs created with that implementation. The disadvantage is that there are a
limited number of BDIRs and it is quite possible that some of the internal consistency checks will never be
tested because they are not relevant for the set of BDIRs in the IUT. The solution is to test a larger number of
BDIRs that represent multiple different structural variants of the biometric data interchange format under test.
This is why it is so vital to report on the structure of each BDIR variant in the conformance test.
Since Level 1 and Level 2 conformance testing are both required in order to properly test that the structure of
a BDIR is conformant to a data format specification, and since the execution of Level 1 and Level 2 tests will
frequently be intermingled, a conformance test should always include all relevant Level 1 and Level 2 test
assertions.
A.1.4.4 Level 3 – Content checking
Level 3 conformance testing is defined as a conformance testing methodology that tests that a BDIR produced
by an IUT is a faithful representation of the IBDR subject to the constraints of the parameters in the metadata
records. Effectively this is intended to test that the BDIRs produced by an IUT are faithful representations of
the original biometric data and that they satisfy those requirements of the data format specification that are not
simply a matter of syntax and format. In some cases the requirements of the data format specification may
specify biometric data capture conditions. An example would be the use of a fingerprint sensor of a particular
resolution or having a particular certification by an external body to capture fingerprints and generate
fingerprint image records that are noted in the BDIR as having a particular image acquisition level. The only
way to test that such a requirement has been correctly implemented by the IUT is to require that in Level 3
testing, an IUT shall be a combination of computer hardware and/or software that is used in the testing
laboratory. If the IUT is software only, then a set of IBDRs and corresponding metadata records shall be
provided and the IUT shall produce a set of corresponding BDIRs. This, however, only tests the ability of the
IUT to parse the metadata records and the IBDRs and insert the appropriate information in correctly formatted
BDIRs. For some requirements it is essential that the entire process from data capture to BDIR production be
included in the test, and in those cases the IUT will have to be a complete set of hardware and software.
Finally, there are some requirements that cannot be quantitatively tested without significant special effort or
extra equipment and for which the conformance test specification may simply define that no Level 3 test is
possible. An example would be the pose angles listed in a face image data record. Without an external three
dimensional reference frame for the head containing the face that is represented in the data record, there is
no absolute mechanism to verify that these pose angles are correct.
This leads to the following methodology for handling Level 3 conformance tests. As indicated in Clause A.3, all
of the requirements of the data format specification shall be listed in a conformance requirements table that is
in the same form as an implementation conformance statement. This will help the supplier of the IUT to clearly
identify which requirements of the data format specification are supported by the implementation. Certain
columns in this table indicate whether each requirement is a Level 1, Level 2 or Level 3 requirement and for
each Level 3 requirement, indicate whether it can be tested using a software only solution with a database of
IBDRs and metadata records, whether it requires a complete hardware and software IUT, or whether it can’t
be tested at all without special effort. Where they are available, the specific test methodologies to be used for
Level 3 testing involving IUTs composed of both hardware and software are found within specific clauses, as
referenced in the table, in each of the subsequent parts of ISO/IEC 19794. A general methodology to test
© ISO/IEC 2013 – All rights reserved 9

---------------------- Page: 12 ----------------------
ISO/IEC 19794-1:2011/Amd.1:2013(E)
some Level 3 requirements using a software only solution and a database of IBDRs and metadata records is
described in this clause, but even it will require specific clauses in the subsequent parts of ISO/IEC 19794 on
how to use this methodology for specific requirements.
The basic structure of a software only Level 3 conformance test is that a set of IBDRs and corresponding
metadata records shall be provided and the IUT shall produce a set of corresponding BDIRs. The information
in the BDIRs shall then be compared to the information in the IBDRs to determine if the IUT has faithfully
reproduced that in
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 19785-3:2020(Main)
Information technology — Common Biometric Exchange Formats Framework — Part 3: Patron format specifications

This document specifies and publishes registered Common Biometric Exchange Formats Framework (CBEFF) patron formats defined by the CBEFF patron ISO/IEC JTC 1/SC 37, and specifies their registered CBEFF patron format types (see ISO/IEC 19785-1) and resulting full ASN.1 OIDs.

  • Standard
    151 pages
    English language
    sale 15% off
  • Draft
    151 pages
    English language
    sale 15% off
ISO
ISO/IEC 24779-5:2020(Main)
Information technology — Cross-jurisdictional and societal aspects of implementation of biometric technologies — Pictograms, icons and symbols for use with biometric systems — Part 5: Face applications

The ISO/IEC 24779 series of standards focuses on communication with the data capture subject. This document contains a set of pictograms, icons and symbols to help the general public understand the concepts and procedures for using electronic systems that collect and/or evaluate facial images. Operators can use this document, with the possibility of using additional symbols and information. This set of pictograms, icons and symbols is designed to be used to: — identify the type of biometric sensor; — provide supporting instructions related to facial image collection. To provide this functionality, the set of pictograms, icons and symbols includes both directional pictograms, icons and symbols and action or feedback pictograms, icons and symbols. The facial image pictograms, icons and symbols include: — facial image capture; — single person; — no hat; — no sunglasses; — neutral expression; — hair up; — view direction. Although the pictograms, icons and symbols are presented individually, the pictograms, icons and symbols are intended to be combined to fully illustrate the facial image capture interaction. For example, in a customs or immigration environment, procedures constructed from the individual pictograms, icons and symbols could be presented as: — a series of posters while passengers are in the queue; — a series of transitional frames in a biometric booth; — an animated video or series of transitional frames while passengers are in the queue; — instructional leaflets for passengers to read in the queue.

  • Standard
    7 pages
    English language
    sale 15% off
ISO
ISO/IEC 30137-1:2019(Main)
Information technology — Use of biometrics in video surveillance systems — Part 1: System design and specification

The ISO 30137 series is applicable to the use of biometrics in VSS (also known as Closed Circuit Television or CCTV systems) for a number of scenarios, including real-time operation against watchlists and in post event analysis of video data. In most cases, the biometric mode of choice will be face recognition, but this document also provides guidance for other modalities such as gait recognition. This document: — defines the key terms for use in the specification of biometric technologies in a VSS, including metrics for defining performance; — provides guidance on selection of camera types, placement of cameras, image specification etc. for the operation of a biometric recognition capability in conjunction with a VSS; — provides guidance on the composition of the gallery (or watchlist) against which facial images from the VSS are compared, including the selection of appropriate images of sufficient quality, and the size of the gallery in relation to performance requirements; — makes recommendations on data formats for facial images and other relevant information (including metadata) obtained from video footage, used in watchlist images, or from observations made by human operators; — establishes general principles for supporting the operator of the VSS, including user interfaces and processes to ensure efficient and effective operation, and highlights the need to have suitably trained personnel; — highlights the need for robust governance processes to provide assurance that the implemented security, privacy and personal data protection measures specific to the use of biometric technologies with a VSS (e.g. internationally recognizable signage) are fit for purpose, and that societal considerations are reflected in the deployed system. This document also provides information on related recognition and detection tasks in a VSS such as: — estimation of crowd densities; — determining patterns of movement of individuals; — identification of individuals appearing in more than one camera; — use of other biometric modalities such as gait or iris; — use of specialized software to infer attributes of individuals, e.g. estimation of gender and age; — interfaces to other related functionality, e.g. video analytics to measure queue lengths or to alert for abandoned baggage.

  • Standard
    46 pages
    English language
    sale 15% off
ISO
ISO/IEC 30106-1:2016/Amd 1:2019(Amendment)
Information technology — Object oriented BioAPI — Part 1: Architecture — Amendment 1: Additional specifications and conformance statements
  • Standard
    17 pages
    English language
    sale 15% off
ISO
ISO/IEC 20027:2018(Main)
Information technology — Guidelines for slap tenprint fingerprintture

This document provides guidelines to follow during the acquisition process of slap tenprints in order to obtain fingerprints of the best quality possible within acceptable time constraints. Non-cooperative users are out of the scope of this document. When using ten-fingerprint sensors, it is fundamental to know how to use them and how to proceed with the acquisition. This document describes how to capture fingerprints correctly by specifying best practices for slap tenprint captures. It gives recommendations on the following topics: 1) hardware of the fingerprint sensor and its deployment; 2) user guidance; 3) enrolment process including a sample workflow; 4) application software for developers and system integrators; 5) processing, compression and coding of the acquired fingerprint images; 6) operational issues and data logging; 7) evaluation of a solution and its components. Although this document primarily focuses on reaching optimal data quality for enrolment purposes, the recommendations given here are applicable for other purposes. All processes which rely on good quality tenprint slaps can take advantage of the best practices.

  • Standard
    16 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 29196:2018(Main)
Information technology — Guidance for biometric enrolment

This document consolidates information relating to successful, secure and usable implementation of biometric enrolment processes, while indicating risk factors that organisations proposing to use biometric technologies will should address during procurement, design, deployment and operation. Much of the information is generic to many types of application, e.g. from national scale commercial and government applications, to closed systems for in-house operations, and to consumer applications. However, the intended application and its purpose often have influence on the necessary enrolment data quality and are intended to be taken into account when specifying an enrolment system and process. The document points out the differences in operation relating to specific types of application, e.g. where self-enrolment is more appropriate than attended operation. This document focuses on mandatory, attended enrolment at fixed locations. In summary, this document consolidates information relating to better practice implementation of biometric enrolment capability in various business contexts including considerations of process, function (system), and technology, as well as legal/privacy and policy aspects. The document provides guidance on collection and storage of biometric enrolment data and the impact on dependent processes of verification and identification. This document does not include material specific to forensic and law enforcement applications. This document does not contain any mandatory requirements. The following terms are used in this document to provide guidance. The terms "should" and "should not" indicate that among several possibilities one is recommended as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessarily required, or that (in the negative form) a certain possibility or course of action is discouraged but not prohibited. The term "may" indicates a course of action permissible within the limits of the publication. The terms "can" and "cannot" indicate a possibility and capability, whether material, physical or causal.

  • Technical report
    55 pages
    English language
    sale 15% off
ISO
ISO/IEC 19784-1:2018(Main)
Information technology — Biometric application programming interface — Part 1: BioAPI specification

ISO/IEC 19784-1:2018 defines the Application Programming Interface (API) and Service Provider Interface (SPI) for standard interfaces within a biometric system that support the provision of that biometric system using components from multiple vendors. It provides interworking between such components through adherence to this and to other International Standards. For use in a system that does not include a BioAPI Framework (called a framework-free BioAPI system), only the SPI interface is applicable, with applications interfacing directly to that in a platform-specific manner. NOTE 1 Many clauses and/or sub-clauses of this document are not applicable for implementation of a framework-free BioAPI system. These are identified at the head of the clause of sub-clause. The BioAPI specification is applicable to a broad range of biometric technology types. It is also applicable to a wide variety of biometrically enabled applications, from personal devices, through network security applications, to large complex identification systems. ISO/IEC 19784-1:2018 supports an architecture in which a BioAPI Framework supports multiple simultaneous biometric applications (provided by different vendors), using multiple dynamically installed and loaded (or unloaded) Biometric Service Provider (BSP) components and BioAPI Units (provided by other different vendors), possibly using one of an alternative set of BioAPI Function Provider (BFP) components (provided by other vendors) or by direct management of BioAPI Units. NOTE 2 Where BioAPI Units are provided by a different vendor fom a BSP, a standardised BioAPI Function Provider Interface (FPI) may be needed. This is outside the scope of this document, but is specified by later parts for the different categories of FPI. NOTE 3 Where a BioAPI Framework is not used in a system, the ability to support multiple applications and multiple BSPs is platform-dependent and depends on the nature of the system-integration techniques employed. ISO/IEC 19784-1:2018 is not required (and should normally not be referenced) when a complete biometric system is being procured from a single vendor, particularly if the addition or interchange of biometric hardware, services, or applications is not a feature of that biometric system. (Such systems are sometimes referred to as "embedded systems".) Standardisation of such systems is not in the scope of this document. ISO/IEC 19784-1:2018 does not define security requirements for biometric applications and biometric service providers. NOTE 4 ISO 19092 provides guidelines on security aspects of biometric systems[3]. The performance of biometric systems (particularly in relation to searches of a large population to provide the biometric identification capability) is not in the scope of this document. Trade-offs between interoperability and performance are not in the scope of this document. ISO/IEC 19784-1:2018 specifies a version of the BioAPI specification that is defined to have a version number described as Major 2, Minor 0, or version 2.0. It also specifies a version number described as Major 2, Minor 1, or version 2.1 that provides an enhanced Graphical User Interface. It also specifies a version number described as Major 2, Minor 2, or version 2.2 that provides features supporting fusion and security. Some clauses and sub-clauses apply only to one of these versions, some to two or more. This is identified at the head of the relevant clauses and sub-clauses. NOTE 5 Earlier versions of the BioAPI specification were not International Standards. NOTE 6 The differences between the requirements of the 2.0 specification and the 2.1 specification for framework-free operation relate only to the biometric type values and encodings. Conformance requirements are specified in Clause 5.

  • Standard
    234 pages
    English language
    sale 15% off
ISO
ISO/IEC 30136:2018(Main)
Information technology — Performance testing of biometric template protection schemes

ISO/IEC 30136:2018 supports evaluation of the accuracy, secrecy, and privacy of biometric template protection schemes. It establishes definitions, terminology, and metrics for stating the performance of such schemes. Particularly, this document establishes requirements for the measurement and reporting of: - theoretical and empirical accuracy of biometric template protection schemes, - theoretical and empirical probability of a successful attack on biometric template protection schemes (single or multiple), and - the information leaked about the original biometric when one or more biometric template protection schemes are compromised. ISO/IEC 30136:2018 also gives guidance on measuring and reporting diversity and unlinkability of templates. ISO/IEC 30136:2018 does not: - establish template protection schemes; - address testing of traditional encryption schemes.

  • Standard
    23 pages
    English language
    sale 15% off
ISO
ISO/IEC 19794-13:2018(Main)
Information technology — Biometric data interchange formats — Part 13: Voice data

ISO/IEC 19794-13:2018 specifies a data interchange format that can be used for storing, recording, and transmitting digitized acoustic human voice data (speech) assumed to be from a single speaker recorded in a single session. This format is designed specifically to support a wide variety of Speaker Identification and Verification (SIV) applications, both text-dependent and text-independent, with minimal assumptions made regarding the voice data capture conditions or the collection environment. Other uses for the data encapsulated in this format, such as automated speech recognition (ASR), may be possible, but are not addressed in this documnet. This document also does not address handling of data that has been processed to the feature or voice model levels. No application-specific requirements, equipment, or features are addressed in this document. This document supports the optional inclusion of non-standardized extended data. This document allows both the original data captured and digitally-processed (enhanced) voice data to be exchanged. A description of any processing of the original source input is intended to be included in the metadata associated with the voice representations (VRs). This document does not address data streaming. Provisions that stored and transmitted biometric data be time-stamped and that cryptographic techniques be used to protect their authenticity, integrity and confidentiality are out of the scope of this document. Information formatted in accordance with this document can be recorded on machine-readable media or can be transmitted by data communication between systems. A general content-oriented subclause describing the voice data interchange format is followed by a subclause addressing an XML schema definition. ISO/IEC 19794-13:2018 includes vocabulary in common use by the speech and speaker recognition community, as well as terminology from other ISO standards.

  • Standard
    26 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 24741:2018(Main)
Information technology — Biometrics — Overview and application

ISO/IEC TR 24741:2018 describes the history of biometrics and what biometrics does, the various biometric technologies in general use today (for example, fingerprint recognition and face recognition) and the architecture of the systems and the system processes that allow automated recognition using those technologies. It also provides information about the application of biometrics in various business domains such as border management, law enforcement and driver licensing, the societal and jurisdiction considerations that are typically taken into account in biometric systems, and the international standards that underpin their use.

  • Technical report
    33 pages
    English language
    sale 15% off