iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 30136:2018

(Main)

Information technology — Performance testing of biometric template protection schemes

Information technology — Performance testing of biometric template protection schemes

ISO/IEC 30136:2018 supports evaluation of the accuracy, secrecy, and privacy of biometric template protection schemes. It establishes definitions, terminology, and metrics for stating the performance of such schemes. Particularly, this document establishes requirements for the measurement and reporting of: - theoretical and empirical accuracy of biometric template protection schemes, - theoretical and empirical probability of a successful attack on biometric template protection schemes (single or multiple), and - the information leaked about the original biometric when one or more biometric template protection schemes are compromised. ISO/IEC 30136:2018 also gives guidance on measuring and reporting diversity and unlinkability of templates. ISO/IEC 30136:2018 does not: - establish template protection schemes; - address testing of traditional encryption schemes.

Technologies de l'information — Essais de performance des systèmes de protection par modèle

General Information

Status
Published
Publication Date
08-Mar-2018
ICS
35.040 - Information coding
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ISO/IEC JTC 1/SC 37 - Biometrics
Drafting Committee
ISO/IEC JTC 1/SC 37 - Biometrics
Current Stage
9092 - International Standard to be revised
Completion Date
15-Jan-2024
Ref Project

Buy Standard

ISO/IEC 30136:2018 - Information technology -- Performance testing of biometric template protection schemesISO/IEC 30136:2018 - Information technology -- Performance testing of biometric template protection schemes
PreviousNext
Standard
ISO/IEC 30136:2018 - Information technology -- Performance testing of biometric template protection schemes
English language
23 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC 30136:2018 - Information technology — Performance testing of biometric template protection schemes Released:3/9/2018ISO/IEC 30136:2018 - Information technology — Performance testing of biometric template protection schemes Released:3/9/2018
PreviousNext
Standard
ISO/IEC 30136:2018 - Information technology — Performance testing of biometric template protection schemes Released:3/9/2018
English language
23 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


INTERNATIONAL ISO/IEC
STANDARD 30136
First edition
2018-03
Information technology —
Performance testing of biometric
template protection schemes
Technologies de l'information — Essais de performance des systèmes
de protection par modèle
Reference number
©
ISO/IEC 2018
© ISO/IEC 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Conformance . 4
6 Methods for biometric template protection (informative) . 4
6.1 General . 4
6.2 Generalized architecture for biometric template protection system . 5
6.3 Data separation . 8
6.4 Examples of typical architectures in template protection systems . 8
6.4.1 Biometric verification utilizing multiple databases . 8
6.4.2 Two-factor biometric verification utilizing smart card . 9
6.4.3 Two-factor biometric verification utilizing passwords .10
7 Overview of performance evaluation for biometric template protection schemes .10
7.1 Methods for attacking a biometric template protection system .10
7.2 Necessity of metrics beyond traditional recognition performance .10
7.3 Technology evaluation .11
7.4 Theoretical evaluation and empirical evaluation . .11
7.5 Threat models .11
7.5.1 Naive model .12
7.5.2 Collision model .12
7.5.3 General models .12
8 Performance metrics for biometric template protection systems .13
8.1 General .13
8.2 Case of multiple biometric access control systems .13
8.3 Metrics for enrolment and verification performance .14
8.3.1 General.14
8.3.2 Accuracy degradation .14
8.3.3 Template diversity .15
8.3.4 Storage requirement per registered individual.16
8.4 Metrics for security and privacy protection performance .16
8.4.1 Irreversibility .16
8.4.2 Unlinkability .18
8.4.3 Successful Attack Rate (SAR) (optional) .19
Annex A (informative) Publication of algorithms or proofs used in performance evaluations .21
Bibliography .22
© ISO/IEC 2018 – All rights reserved iii

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/ iso/ foreword .html.
This document was prepared by ISO/IEC JTC 1, Information technology, SC 37, Biometrics.
iv © ISO/IEC 2018 – All rights reserved

Introduction
In conventional biometric access control systems, an adversary who compromises an enrolment
database may gain access to the generative biometric data of the individuals enrolled therein. This is
undesirable because, if the biometric system is vulnerable to presentation attacks or replay attacks, the
adversary could impersonate an individual and gain access to the system after gaining access to the
enrolment database. Furthermore, if the biometric enrolment databases contain unprotected templates
and the same biometric modality is adopted in multiple applications, the adversary could link the
accounts of the individual across those applications (cross-matching).
A biometric template stored in an enrolment database is a reference set of biometric features derived
from the biological and behavioural characteristics of an individual. If the system implementation
allows it, a biometric enrolment that is known to have been compromised may be revoked and renewed
a limited number of times. However, the number of unique biometrics that can be extracted from an
individual is limited and thus biometric enrolments cannot be revoked and then re-issued an unlimited
number of times like new credit card numbers or passwords. The compromise of biometric enrolment
records stored in an enrolment database is a serious issue. Therefore, methods and procedures to
mitigate the risk of compromise are needed.
Secure biometric verification
The biometrics research community has invested significant effort in enabling biometric verification
without directly needing to store an individual’s biometric features in the clear at the access control
device. This has led to the development of new methods referred to as “biometric template protection”,
“biometric information protection”, or simply “secure biometrics”. In this document, the term “biometric
template protection” is used.
The rationale behind this strategy is that, instead of storing the biometric features directly, the access
control system derives some data from the biometric features and stores this derived data on the
device. During the biometric verification phase, the system receives a probe biometric sample from
the individual seeking access. Then, the system combines the probe biometric sample and the derived
data and generates a biometric verification decision. The main property of the derived data is that it
reveals little or no information about the underlying biometric characteristic that was captured during
the enrolment phase.
Thus, if the access control device is compromised by an adversary, only the derived data falls into the
hands of the adversary, but this does not enable the adversary to recover the biometric characteristics
of the individuals enrolled in the database. Clearly, this strategy protects the privacy of the individuals
enrolled in the database.
Further, if an adversary attempts to gain access, i.e. to log in, to the system by providing a fake probe
biometric sample, then in a well-designed secure biometric system, combining the fake probe biometric
sample with the derived stored data results in biometric verification failure. Thus, this strategy
protects the secrecy of the individuals enrolled in the database.
Rationale for new metrics
There are several ways in which biometric template protection can be realized. Some of these methods
are described in ISO/IEC 24745:2011. Regardless of the method employed to construct the derived data,
the following questions must be asked when evaluating a biometric template protection system:
a) What is the probability that the system rejects genuine individuals and accepts imposters? This
is a natural question to ask of any biometric verification system. The metrics, False Non-Match
Rate (FNMR) and False Match Rate (FMR) measure this performance [ISO/IEC 19795-1] for the
conventional biometric system in which enrolment biometric features are matched against probe
biometric features. A biometric template protection system will also inherit these metrics, though
the method of measuring them may vary depending upon the particular realization of the template
protection algorithm.
© ISO/IEC 2018 – All rights reserved v

b) What is the probability that an adversary enhanced with some knowledge about the database of
enrolled individuals can be successfully verified as one of those enrolled?
c) How much information can an adversary obtain by compromising an access control device and
stealing the derived (stored) enrolment information? In conventional biometric systems, the
adversary may obtain significant information, in the form of the stored biometric template, or
the stored feature vector. The goal of biometric template protection systems is to ensure that the
stored derived data d
...


INTERNATIONAL ISO/IEC
STANDARD 30136
First edition
2018-03
Information technology —
Performance testing of biometric
template protection schemes
Technologies de l'information — Essais de performance des systèmes
de protection par modèle
Reference number
©
ISO/IEC 2018
© ISO/IEC 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Conformance . 4
6 Methods for biometric template protection (informative) . 4
6.1 General . 4
6.2 Generalized architecture for biometric template protection system . 5
6.3 Data separation . 8
6.4 Examples of typical architectures in template protection systems . 8
6.4.1 Biometric verification utilizing multiple databases . 8
6.4.2 Two-factor biometric verification utilizing smart card . 9
6.4.3 Two-factor biometric verification utilizing passwords .10
7 Overview of performance evaluation for biometric template protection schemes .10
7.1 Methods for attacking a biometric template protection system .10
7.2 Necessity of metrics beyond traditional recognition performance .10
7.3 Technology evaluation .11
7.4 Theoretical evaluation and empirical evaluation . .11
7.5 Threat models .11
7.5.1 Naive model .12
7.5.2 Collision model .12
7.5.3 General models .12
8 Performance metrics for biometric template protection systems .13
8.1 General .13
8.2 Case of multiple biometric access control systems .13
8.3 Metrics for enrolment and verification performance .14
8.3.1 General.14
8.3.2 Accuracy degradation .14
8.3.3 Template diversity .15
8.3.4 Storage requirement per registered individual.16
8.4 Metrics for security and privacy protection performance .16
8.4.1 Irreversibility .16
8.4.2 Unlinkability .18
8.4.3 Successful Attack Rate (SAR) (optional) .19
Annex A (informative) Publication of algorithms or proofs used in performance evaluations .21
Bibliography .22
© ISO/IEC 2018 – All rights reserved iii

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/ iso/ foreword .html.
This document was prepared by ISO/IEC JTC 1, Information technology, SC 37, Biometrics.
iv © ISO/IEC 2018 – All rights reserved

Introduction
In conventional biometric access control systems, an adversary who compromises an enrolment
database may gain access to the generative biometric data of the individuals enrolled therein. This is
undesirable because, if the biometric system is vulnerable to presentation attacks or replay attacks, the
adversary could impersonate an individual and gain access to the system after gaining access to the
enrolment database. Furthermore, if the biometric enrolment databases contain unprotected templates
and the same biometric modality is adopted in multiple applications, the adversary could link the
accounts of the individual across those applications (cross-matching).
A biometric template stored in an enrolment database is a reference set of biometric features derived
from the biological and behavioural characteristics of an individual. If the system implementation
allows it, a biometric enrolment that is known to have been compromised may be revoked and renewed
a limited number of times. However, the number of unique biometrics that can be extracted from an
individual is limited and thus biometric enrolments cannot be revoked and then re-issued an unlimited
number of times like new credit card numbers or passwords. The compromise of biometric enrolment
records stored in an enrolment database is a serious issue. Therefore, methods and procedures to
mitigate the risk of compromise are needed.
Secure biometric verification
The biometrics research community has invested significant effort in enabling biometric verification
without directly needing to store an individual’s biometric features in the clear at the access control
device. This has led to the development of new methods referred to as “biometric template protection”,
“biometric information protection”, or simply “secure biometrics”. In this document, the term “biometric
template protection” is used.
The rationale behind this strategy is that, instead of storing the biometric features directly, the access
control system derives some data from the biometric features and stores this derived data on the
device. During the biometric verification phase, the system receives a probe biometric sample from
the individual seeking access. Then, the system combines the probe biometric sample and the derived
data and generates a biometric verification decision. The main property of the derived data is that it
reveals little or no information about the underlying biometric characteristic that was captured during
the enrolment phase.
Thus, if the access control device is compromised by an adversary, only the derived data falls into the
hands of the adversary, but this does not enable the adversary to recover the biometric characteristics
of the individuals enrolled in the database. Clearly, this strategy protects the privacy of the individuals
enrolled in the database.
Further, if an adversary attempts to gain access, i.e. to log in, to the system by providing a fake probe
biometric sample, then in a well-designed secure biometric system, combining the fake probe biometric
sample with the derived stored data results in biometric verification failure. Thus, this strategy
protects the secrecy of the individuals enrolled in the database.
Rationale for new metrics
There are several ways in which biometric template protection can be realized. Some of these methods
are described in ISO/IEC 24745:2011. Regardless of the method employed to construct the derived data,
the following questions must be asked when evaluating a biometric template protection system:
a) What is the probability that the system rejects genuine individuals and accepts imposters? This
is a natural question to ask of any biometric verification system. The metrics, False Non-Match
Rate (FNMR) and False Match Rate (FMR) measure this performance [ISO/IEC 19795-1] for the
conventional biometric system in which enrolment biometric features are matched against probe
biometric features. A biometric template protection system will also inherit these metrics, though
the method of measuring them may vary depending upon the particular realization of the template
protection algorithm.
© ISO/IEC 2018 – All rights reserved v

b) What is the probability that an adversary enhanced with some knowledge about the database of
enrolled individuals can be successfully verified as one of those enrolled?
c) How much information can an adversary obtain by compromising an access control device and
stealing the derived (stored) enrolment information? In conventional biometric systems, the
adversary may obtain significant information, in the form of the stored biometric template, or
the stored feature vector. The goal of biometric template protection systems is to ensure that the
stored derived data d
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 19785-3:2020(Main)
Information technology — Common Biometric Exchange Formats Framework — Part 3: Patron format specifications

This document specifies and publishes registered Common Biometric Exchange Formats Framework (CBEFF) patron formats defined by the CBEFF patron ISO/IEC JTC 1/SC 37, and specifies their registered CBEFF patron format types (see ISO/IEC 19785-1) and resulting full ASN.1 OIDs.

  • Standard
    151 pages
    English language
    sale 15% off
  • Standard
    151 pages
    English language
    sale 15% off
ISO
ISO/IEC 24779-5:2020(Main)
Information technology — Cross-jurisdictional and societal aspects of implementation of biometric technologies — Pictograms, icons and symbols for use with biometric systems — Part 5: Face applications

The ISO/IEC 24779 series of standards focuses on communication with the data capture subject. This document contains a set of pictograms, icons and symbols to help the general public understand the concepts and procedures for using electronic systems that collect and/or evaluate facial images. Operators can use this document, with the possibility of using additional symbols and information. This set of pictograms, icons and symbols is designed to be used to: — identify the type of biometric sensor; — provide supporting instructions related to facial image collection. To provide this functionality, the set of pictograms, icons and symbols includes both directional pictograms, icons and symbols and action or feedback pictograms, icons and symbols. The facial image pictograms, icons and symbols include: — facial image capture; — single person; — no hat; — no sunglasses; — neutral expression; — hair up; — view direction. Although the pictograms, icons and symbols are presented individually, the pictograms, icons and symbols are intended to be combined to fully illustrate the facial image capture interaction. For example, in a customs or immigration environment, procedures constructed from the individual pictograms, icons and symbols could be presented as: — a series of posters while passengers are in the queue; — a series of transitional frames in a biometric booth; — an animated video or series of transitional frames while passengers are in the queue; — instructional leaflets for passengers to read in the queue.

  • Standard
    7 pages
    English language
    sale 15% off
  • Standard
    7 pages
    English language
    sale 15% off
ISO
ISO/IEC 30106-1:2016/Amd 1:2019(Amendment)
Information technology — Object oriented BioAPI — Part 1: Architecture — Amendment 1: Additional specifications and conformance statements
  • Standard
    17 pages
    English language
    sale 15% off
  • Standard
    17 pages
    English language
    sale 15% off
ISO
ISO/IEC 20027:2018(Main)
Information technology — Guidelines for slap tenprint fingerprintture

This document provides guidelines to follow during the acquisition process of slap tenprints in order to obtain fingerprints of the best quality possible within acceptable time constraints. Non-cooperative users are out of the scope of this document. When using ten-fingerprint sensors, it is fundamental to know how to use them and how to proceed with the acquisition. This document describes how to capture fingerprints correctly by specifying best practices for slap tenprint captures. It gives recommendations on the following topics: 1) hardware of the fingerprint sensor and its deployment; 2) user guidance; 3) enrolment process including a sample workflow; 4) application software for developers and system integrators; 5) processing, compression and coding of the acquired fingerprint images; 6) operational issues and data logging; 7) evaluation of a solution and its components. Although this document primarily focuses on reaching optimal data quality for enrolment purposes, the recommendations given here are applicable for other purposes. All processes which rely on good quality tenprint slaps can take advantage of the best practices.

  • Standard
    16 pages
    English language
    sale 15% off
  • Standard
    16 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 29196:2018(Main)
Information technology — Guidance for biometric enrolment

This document consolidates information relating to successful, secure and usable implementation of biometric enrolment processes, while indicating risk factors that organisations proposing to use biometric technologies will should address during procurement, design, deployment and operation. Much of the information is generic to many types of application, e.g. from national scale commercial and government applications, to closed systems for in-house operations, and to consumer applications. However, the intended application and its purpose often have influence on the necessary enrolment data quality and are intended to be taken into account when specifying an enrolment system and process. The document points out the differences in operation relating to specific types of application, e.g. where self-enrolment is more appropriate than attended operation. This document focuses on mandatory, attended enrolment at fixed locations. In summary, this document consolidates information relating to better practice implementation of biometric enrolment capability in various business contexts including considerations of process, function (system), and technology, as well as legal/privacy and policy aspects. The document provides guidance on collection and storage of biometric enrolment data and the impact on dependent processes of verification and identification. This document does not include material specific to forensic and law enforcement applications. This document does not contain any mandatory requirements. The following terms are used in this document to provide guidance. The terms "should" and "should not" indicate that among several possibilities one is recommended as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessarily required, or that (in the negative form) a certain possibility or course of action is discouraged but not prohibited. The term "may" indicates a course of action permissible within the limits of the publication. The terms "can" and "cannot" indicate a possibility and capability, whether material, physical or causal.

  • Technical report
    55 pages
    English language
    sale 15% off
  • Technical report
    55 pages
    English language
    sale 15% off
ISO
ISO/IEC 19784-1:2018(Main)
Information technology — Biometric application programming interface — Part 1: BioAPI specification

ISO/IEC 19784-1:2018 defines the Application Programming Interface (API) and Service Provider Interface (SPI) for standard interfaces within a biometric system that support the provision of that biometric system using components from multiple vendors. It provides interworking between such components through adherence to this and to other International Standards. For use in a system that does not include a BioAPI Framework (called a framework-free BioAPI system), only the SPI interface is applicable, with applications interfacing directly to that in a platform-specific manner. NOTE 1 Many clauses and/or sub-clauses of this document are not applicable for implementation of a framework-free BioAPI system. These are identified at the head of the clause of sub-clause. The BioAPI specification is applicable to a broad range of biometric technology types. It is also applicable to a wide variety of biometrically enabled applications, from personal devices, through network security applications, to large complex identification systems. ISO/IEC 19784-1:2018 supports an architecture in which a BioAPI Framework supports multiple simultaneous biometric applications (provided by different vendors), using multiple dynamically installed and loaded (or unloaded) Biometric Service Provider (BSP) components and BioAPI Units (provided by other different vendors), possibly using one of an alternative set of BioAPI Function Provider (BFP) components (provided by other vendors) or by direct management of BioAPI Units. NOTE 2 Where BioAPI Units are provided by a different vendor fom a BSP, a standardised BioAPI Function Provider Interface (FPI) may be needed. This is outside the scope of this document, but is specified by later parts for the different categories of FPI. NOTE 3 Where a BioAPI Framework is not used in a system, the ability to support multiple applications and multiple BSPs is platform-dependent and depends on the nature of the system-integration techniques employed. ISO/IEC 19784-1:2018 is not required (and should normally not be referenced) when a complete biometric system is being procured from a single vendor, particularly if the addition or interchange of biometric hardware, services, or applications is not a feature of that biometric system. (Such systems are sometimes referred to as "embedded systems".) Standardisation of such systems is not in the scope of this document. ISO/IEC 19784-1:2018 does not define security requirements for biometric applications and biometric service providers. NOTE 4 ISO 19092 provides guidelines on security aspects of biometric systems[3]. The performance of biometric systems (particularly in relation to searches of a large population to provide the biometric identification capability) is not in the scope of this document. Trade-offs between interoperability and performance are not in the scope of this document. ISO/IEC 19784-1:2018 specifies a version of the BioAPI specification that is defined to have a version number described as Major 2, Minor 0, or version 2.0. It also specifies a version number described as Major 2, Minor 1, or version 2.1 that provides an enhanced Graphical User Interface. It also specifies a version number described as Major 2, Minor 2, or version 2.2 that provides features supporting fusion and security. Some clauses and sub-clauses apply only to one of these versions, some to two or more. This is identified at the head of the relevant clauses and sub-clauses. NOTE 5 Earlier versions of the BioAPI specification were not International Standards. NOTE 6 The differences between the requirements of the 2.0 specification and the 2.1 specification for framework-free operation relate only to the biometric type values and encodings. Conformance requirements are specified in Clause 5.

  • Standard
    234 pages
    English language
    sale 15% off
  • Standard
    234 pages
    English language
    sale 15% off
ISO
ISO/IEC 19794-13:2018(Main)
Information technology — Biometric data interchange formats — Part 13: Voice data

ISO/IEC 19794-13:2018 specifies a data interchange format that can be used for storing, recording, and transmitting digitized acoustic human voice data (speech) assumed to be from a single speaker recorded in a single session. This format is designed specifically to support a wide variety of Speaker Identification and Verification (SIV) applications, both text-dependent and text-independent, with minimal assumptions made regarding the voice data capture conditions or the collection environment. Other uses for the data encapsulated in this format, such as automated speech recognition (ASR), may be possible, but are not addressed in this documnet. This document also does not address handling of data that has been processed to the feature or voice model levels. No application-specific requirements, equipment, or features are addressed in this document. This document supports the optional inclusion of non-standardized extended data. This document allows both the original data captured and digitally-processed (enhanced) voice data to be exchanged. A description of any processing of the original source input is intended to be included in the metadata associated with the voice representations (VRs). This document does not address data streaming. Provisions that stored and transmitted biometric data be time-stamped and that cryptographic techniques be used to protect their authenticity, integrity and confidentiality are out of the scope of this document. Information formatted in accordance with this document can be recorded on machine-readable media or can be transmitted by data communication between systems. A general content-oriented subclause describing the voice data interchange format is followed by a subclause addressing an XML schema definition. ISO/IEC 19794-13:2018 includes vocabulary in common use by the speech and speaker recognition community, as well as terminology from other ISO standards.

  • Standard
    26 pages
    English language
    sale 15% off
  • Standard
    26 pages
    English language
    sale 15% off
ISO
ISO/IEC 30107-2:2017(Main)
Information technology — Biometric presentation attack detection — Part 2: Data formats

ISO/IEC 30107-2:2017 defines data formats for conveying the mechanism used in biometric presentation attack detection and for conveying the results of presentation attack detection methods. The attacks considered in the ISO/IEC 30107 series take place at the sensor during the presentation and collection of the biometric characteristics. Any other attacks are outside the scope of this document. ISO/IEC 30107-2:2017 contains the following data formats: a binary format and an XML schema. The data interchange formats in this document are generic, in that they may be applied and used in a wide range of application areas. No application-specific requirements are addressed here. Provisions for the cryptographic protection of the authenticity, integrity, and confidentiality of stored and transmitted presentation attack detection data are beyond the scope of this document. NOTE While addressing security is out of the scope of this document, PAD data may be protected by encoding them into a biometric information record (see ISO/IEC 19785-1) that includes an optional security block.

  • Standard
    17 pages
    English language
    sale 15% off
ISO
ISO/IEC 24709-1:2017(Main)
Information technology — Conformance testing for the biometric application programming interface (BioAPI) — Part 1: Methods and procedures

ISO/IEC 24709-1:2017 specifies the concepts, framework, test methods, and criteria required to test conformity of biometric products claiming conformance to BioAPI (see ISO/IEC 19784-1). Guidelines for specifying BioAPI conformance test suites, writing test assertions, and defining procedures to be followed during the conformance testing are provided. ISO/IEC 24709-1:2017 is concerned with conformance testing of biometric products claiming conformance to BioAPI (see ISO/IEC 19784-1). It is not concerned with testing other characteristics of biometric products or other types of testing of biometric products (i.e. acceptance, performance, robustness, security, etc.) Testing by means of test methods, which are specific to particular biometric products, are not the subject of ISO/IEC 24709-1:2017. ISO/IEC 24709-1:2017 is applicable to the development and use of conformance test method specifications, BioAPI conformance test suites, and conformance testing programs for BioAPI-conformant products. It is intended primarily for use by testing organizations, but can be applied by developers and users of test assertions and test method implementations.

  • Standard
    353 pages
    English language
    sale 15% off
ISO
ISO/IEC 29794-4:2017(Main)
Information technology — Biometric sample quality — Part 4: Finger image data

ISO/IEC 29794-4:2017 establishes - terms and definitions for quantifying finger image quality, - methods used to quantify the quality of finger images, and - standardized encoding of finger image quality, for finger images at 196,85 px/cm spatial sampling rate scanned or captured using optical sensors with capture dimension (width, height) of at least 1,27 cm × 1,651 cm.

  • Standard
    47 pages
    English language
    sale 15% off