ISO/IEC 24787-1:2024

International
Standard
ISO/IEC 24787-1
First edition
Information technology — On-card
2024-06
biometric comparison —
Part 1:
General principles and
specifications
Technologies de l'information — Comparaison biométrique sur
cartes —
Partie 1: Principes généraux et spécifications
Reference number
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO/IEC 2024 – All rights reserved
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Conformance . 4
6 Biometric data handling and encoding . 5
7 Architecture of biometric verification using an ICC . 5
7.1 General .5
7.2 Off-card biometric comparison .5
7.3 On-card biometric comparison (sensor-off-card) .6
7.4 Work-sharing on-card biometric comparison .6
7.5 Biometric system-on-card . .7
8 Framework for on-card biometric comparison . 8
8.1 General .8
8.2 Application selection using AID .8
8.3 Data for on-card biometric comparison .8
8.3.1 General .8
8.3.2 Format of biometric data .9
8.3.3 Specific data objects .10
8.3.4 Use of biometric reference for multiple applications (informative) . 12
8.4 Processes .14
8.4.1 Enrolment and re-enrolment .14
8.4.2 Biometric verification .14
8.4.3 Biometric comparison process and decision.14
8.5 Termination . 15
9 Security policies for on-card biometric comparison .15
9.1 Minimum security policies for on-card biometric comparison . 15
9.1.1 General . 15
9.1.2 Minimum security policies . 15
9.1.3 Retry counter management . 15
9.2 Security policies for multiple on-card biometric comparison applications .16
9.2.1 Taxonomy of biometric comparison applications used in ICC .16
9.2.2 Security policy for universal verification mechanism (SP1) .16
9.2.3 Security policy for shared biometric reference with independent verification
mechanism (SP2) .17
9.2.4 Security policy for independent applications (SP3) .18
Annex A (informative) Sample APDU for on-card biometric comparison . 19
Annex B (informative) Example for implementation of global biometric reference .22
Annex C (informative) Examples of security status transition model .27
Annex D (informative) Considerations for security mechanisms in on-card biometric
comparison .30
Annex E (informative) Example of biometric information template including CBEFF-3 data
elements .32
Bibliography .35

© ISO/IEC 2024 – All rights reserved
iii
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had not
received notice of (a) patent(s) which may be required to implement this document. However, implementers
are cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/iso/foreword.html.
In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 17, Cards and security devices for personal identification.
This first edition cancels and replaces ISO/IEC 24787:2018, which has been technically revised. ISO/IEC CD
24787 has been split into two parts: ISO/IEC 24787-1 and ISO/IEC 24787-2.
The main changes are as follows:
— Previous Clause 9 “Work-sharing on-card biometric comparison procedure” and other subclauses related
to work-sharing have been moved to ISO/IEC 24787-2.
A list of all parts in the ISO/IEC 24787 series can be found on the ISO and IEC websites.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.

© ISO/IEC 2024 – All rights reserved
iv
Introduction
On-card biometric comparison provides a more secure biometric verification method than one where a
biometric comparison is carried out outside a secure cryptographic device. Storing biometric reference data
in a secure integrated circuit card (ICC) for on-card biometric comparison means that the reference is not
available at any external interface once it has been stored in the ICC, mitigating the risk of extraction and
misuse by an unauthorized party.
ISO/IEC 7816-11 and ISO/IEC 19785-3 cover technologies for off-card and simple on-card biometric
comparison. The ISO/IEC 17839 series covers biometric system-on-card.

© ISO/IEC 2024 – All rights reserved
v
International Standard ISO/IEC 24787-1:2024(en)
Information technology — On-card biometric comparison —
Part 1:
General principles and specifications
1 Scope
This document provides requirements and general principles and specifications for a biometric comparison
methodology suitable for the on-card environment.
This document establishes
— architectures of biometric comparison using an ICC,
— on-card biometric comparison, both in sensor-off-card systems and as part of biometric system-on-card, and
— security policies for on-card biometric comparison.
This document does not establish
— requirements for off-card biometric comparison,
— requirements for biometric system-on-card (defined in the ISO/IEC 17839 series),
— work-sharing on-card biometric comparison (defined in ISO/IEC 24787-2), or
— modality-specific requirements for storage and comparison.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 2382-37:2022, Information technology — Vocabulary — Part 37: Biometrics
ISO/IEC 7816-4, Identification cards — Integrated circuit cards — Part 4: Organization, security and commands
for interchange
ISO/IEC 7816-11:2022, Identification cards — Integrated circuit cards — Part 11: Personal verification through
biometric methods
ISO/IEC 19785-3:2020, Information technology — Common Biometric Exchange Formats Framework — Part 3:
Patron format specifications
ISO/IEC 19794 (all parts), Information technology — Biometric data interchange formats
ISO/IEC 29794 (all parts), Information technology — Biometric sample quality
ISO/IEC 39794 (all parts), Information technology — Extensible biometric data interchange formats
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 2382-37 and the following apply.

© ISO/IEC 2024 – All rights reserved
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
action
operation taken according to the results of the biometric decision (3.9)
EXAMPLE In the case of on-card biometric comparison (3.11), the action is a change in the security status.
Note 1 to entry: Specific details of possible actions based on the result of on-card biometric comparison within the
integrated circuit card (ICC) are not within the scope of this document.
3.2
biometric auxiliary data
data that is dependent on the biometric modality and related to the biometric reference (3.6) but does not
include the biometric reference or a biometric sample
EXAMPLE Data such as orientation, scaling, etc.
3.3
biometric comparison parameters
application specific parameters that are required to perform a biometric comparison with the appropriate
enrolled biometric reference (3.6)
3.4
biometric functionality information
capability information of on-card biometric comparison (3.12) provided by the integrated circuit card (ICC)
operating system
3.5
biometric information template
descriptive information regarding the associated biometric data
Note 1 to entry: "Biometric template" defined in ISO/IEC 2382-37 is not the same as "biometric information template"
as defined in ISO/IEC 7816-11. A biometric template is a set of features extracted from the biometric samples during
enrolment. This is completely different from the concept of “template” by the integrated circuit card (ICC) industry
and standards (see ISO/IEC 7816-4), which is a defined structure of the value field of a constructed data object.
3.6
biometric reference
one or more stored biometric samples, biometric templates or biometric models attributed to a biometric
data subject and used as the object of biometric comparison
[SOURCE: ISO/IEC 2382-37:2022, 37.03.16, modified — The EXAMPLE and Notes to entry have been
removed.]
3.7
biometric system-on-card
card-sized device including biometric capture, data processing, storage, comparison, decision (3.9) and
action (3.1), to compose a complete biometric verification (3.8) system
[SOURCE: ISO/IEC 17839-1:2014, 3.1, modified — Replaced "acquisition" with "capture", deleted "action",
deleted Notes 1 and 2 to entry.]
3.8
biometric verification
process of confirming a biometric claim through comparison
Note 1 to entry: Biometric verification is performed through comparison, decision, and action.

© ISO/IEC 2024 – All rights reserved
[SOURCE: ISO/IEC 2382-37:2022, 37.08.03, modified — Notes 1 and 2 to entry have been replaced by a new
Note 1 to entry.]
3.9
decision
process that compares a similarity score to a predefined threshold to decide whether the biometric claim is
from the genuine cardholder or an imposter
3.10
image/signal processing
process that extracts distinctive biometric properties from a given image or signal
3.11
modality
combination of a biometric characteristic type, a sensor type and a processing method
Note 1 to entry: Adapted from the definition for the term "mode" in ISO/IEC 2382-37:2022, 37.02.05.
3.12
on-card biometric comparison
comparison and decision making on the integrated circuit card (ICC) where the biometric reference (3.6) is
retained on-card in order to enhance security and privacy
3.13
off-card biometric comparison
biometric comparison performed outside the integrated circuit card (ICC) by the biometric verification (3.8)
system against the biometric reference (3.6) stored on the ICC
3.14
work-sharing
splitting the computational workload of the comparison process between the integrated circuit card (ICC)
and the interface device (IFD)
3.15
sensor-off-card
sensor located on the interface device (IFD) outside of the integrated circuit card (ICC)
3.16
termination
permanent deactivation of an on-card biometric comparison application
4 Abbreviated terms
For the purposes of this document, the symbols and abbreviated terms given in ISO/IEC 7816-11,
ISO/IEC 7816-4 and the following apply.
AID application identifier
APDU application protocol data unit
BER basic encoding rules
BHT biometric header template
BIDO biometric information data object
CBEFF-3 common biometric exchange formats framework – Part 3 – patron format specifications
(ISO/IEC 19785-3)
DF dedicated file
© ISO/IEC 2024 – All rights reserved
DO BER-TLV data object
EF elementary file
eMRTD electronic machine-readable travel document
FCI file control information
FMR false match rate
ICC integrated circuit card
IFD interface device
Len length
MAC message authentication code
MF master file
OID object identifier
PERFORM BIOMETRIC OPERATION
PBO
PIN personal identification number
RFU reserved for future use
SW1-SW2 status bytes
TLV tag length value
Var variable
5 Conformance
An on-card biometric comparison system claiming conformance to this document shall follow the
requirements in Table 1:
Table 1 — Conformance requirement for on-card biometric comparison systems
No. Description Requirement
1 Conform to the requirements set forth in 8.3.1 for encoding of biometric data Mandatory
2 Support the storage of three sets of data: -
2a) Biometric reference, as described in 8.3.2 Mandatory
2b) Biometric functionality information, as described in 8.3.3.2 Mandatory unless implicitly
known by IFD
2c) Biometric comparison parameters, as described in 8.3.3.3 Mandatory unless implicitly
known by IFD for the specific
DF
3 Support the usage of one biometric reference by multiple applications, as Optional
described in 8.3.4
4 Support retry counter management, as described in 9.1.3 Mandatory
5 Conform to the requirements set forth in 8.4 and 8.5 for on-card biometric Mandatory
comparison implementations
© ISO/IEC 2024 – All rights reserved
6 Biometric data handling and encoding
For handling of biometric data, 8.4 specifies the requirements, according to ISO/IEC 7816-11.
For encoding of biometric data, 8.3.1 specifies the requirements, according to ISO/IEC 19785-3 and
ISO/IEC 7816-11.
7 Architecture of biometric verification using an ICC
7.1 General
The following subclauses describe four biometric verification architectures using an ICC or an ICC with
a biometric verification system. This document only specifies the requirements for the architecture
mentioned in 7.3.
While off-card biometric comparison is out of scope for this document, the information in 7.2 is presented to
enhance the understanding of the relationship between on-card biometric comparison methods covered in
this document and off-card biometric comparison methods.
The biometric reference is stored in an ICC prior to the biometric verification execution.
Biometric verification can coexist with other authentication mechanisms, such as PIN, as defined in
ISO/IEC 7816-4.
7.2 Off-card biometric comparison
Off-card biometric comparison means that the biometric verification is performed on the off-card biometric
verification system outside of the ICC. The ICC acts as a storage device to store the biometric reference(s) of
the cardholder. The process is schematically represented in Figure 1.
The biometric verification system captures a biometric sample for comparison with a biometric reference
retrieved from an ICC. The biometric verification system changes its security status based on the result of
biometric comparison to perform subsequent transactions.
EXAMPLE In an automated border control system, a facial image (biometric reference) is stored in an electronic
machine-readable travel document (eMRTD). An eMRTD is a passport with an embedded contactless IC as an ICC.
When this eMRTD is presented to an automated border control system, mutual authentication is executed between
the system and the eMRTD. Then the stored facial image (biometric reference) is retrieved from the eMRTD and facial
image recognition (biometric comparison) is executed by the system. When the comparison is successful (the eMRTD
holder is verified), the system allows the passage of the eMRTD holder.
Figure 1 — General architecture of off-card biometric comparison

© ISO/IEC 2024 – All rights reserved
7.3 On-card biometric comparison (sensor-off-card)
On-card biometric comparison means that the biometric verification is performed in the ICC having enough
processing power. The process is schematically represented in Figure 2. The capturing of the biometric
sample takes place outside the ICC. The enrolment process is the same as, or similar to, that for off-card
comparison.
It is recommended to transfer the biometric data into the ICC using secure messaging (see ISO/IEC 7816-4)
between the biometric verification system and the ICC.
NOTE Annex C provides examples of how to implement on-card biometric comparison methods related to the
security status of the ICC. Annex D provides information on how security relationships can be implemented in an on-
card biometric comparison solution.
Figure 2 — General architecture of on-card biometric comparison (sensor-off-card)
7.4 Work-sharing on-card biometric comparison
Work-sharing on-card biometric comparison is similar to on-card biometric comparison except that the
comparison process is assisted by external processing. This type of comparison can be used by an ICC that
does not have sufficient processing capability (e.g. long processing time) to execute the entire biometric data
comparison.
NOTE 1 The requirements for this architecture for work-sharing biometric verification are specified in
ISO/IEC 24787-2. This architecture is only applicable for sensor-off-card.
This biometric comparison process is divided into several sub-processes which are executed in an IFD and
on an ICC. Figure 3 shows an example of this process that has one iteration of feedback. Biometric auxiliary
data is stored in an ICC and a biometric reference is stored in a different portion on the ICC. The biometric
auxiliary data can be retrieved from an ICC while the biometric reference cannot. The biometric auxiliary
data, which contains the biometric property, is provided for accelerating the biometric comparison.
The outline procedure for work-sharing on-card biometric comparison is:
— before the biometric comparison procedure is started, a biometric verification system on an IFD captures
a biometric sample from a cardholder;
— before the biometric comparison procedure, the biometric auxiliary data can be retrieved from an ICC;
— a biometric verification system on an IFD starts the first process of the biometric comparison procedure
and then triggers the execution of subsequent processes in a daisy chain manner;
— when such processing is carried out at the ICC side, the biometric reference is used by the ICC if
required;
© ISO/IEC 2024 – All rights reserved
— when such processing is carried out at the IFD side, the ICC can pass feedback from the previous
biometric comparison process to the IFD as input;
— the final process of the biometric comparison procedure is executed on the ICC;
— after the final process of the biometric comparison procedure is done, subsequent processes, such as
decision and action, are then executed.
Further details of biometric auxiliary data depend on biometrics modality and are not specified in this
document.
This architecture shall be in conformity with ISO/IEC 24787-2 that specifies details of work-sharing on-card
biometric comparison.
NOTE 2 Annex C provides examples of how to implement on-card biometric comparison methods related to the
security status of the ICC. Annex D provides information on how security relationships can be implemented in an on-
card biometric comparison solution.
Figure 3 — Example of architecture for work-sharing on-card biometric comparison
7.5 Biometric system-on-card
Biometric system-on-card means that the whole biometric verification process from biometric sample
capturing to action is performed on an ICC. The process is schematically represented in Figure 4.
The ISO/IEC 17839 series specifies details of biometric system-on-card.

© ISO/IEC 2024 – All rights reserved
Figure 4 — General architecture of biometric system-on-card
8 Framework for on-card biometric comparison
8.1 General
This clause is applied to on-card biometric comparison (sensor-off-card) (see 7.3) and work-sharing on-card
biometric comparison (see 7.4). It can be applied to biometric system-on-card (see 7.5).
8.2 Application selection using AID
The on-card biometric comparison can be implemented as an independent application. In this case, it may
be identified by a standard AID according to ISO/IEC 7816-4. The on-card biometric comparison application
1)
may be selected by this standard AID using the object identifier ‘28 81 C1 53 01’ (i.e. ‘E8 28 81 C1 53 01’ +
[an application-specific AID extension]).
NOTE Application-specific AID extension is RFU.
8.3 Data for on-card biometric comparison
8.3.1 General
This document defines data objects for the configuration of the biometric verification (i.e. biometric
functionality information and biometric comparison parameters) which can be encapsulated in the
biometric information template defined in ISO/IEC 7816-11.
ISO/IEC 7816-11 allows for two types of data encoding, namely explicit tag allocation coding and implicit
tag allocation coding. For this document, explicit tag allocation coding shall be used. DO'A1' immediately
under the biometric information template shall be used for ISO/IEC 19785-3 and DO'A2' immediately under
the biometric information template shall be used for the BIDOs related to on-card biometric comparison.
Table 2 specifies a biometric information template using the explicit tag allocation coding specification
given in ISO/IEC 7816-11:2022, Table 9 with the inclusion of the DOs defined in this document and
ISO/IEC 19785-3:2020, Clause 19. Within this document, tag 'A0' under '7F60' is not considered, making it
a requirement to use tags 'A1' and 'A2' for DOs defined by ISO/IEC 19785-3 and this document respectively.
Annex E contains a more comprehensive example of a biometric information template, which includes the
data elements defined by ISO/IEC 19785-3 under the biometric header template (BHT) at tag ‘A1’.
1) This OID used in the standard AID represents ISO/IEC 24787-1 even when the on-card biometric comparison
application is in conformity with ISO/IEC 24787-2.

© ISO/IEC 2024 – All rights reserved
For explicit tag allocation coding, refer to ISO/IEC 7816-11 and ISO/IEC 19785-3:2020, Clause 19.
Table 2 — Biometric information template with DOs defined for on-card biometric comparison
Tag Len Value Presence
‘7F60’ Var Biometric information template (see ISO/IEC 7816-11:2022,
Table 9)
Tag Len Value
‘80’ 1 Algorithm reference for use in the VERIFY / Optional
EXT. AUTHENTICATE / MANAGE SE command
as defined in ISO/IEC 7816-4
‘83’ 1 Reference data qualifier for use in the VERIFY / Optional
EXT. AUTHENTICATE / MANAGE SE command
as defined in ISO/IEC 7816-4
‘A1’ Var BIDOs specified by other than ISO/IEC 7816-11 Mandatory if any DOs speci-
fied in ISO/IEC 19785-3:2020,
For this document, this DO is reserved for:

Clause 19 are present
BIDOs for CBEFF-3 (ISO/IEC 19785-3:2020,
Clause 19)
‘A2’ Var BIDOs specified by other than ISO/IEC 7816-11 Mandatory
For this document, this DO is reserved for:
BIDOs for this document
Tag Len Value
‘78’ 9 Compatible tag allocation author- Mandatory

ity
Tag Len Value
'06' 7 '28 81 C1 53 01 8F Mandatory
68'
OID of this document
(1.0.24787.1.2024)
Tag Len Value
‘70’ Var BIDOs specified in this document Mandatory
Tag Len Value
‘91’ Var Biometric compar- At least one DO with tag ‘91’ or
or ison parameters ‘B1’ for biometric comparison
‘B1’ parameters or with tag ‘92’ or

See Table 4 for DOs
‘B2’ for Biometric functionality
encapsulated in
information shall be present.
DO’B1’
‘92’ Var Biometric func-
or tionality informa-
‘B2’ tion
See Table 3 for DOs
encapsulated in
DO’B2’
Tag Len Value
‘5F2E’ or Var Biometric data (primitive/constructed) (see If biometric data is stored in
‘7F2E’ ISO/IEC 7816-11) DO’7F60’, either DO’5F2E’ or
DO’7F2E’ shall be present
NOTE The content of this biometric information template contains the tags specified in ISO/IEC 7816-11:2022
Table 9 with additional inclusion of ISO/IEC 24787-1 and ISO/IEC 19785-3:2020 Clause 19 DOs.
8.3.2 Format of biometric data
For reasons of biometric reference interoperability, the formats as defined in ISO/IEC 7816-11 shall be used
for biometric data to be sent to the ICC.

© ISO/IEC 2024 – All rights reserved
If a biometric information template DO'7F60' encapsulates biometric data, either DO'5F2E' or DO'7F2E' shall
be used.
Compact card formats as described in the relevant parts of the ISO/IEC 19794 series or the ISO/IEC 39794
series are recommended.
There can be cases where the biometric data (primitive/constructed) are excluded from a biometric
information template. One such possible case is when a biometric reference is used by multiple applications
(see 8.3.4). Another possible case is when a biometric reference is not retrievable from an ICC with on-card
biometric comparison mechanism due to security policy (see 9.2.1).
8.3.3 Specific data objects
8.3.3.1 General
Biometric comparison parameters and biometric functionality information may either be in the TLV data
object format or a set of data elements not in the TLV data object format.
When in the TLV data object format, they are encapsulated in DO'B1' and DO'B2' respectively, under the
DO'70' within BIDOs DO'A2' included in the biometric information template DO'7F60'.
When in a set of data elements not in the TLV data object format, they are encapsulated in DO'91' and DO'92'
respectively, under the DO'70' within BIDOs DO'A2' included in the biometric information template DO'7F60'.
8.3.3.2 Biometric functionality information
To declare the limiting values for the biometric functionality of each modality on the ICC, biometric
functionality information is provided within the DO‘92’ or DO‘B2’ of a biometric information template (see
Table 2). The data elements stored in the DO'B2'are defined in Table 3.
The biometric functionality information can be read out of the ICC but cannot be modified during the
ICC operational state. Retrieval of biometric functionality information can be subjected to the associated
security attributes.
In case of multiple biometric modalities supported within the ICC, the biometric functionality information
corresponding to each biometric modality can be specified.
Re-enrolment capability of the ICC is notified by retrieving the DO’83’. According to the value of DO’83’, the
ICC shall control re-enrolment of the modality that the DO'83' associated with.
Table 3 — Data objects for biometric modality functionality information elements
Tag Length Value Presence
a
‘80’ 1-3 Maximum length (e.g. number of minutiae) of the biometric probe Optional
a
'81’ 1-3 Maximum length (e.g. number of minutiae) of the biometric reference Optional
‘82’ 1 Supported number of biometric references Optional
'00': no information given
‘83’ 1 Re-enrolment capability Optional
'00': Re-enrolment prohibited
'01': Re-enrolment supported
Other value: RFU
‘85’ Var Minimum verification data quality as defined in ISO/IEC 29794-1, which is Optional
supported by the comparison algorithm as defined in the relevant parts of
the ISO/IEC 19794 series and the ISO/IEC 29794 series
‘87’ Var Minimum quality requirements for the biometric probe for performing the Optional
comparison, which can be proprietary (e.g. minimum number of fingerprint
minutiae required)
© ISO/IEC 2024 – All rights reserved
TTabablele 3 3 ((ccoonnttiinnueuedd))
Tag Length Value Presence
'8F' Var Proprietary data Optional
‘90’ Var Biometric verification type and discriminative power (FMR grading) (see Mandatory if SP2
Table 5) (see 9.2.3) is applied.
Optional otherwise.
a
Each modality may have its own definition of length of the biometric probe/reference. For example, the length for
fingerprints is referring to the number of minutiae, while the length for face can be the number of bytes.
NOTE Some or all of the DOs in Table 3 can be made mandatory by a particular application profile.
8.3.3.3 Biometric comparison parameters
While the biometric functionality information is modality-specific, the biometric comparison parameters
are both modality-specific and application-specific. These biometric comparison parameters are stored in a
biometric information template that belongs to an on-card biometric comparison application. This biometric
information template can be linked to the actual biometric data. These parameters can be modified during
enrolment. In case the ICC allows for multiple applications to share one biometric reference, each application
may have its own set of biometric comparison parameters (if the parameters are different) or may have a
common set of biometric comparison parameters in the MF (see 8.3.4). An example is provided in Annex B.
Table 4 and Table 5 define biometric comparison parameters in the biometric information template for on-
card biometric comparison (tag '91' or 'B1' under DO'70', which is under the DO'A2').
If the biometric information template contains any biometric comparison parameters, it shall include a
parameter for minimum verification data quality for performing comparisons (i.e. DO’85’ in Table 4 in case
the parameters are provided in the DO'B1').
Table 4 — Data objects for biometric comparison parameters
Tag Length Value Presence
a
‘81’ 1-3 Minimum and maximum length (e.g. number of minutiae) of the biometric Optional
c
probe
This value shall be compatible with the one defined in tag ‘80’ of DO’B2’
(see 8.3.3.2)
a
‘82’ 1 Ordering, if applicable, of the features in the biometric probe Optional
a
‘83’ 1 Feature handling indicator Optional
a
‘84’ Var Alignment information Optional
b
‘85’ Var Minimum verification data quality as defined in ISO/IEC 29794-1, which is Mandatory
supported by the comparison algorithm as defined in the relevant parts of
the ISO/IEC 19794 series and the ISO/IEC 29794 series
This value shall be compatible with the one defined in tag ‘85’ of DO’B2’
(see 8.3.3.2)
‘90’ 1 Biometric verification type and discriminative power Mandatory if SP2 (see
9.2.2) is applied.
This value shall be compatible with the one defined in tag ‘90’ of DO’B2’
(see 8.3.3.2) Optional otherwise.
‘91’ 2 Estimation from the ICC of its maximum response time in milliseconds, to Optional
be provided to the IFD
‘0001’ – ‘FFFF’
a
The value is defined in the relevant part of the ISO/IEC 19794 series.
b
The value is defined in the relevant parts of the ISO/IEC 19794 series and the ISO/IEC 29794 series.
c
Each modality may have its own definition of length of the biometric probe/reference. For example, the length for fingerprints
is referring to the number of minutiae, while the length for face can be the number of bytes.
NOTE All or some DOs can be made mandatory by a particular application profile.

© ISO/IEC 2024 – All rights reserved
Table 5 — Biometric verification type and discriminative power (FMR grading)
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
— — — — — — x x Biometric verification type
— — — — — — 0 0 On-card biometric comparison
— — — — — — 0 1 Work-sharing on-card biometric
comparison
— — — — — — 1 0 Biometric system-on-card
— — — — — — 1 1 RFU
a
— — — x x x — — FMR claimed
— — — 0 0 0 — — No indication given
— — — 0 0 1 — — FMR grade 1 (largest)
— — — 0 1 0 — — FMR grade 2
— — — 0 1 1 — — FMR grade 3
— — — 1 0 0 — — FMR grade 4
— — — 1 0 1 — — FMR grade 5
— — — 1 1 0 — — FMR grade 6 (smallest)
— — — 1 1 1 — — RFU
x x x — — — — — RFU
a
This value is provided to enable the system designer to set different comparison levels
for different applications with the specific on-card biometric comparison product.
Table 6 — FMR grading
FMR grade FMR
1 ≤0,1
2 ≤0,01
3 ≤0,001
4 ≤0,000 1
5 ≤0,000 01
6 ≤0,000 001
If the FMR value is higher than FMR grade 1, the FMR grade shall be indicated as “No indication given”.
8.3.4 Use of biometric reference for multiple applications (informative)
8.3.4.1 General
When multiple on-card biometric comparison applications are stored in a single ICC, the data management
policy related to biometric comparison can be designed by the location of the data storage and its access
control setting.
NOTE 8.3.4.2 through 8.4.3.3 refer to the biometric comparison application(s) while 8.3.4.4 can refer to
applications making use of a single and shared biometric comparison application that has common reference and
common comparison parameters.
8.3.4.2 Multiple independent biometric comparison applications
If each on-card biometric comparison application uses its own biometric reference, the biometric reference
can be stored independently within a DF associated with the on-card biometric comparison application (i.e.
an application DF). This DF also stores a biometric information template to provide the biometric comparison
parameters of the application as shown in Figure 5. Refer to SP3 for security implementation requirements.

© ISO/IEC 2024 – All rights reserved
Figure 5 — Application-specific biometric reference management
8.3.4.3 Global biometric reference with application-specific parameters for biometric comparison
applications
In case multiple on-card biometric comparison applications share a single biometric reference, the biometric
reference can be stored in a MF as a global biometric reference as shown in Figure 6. And if each of the
applications manages its biometric comparison parameters independently, each application DF stores its
own biometric information template to provide the independent biometric comparison parameters. This
biometric information template can also provide information (e.g. link, location, or qualifier) regarding the
actual biometric reference.
SP2 specifies the security implementation requirements.
Figure 6 — Global biometric reference management with application-specific comparison
parameters
8.3.4.4 Global biometric reference with shared parameters for multiple biometric comparison
applications
In case multiple on-card biometric comparison applications share both a single biometric reference (i.e.
global biometric reference) and a single set of biometric comparison parameters (i.e. global parameters),
both the biometric reference and a biometric information template to provide the biometric comparison
parameters are stored in an MF. To guide the IFD to access necessary data elements for biometric comparison,
each application DF can store its own biometric information template that provides information (e.g. link,
location, or qualifier) regarding the actual data elements stored in the MF as shown in Figure 7.
SP1 specifies the security implementation requirements.

© ISO/IEC 2024 – All rights reserved
Figure 7 — Global biometric reference management with shared comparison parameters
8.4 Processes
8.4.1 Enrolment and re-enrolment
Enrolment or re-enrolment is the process through which a biometric reference is created and stored. The
enrolment mechanism specified in ISO/IEC 7816-11 shall be implemented. The re-enrolment mechanism
specified in ISO/IEC 7816-11 can be implemented according to the requirements of the system.
Depending on the capabilities of the ICC, image/signal processing can be split between the IFD and the ICC.
In all cases, all biometric data shall be transferred to the ICC through a secure and trusted channel or in a
trusted environment, guaranteeing cardholders’ privacy. It is recommended to perform a verification test
after enrolment or re-enrolment to verify the quality of the enrolled data.
Guidance on the enrolment or re-enrolment of the biometric data onto the ICC is contained in ISO/IEC 7816-11.
8.4.2 Biometric verification
The biometric verification mechanism specified i
...