ISO/IEC 29120-1:2015
(Main)Information technology — Machine readable test data for biometric testing and reporting — Part 1: Test reports
Information technology — Machine readable test data for biometric testing and reporting — Part 1: Test reports
ISO/IEC 29120-1 establishes ? machine readable records for documenting the output of a biometric test, ? formats for data that ISO/IEC 19795 tests are required to report, and ? an ASN.1 syntax for test reports. This standard specifically does not ? require, prohibit, or otherwise specify, the format of biometric samples or templates used in a test, ? require, prohibit or otherwise specify, the encapsulation of biometric samples or templates used in a test, or ? regulate metrics for tests. NOTE ISO/IEC 19795‑1 establishes the reportable metrics.
Technologies de l'information — Données d'essai lisibles par machine pour les rapports et les essais biométriques — Partie 1: Rapports d'essai
General Information
Relations
Standards Content (Sample)
INTERNATIONAL ISO/IEC
STANDARD 29120-1
First edition
2015-05-01
Information technology — Machine
readable test data for biometric
testing and reporting —
Part 1:
Test reports
Technologies de l’information — Données d’essai lisibles par machine
pour les rapports et les essais biométriques —
Partie 1: Rapports d’essai
Reference number
ISO/IEC 29120-1:2015(E)
©
ISO/IEC 2015
---------------------- Page: 1 ----------------------
ISO/IEC 29120-1:2015(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2015
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2015 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 29120-1:2015(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Conformance . 1
3 Normative references . 1
4 Terms and definitions . 2
5 Symbols and abbreviated terms . 2
6 ASN.1 format . 2
6.1 Encoding rules . 2
6.2 ASN.1 object identifier for test report . 2
6.3 BiometricTestReport type . 2
6.4 Data types for technology tests . 3
6.4.1 Overview . 3
6.4.2 Product information . 3
6.4.3 Information about test report . 5
6.4.4 Test report under a specific condition . 7
6.5 Data types for scenario tests .12
6.5.1 Overview .12
6.5.2 Test report under a specific condition .12
6.6 Data types for signed test reports .13
Annex A (normative) ASN.1 module for machine readable biometric test reports .15
Annex B (informative) Common elements.22
Annex C (informative) Test reports .29
Bibliography .37
© ISO/IEC 2015 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC 29120-1:2015(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
Details of any patent rights identified during the development of the document will be in the Introduction
and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical Barriers
to Trade (TBT), see the following URL: Foreword — Supplementary information.
The committee responsible for this document is ISO/IEC JTC 1, Information technology, SC 37, Biometrics.
ISO/IEC 29120 consists of the following parts, under the general title Information technology — Machine
readable test data for biometric testing and reporting:
— Part 1: Test reports
iv © ISO/IEC 2015 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 29120-1:2015(E)
Introduction
This International Standard will enhance the usability of biometric test data by providing them in a
common and machine readable form. This International Standard is intended to provide
— documentary evidence that a product has been tested,
— a statement of authenticity of the test report,
— an ability to maintain of registry of products,
— a clear mechanism for maintaining product availability and certification status, and
— an ability for a relying system to depend on a biometric product used in a remote authentication context.
This International Standard is not intended to replace traditional biometric test reports. Indeed,
because such texts are essential to the complete documentation of a test, they are viewed as parents of
the machine readable content defined in ISO/IEC 29120 and are explicitly referenced in these reports.
Accordingly, the parts of this International Standard establish requirements for, and define formats for,
signed test reports and biometric datasets as follows.
This part of ISO/IEC 29120 establishes machine readable records for documenting the output of a
biometric test. This supports the documentary reporting requirements of some parts of ISO/IEC 19795.
This part of ISO/IEC 29120 is primarily intended to support scenario and technology tests. Additionally,
interoperability tests can be documented by a collection of ISO/IEC 29120-1 test reports (one for each
tested combination of components). The International Standard also includes mechanism to protect the
integrity of the test report. This assures a receiving system that the test information (date, laboratory,
accreditation body, manner of testing, conformance, test size, accuracy) can be relied upon and used
appropriately.
As the parts of ISO/IEC 19795 have been developed and testing standards have been published, there
is an increasing reliance on the correct conduct of tests and their documented outputs. Although the
ISO/IEC 19795 standards include extensive disclosure and reporting requirements, they do not establish
definitive data formats for those pieces of information. Other data concerning the commissioning,
accreditation, and conduct of the test can also be valuable to consumers of the test reports. In addition,
this International Standard will benefit users of biometric tests via improved
— conformance to testing standards,
— reliability (via automation of relevant activities), and
— comparability of test results.
© ISO/IEC 2015 – All rights reserved v
---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO/IEC 29120-1:2015(E)
Information technology — Machine readable test data for
biometric testing and reporting —
Part 1:
Test reports
1 Scope
This part of ISO/IEC 29120 establishes
— machine readable records for documenting the output of a biometric test,
— formats for data that ISO/IEC 19795 tests are required to report, and
— an ASN.1 syntax for test reports.
This standard specifically does not
— require, prohibit, or otherwise specify, the format of biometric samples or templates used in a test,
— require, prohibit or otherwise specify, the encapsulation of biometric samples or templates used
in a test, or
— regulate metrics for tests.
NOTE ISO/IEC 19795-1 establishes the reportable metrics.
2 Conformance
A test report shall be conformant to this part of ISO/IEC 29120 if it meets all normative requirements of
this part of ISO/IEC 29120.
3 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
ISO 8601:2004, Data elements and interchange formats — Information interchange — Representation of
dates and times
ISO/IEC 8825-1:2008, Information technology — ASN.1 encoding rules: Specification of Basic Encoding
Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) — Part 1
ISO/IEC 8825-4:2008, Information technology — ASN.1 encoding rules: XML Encoding Rules (XER) — Part 4
ISO/IEC 9594-2, Information technology — Open Systems Interconnection — The Directory — Part 2: Models
ISO/IEC 19785-3:2007, Information technology — Common Biometric Exchange Formats Framework —
Part 3: Patron format specifications
ISO/IEC 19795-1, Information technology — Biometric performance testing and reporting — Part 1:
Principles and framework
© ISO/IEC ISO pub-date year – All rights reserved 1
---------------------- Page: 6 ----------------------
ISO/IEC 29120-1:2015(E)
RFC 3852, Cryptographic Message Syntax (CMS)
RFC 5911, New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME
4 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 19795-1 apply.
5 Symbols and abbreviated terms
For the purposes of this part of ISO/IEC 29120, the following abbreviations apply.
ASN Abstract Syntax Notation
BDB Biometric Data Block
CDF Cumulative Distribution Function
CMC Cumulative match characteristic
DET Detection error tradeoff
FAR False accept rate
FTA Failure to acquire rate
FTE Failure to enrol rate
FMR False match rate
FNIR False-negative identification error rate
FNMR False non-match rate
FPIR False-positive identification error rate
FRR False reject rate
ROC Receiver operating characteristic
IUT Implementation under test
6 ASN.1 format
6.1 Encoding rules
The test reports specified in this part of the International Standard shall be encoded using the XML Encoding
Rules (XER) [ISO/IEC 8825-4:2008] or the Basic Encoding Rules (BER) [ISO/IEC 8825-1:2008] of ASN.1.
6.2 ASN.1 object identifier for test report
MachineReadableBiometricTestingAndReportingTestReport {
iso(1) standard(0) MRTDBTR(29120) testReport(1) module(1) rev(0)
}
6.3 BiometricTestReport type
BiometricTestReport ::= SEQUENCE {
contentType CONTENT-TYPE.&id({ContentTypeBiometricTestReport }),
content [0] EXPLICIT CONTENT-TYPE.&Type
2 © ISO/IEC 2015 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC 29120-1:2015(E)
({ContentTypeBiometricTestReport}{@contentType})
}
Type BiometricTestReport is composed of two components, contentType and content.
The first component contentType is an object identifier, which indicates the type of content in the
second component content. The value of contentType takes one of the following three values; id-
estReportTechnology, id-testReportScenario, and id-signedTestReport. This
is done by the following definition of ContentTypeBiometricTestReport and those of
testReportTechnology, testReportScenario, and signedDataBTR.
ContentTypeBiometricTestReport CONTENT-TYPE ::= { testReportTechnology |
testReportScenario |
signedTestReport }
testReportTechnology CONTENT-TYPE ::= {
TestReportTechnology
IDENTIFIED BY id-testReportTechnology
}
testReportScenario CONTENT-TYPE ::= {
TestReportScenario
IDENTIFIED BY id-testReportScenario
}
signedTestReport CONTENT-TYPE ::= {
SignedTestReport
IDENTIFIED BY id-signedTestReport
}
Each of these content types corresponds to report of technology test, scenario test, and signed test report.
The object identifiers are defined as follows:
id-testReportTechnology OBJECT IDENTIFIER ::= {
iso(1) standard(0) MRTDBTR(29120) testReport(1) contentType(2)
testReportTechnology(1)
}
id-testReportScenario OBJECT IDENTIFIER ::= {
iso(1) standard(0) MRTDBTR(29120) testReport(1) contentType(2)
testReportScenario(2)
}
id-signedTestReport OBJECT IDENTIFIER ::= {
iso(1) standard(0) MRTDBTR(29120) testReport(1) contentType(2) signedTestReport(3)
}
6.4 Data types for technology tests
6.4.1 Overview
Type TestReportTechnology is a type to express results of technology test. The first field version
is the version of this test report format of type MRTDBTRVersion. The second field targetInfo
is of type ProductInformation and gives information of the evaluated product. The third field
testReportInfo gives the information about the test report of type TestReportInformation.
The fourth part is a sequence testReports of type TestReportTechnologyForOneCondition.
Each element of this sequence corresponds to a test result under a specific condition.
TestReportTechnology ::= SEQUENCE {
version MRTDBTRVersion DEFAULT v0,
targetInfo ProductInformation,
testReportInfo TestReportInformation,
testReports SEQUENCE OF TestReportTechnologyForOneCondition
}
MRTDBTRVersion ::= INTEGER { v0(0) } ( v0, . )
6.4.2 Product information
Type ProductInformation has six fields and gives information about the tested product.
ProductInformation ::= SEQUENCE {
provider Provider,
© ISO/IEC 2015 – All rights reserved 3
---------------------- Page: 8 ----------------------
ISO/IEC 29120-1:2015(E)
nameProduct NameProduct,
description VisibleString OPTIONAL,
functionProduct SEQUENCE OF Function,
outputProduct DataType OPTIONAL,
modalityProduct Modality
}
6.4.2.1 Provider information
The first field provider is of type Provider and gives information about the provider of the tested
biometric product.
Provider ::= SEQUENCE {
nameProvider Name,
typeProvider TypeProvider,
roleProvider RoleProvider,
contactInformation VisibleString OPTIONAL
}
The first field nameProvider identifies the name of the provider. The type Name for this field is
specified in ISO/IEC 9592-2:2005.
The second field typeProvider shows the type of the provider, and shall take a value chosen from the values
of type TypeProvider: non-profit, university, corporation, individual, government.
TypeProvider ::= ENUMERATED {
non-profit(1),
university(2),
corporation(3),
individual(4),
government(5)
}
The third field roleProvider shows the role of the provider, and shall take a value chosen from
the values of type RoleProvider: manufacturer, reseller, integrator, other.
manufacturer is for the role of the entity responsible for the design or creation of the component.
reseller is for the role of the entity which packages or resells the component. integrator is for the
role of the entity which may combine components into a single atomic component.
RoleProvider ::= ENUMERATED {
manufacturer(1),
reseller(2),
integrator(3),
other(4)
}
The fourth field contactInformation, which is optional, shows the contact informationof the
provider, such as the mail address of the provider, in VisibleString.
6.4.2.2 Other information in product information
The second field nameProduct in type ProductInformation is of NameProduct and gives basic
information about the product.
NameProduct ::= SEQUENCE {
modelName Name,
productCBEFF Product OPTIONAL,
version VersionProduct,
softwareVersion VersionProduct,
firmwareVersion VersionProduct
}
VersionProduct ::= INTEGER { v0(0) } ( v0, . )
The first field modelName in NameProduct is of type Name and identifies the product. The second
field productCBEFF is an optional field of type Product imported from 19785-3 CBEFF Part 3. If the
product is registered to a certain biometric organization, this field may be used to identify the product.
The third, fourth, and fifth field version, softwareVersion, and firmwareVersion are all of type
4 © ISO/IEC 2015 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/IEC 29120-1:2015(E)
VersionProduct and indicate the version of the product, the version of the software of the product,
the version of the firmware of the product respectively.
The third field description in type ProductInformation gives a complete unique description of
the component under the test in VisibleString. This field should be used to describe prototypes,
experimental models, use of biometric modalities not listed in ISO/IEC 19785-3, or to give additional
information about the biometric modality (e.g. for iris recognition in the visible spectrum).
The fourth field functionProduct in type ProductInformation expresses the function of the
tested product with type Function.Type Function is specified as follows:
Function ::= ENUMERATED {
acquisition(1),
enrolment(2),
verification(3),
identification(4),
.
}
The fifth field outputProduct in type ProductInformation expresses the data type of the output
of the tested product with type DataType. Type DataType consists of two fields, processedLevel
and purpose. The former takes a value which corresponds to raw data, intermediate data, processed
data, comparison score, or comparison decision. The latter takes a value which corresponds to biometric
reference or biometric sample.
DataType ::= SEQUENCE {
processedLevel ProcessedLevel,
purpose Purpose OPTIONAL
}
ProcessedLevel ::= ENUMERATED {
raw-data(1),
intermediate-data(2),
processed-data(3),
comparison-score(4),
comparison-result(5),
.
}
Purpose ::= ENUMERATED {
reference(1),
sample(2)
}
The sixth field modalityProduct in type ProductInformation indicate the modality of
biometric data which the tested product processes, with type Modality. Type modality consists
of a pair of fields type and subtype. type is mandatory if processedLevel in outputProduct
takes neither comparison-score nor comparison-result. The types BiometricType and
BiometricSubtype are defined in ISO/IEC 19785-3:2007, Clause 6.2.
Modality ::= SEQUENCE {
type BiometricType,
subtype BiometricSubtype OPTIONAL
}
6.4.3 Information about test report
Type TestReportInformation has four fields and gives information about the test report.
TestReportInformation ::= SEQUENCE {
testLabInformation TestLabInformation,
compliantStandard StandardDescription,
testReportIssuaranceDate Date,
parentTestReport ExternalDocument
}
The first field testLabInformation in type TestReportInformation identifies the test laboratory
conducting the test, with type TestLabInformation. Type TestLabInformation consists of two
fields: identificationTestLab of type IdentificationTestLab and accreditationStatus
of type AccreditationStatus.
© ISO/IEC 2015 – All rights reserved 5
---------------------- Page: 10 ----------------------
ISO/IEC 29120-1:2015(E)
TestLabInformation ::= SEQUENCE {
identificationTestLab IdentificationTestLab,
accreditationStatus AccreditationStatus
}
Type IdentificationTestLab has five fields of type VisibleString : nameLab to show the name
of the responsible laboratory, location to show location of the laboratory, optional testImplementor
to show the employee or representative who executed the test, testReportSignatory to show
the employee or representative assuring the integrity, correctness and completeness of the test, and
contactInformation to show the contact information for enquiries concerning the test report.
IdentificationTestLab ::= SEQUENCE {
nameLab VisibleString,
location VisibleString,
testImplementor VisibleString OPTIONAL,
testReportSignatory VisibleString,
contactInformation VisibleString
}
AccreditationStatus ::= SEQUENCE {
accreditingBodies SEQUENCE OF AccreditingBody,
scopeAccreditation ScopeAccreditation OPTIONAL
}
AccreditingBody ::= SEQUENCE {
nameAccreditingBody VisibleString,
identifierCertificate OBJECT IDENTIFIER,
signatory OCTET STRING
}
The second field compliantStandard in type TestReportInformation indicates which testing
standards were used for the test with type StandardDescription. Type StandardDescription
has four fields: standardName in VisibleString to show the name of the standard such as
Biometric Testing and Reporting – Principles and Framework, standardNumber in VisibleString
to show the number of the standard such as 19795, standardPart in VisibleString to show the
part number of the standard, and standardPublicationDate of type Date to show the publication
date of the standard.
Type Date is expressed in VisibleString with fixed length of 8 of form YYYYMMDD, which
comforms to ISO 8601.
StandardDescription ::= SEQUENCE {
standardName VisibleString,
standardNumber VisibleString,
standardPart VisibleString,
standardPublicationDate Date
}
Date ::= VisibleString
-- conforms to ISO 8601
-- length = 8
-- fixed
-- YYYYMMDD
The third field testReportIssuaranceDate in type TestReportInformation encodes the date
on which the test report was signed by the test laboratory official with type Date.
The fourth field parentTestReport in type TestReportInformation gives the information
about the non-machine readable, traditional test report for complete human-readable documentation of
the test with type ExternalDocument. Type ExternalDocument consists of three mandatory fields
and five optional fields. The first field link of type URI expresses the URL where the document can
be referenced. The second field title of type VisibleString shows the title of the document. The
third and optional field authors of type SEQUENCE OF VisibleString shows the author or the
group of authors of the document. The fourth and optional field publisher of type VisibleString
shows the publisher of the document. The fifth and optional field editior of type VisibleString
shows the editor of the document. The sixth and optional field typeDocument of type TypeDocument
shows the type of the document: article, technical report, in proceedings, abstract, book, in book, or
collection. The seventh and optional field publicationDate of type Date shows the publication date
6 © ISO/IEC 2015 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/IEC 29120-1:2015(E)
of the document. The eighth field availability of type Availability shows the availability of the
document: public, restricted, unavailable, or superseded.
ExternalDocument ::= SEQUENCE {
link URI,
title VisibleString,
authors SEQUENCE OF VisibleString OPTIONAL,
publisher VisibleString OPTIONAL,
editior VisibleString OPTIONAL,
typeDocument TypeDocument OPTIONAL,
publicationDate Date OPTIONAL,
availability Availability
}
TypeDocument ::= ENUMERATED {
article(1),
technical-report(2),
in-proceedings(3),
abstract(4),
book(5),
in-book(6),
collection(7)
}
Availability ::= ENUMERATED {
public(1),
restricted(2),
unavailable(3),
superseded(4)
}
6.4.4 Test report under a specific condition
6.4.4.1 Overview
Type TestReportTechnologyForOneCondition gives a set of information for a result of
technology test under a given condition. TestReportTechnologyForOneCondition consists of
four fields; corpusInfo of type CorpusInformation, dateStarted of type Date, dateEnded
of type Date, and testResult of type SEQUENCE OF TestResult. The second and third are
optional fields.
TestReportTechnologyForOneCondition ::= SEQUENCE {
corpusInfo CorpusInformation,
dateStarted Date OPTIONAL,
dateEnded Date OPTIONAL,
testResult SEQUENCE OF TestResult
}
6.4.4.2 Corpus information
Type CorpusInformation represents the information of the corpus which was used in the
evaluation with two fields; composition of type CorpusComposition and environInfo of type
EnvironmentalInformation.
CorpusInformation ::= SEQUENCE {
composition CorpusComposition,
environInfo EnvironmentalInformation
}
In type CorpusComposition, the corpus is identified with the first field identifier of type OBJECT
IDENTIFIER. The second field nameCorpus of type VisibleString gives the name of the corpus. The
third field corpusStatistics of type CorpusStatistics gives statistical information of the corpus.
CorpusComposition ::= SEQUENCE {
identifier OBJECT IDENTIFIER,
nameCorpus VisibleString,
corpusStatistics CorpusStatistics
}
© ISO/IEC 2015 – All rights reserved 7
---------------------- Page: 12 ----------------------
ISO/IEC 29120-1:2015(E)
Type CorpusStatistics consists of four fields. The first field corpusBasicStatistics of type
CorpusCrewBasicStatistics gives the statistical information common to corpus and crew. The
second field numSamples indicates the number of biometric samples in the test corpus. The mean
number of samples per person can be obtained by dividing this number by the number of individuals
numIndividuals in corpusBasicStatistics. The number of samples numSamples might be
used in computation of uncertainties. The third and fourth fields, samplesPerIndividualEnrol
and samplesPerIndividualProbe, are optional and indicate the number of enrolment samples per
individual and the number of probe samples per individual respectively. Both are expressed with type
SamplesPerIndividual.
CorpusStatistics ::= SEQUENCE {
corpusBasicStatistics CorpusCrewBasicStatistics,
numSamples INTEGER,
samplesPerIndividualEnrol SamplesPerIndividual OPTIONAL,
samplesPerIndividualProbe SamplesPerIndividual OPTIONAL
}
Type SamplesPerIndividual is used to exhaustively tabulate a value for each member of the volunteer
corpus. This type consists of four fields. The first field numSubjects indicates the number of subjects
in the sample. The second and third fields, mean and median, are computed over all subjects. These two
support applications that might not need data on the entire distribution expressed in distrSubjSample.
The fourth field distrSubjSample is of type DistributionIntegerInteger, which is defined as
SEQUENCE OF ExpressionPointIntegerInteger. Type ExpressionPointIntegerInteger
consists of a pair of integers, subjectId and numberOfSamples. numberOfSamples expresses the
number of samples for the subjectId. For example, 20 samples are given f
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.