ISO 19092:2008

INTERNATIONAL ISO
STANDARD 19092
First edition
2008-01-15
Financial services — Biometrics —
Security framework
Services financiers — Biométrie — Cadre de sécurité

Reference number
©
ISO 2008
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

©  ISO 2008
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2008 – All rights reserved

Contents Page
Foreword. v
Introduction . vi
1 Scope . 1
2 Conformance. 2
3 Normative references . 2
4 Terms and definitions. 2
5 Symbols and abbreviated terms . 8
6 Biometric technology overview. 9
6.1 General. 9
6.2 Fingerprint biometrics. 9
6.3 Voice biometrics . 10
6.4 Iris biometrics . 10
6.5 Retina biometrics. 11
6.6 Face biometrics. 11
6.7 Hand geometry biometrics . 11
6.8 Signature biometrics . 12
6.9 Vein biometrics . 12
7 Technological considerations . 12
7.1 Biometric system properties . 12
7.2 Universality. 13
7.3 Distinctiveness. 13
7.4 Accuracy. 14
7.5 Performance evaluation . 15
7.6 Interoperability. 17
8 Basic principles of biometric architectures.17
8.1 Biometric system model . 17
8.2 Data collection subsystem . 18
8.3 Transmission subsystem. 18
8.4 Signal processing subsystem . 18
8.5 Matching subsystem . 19
8.6 Decision subsystem . 20
8.7 Storage subsystem. 20
8.8 Portable tokens . 20
9 Management and security requirements. 21
9.1 Basic applications . 21
9.2 Core security requirements . 21
9.3 Enrolment . 22
9.4 Verification . 23
9.5 Identification. 24
9.6 Transmission and storage . 25
9.7 Termination and archiving. 26
9.8 Compliance and event journal. 27
10 Security infrastructure . 27
10.1 Components . 27
10.2 Physical techniques . 28
11 Biometric validation control objectives. 29
11.1 Periodic review and audit considerations .29
11.2 Environmental controls . 30
11.3 Key management life-cycle controls. 41
11.4 Biometric information life cycle. 45
Annex A (informative) Event journal. 54
Annex B (normative) Biometric enrolment . 58
Annex C (normative) Security considerations . 60
Annex D (normative) Security requirements for biometric devices. 72
Annex E (informative) Existing applications. 75
Bibliography . 77

iv © ISO 2008 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
International Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 19092 was prepared by Technical Committee ISO/TC 68, Financial services, Subcommittee SC 2,
Security management and general banking operations.
This first edition of ISO 19092 cancels and replaces ISO 19092-1:2006, of which it constitutes a minor revision,
notably to remove references to the ISO 19092-2 project.
Introduction
This International Standard replaces ISO 19092-1:2006. When ISO 19092-1:2006 was published, it was
expected that a second part of ISO 19092 (ISO 19092-2, Financial services — Biometrics — Part 2: Message
syntax and cryptographic requirements) would subsequently be published. However, ISO 19092-2 was not
completed due to a lack of consensus. As a result, ISO 19092-1:2006 has been updated into this International
Standard, removing all references to ISO 19092-2 and incorporating some minor editorial corrections.
Business practice has changed with the introduction of computer-based technologies. The substitution of
electronic transactions for their paper-based predecessors has reduced costs and improved efficiency.
Trillions of dollars in funds and securities are transferred daily on systemically important payment systems and
other financial systems by telephone, wire services and other electronic communication mechanisms. The
high value or sheer volume of such transactions within an open environment exposes the financial community
and its customers to potentially severe risks from accidental or deliberate alteration, substitution or destruction
of data. Interconnected networks, and the increased number and sophistication of malicious adversaries
compound this risk.
The inevitable advent of electronic communications across uncontrolled public networks, such as the Internet,
is also increasing risk to the financial industry. The necessity to expand business operations into these
environments has elevated the awareness for strong authentication and created the need for alternate forms
of authentication. The financial community is responding to these needs.
Biometrics, the “something you are or are able to do” identity factor, has come of age, and includes such
technologies as finger image, voice identification, eye scan and facial image. The cost of biometric technology
has been decreasing while the reliability has been increasing, and both are now acceptable and viable for the
financial industry.
This International Standard describes adequate controls and proper procedures for using biometrics as an
authentication mechanism for secure remote electronic access or local physical access controls for the
financial industry.
Biometrics can be used for human authentication for physical and logical access. Logical access can include
access to applications, services, or entitlements. This International Standard promotes the integration of
biometrics into the financial industry, and the management of biometric information as part of the overall
information security management programme of the organization. It positions biometric technology to
strengthen public key infrastructure (PKI) for higher authentication by providing stronger methods as well as
multi-factor authentication. In addition, this International Standard allows continuous reassurance that the
entity about to generate a digital signature is, in fact, the person authorized to access the private key.
The success of a biometric system with the public is based on a number of factors, and these factors differ
among the available biometric technologies:
⎯ convenience and ease of use;
⎯ level of apparent security;
⎯ performance;
⎯ non-invasiveness.
The authentication systems discussed in this International Standard are those for a closed user group in which
the group members have agreed to use biometric identification or perform identification themselves. Such
agreements might be explicit (e.g. service agreement) or implicit (e.g. entering a facility indicating a clear
intent to conduct a transaction). Such systems that will be used to monitor an indefinite number of people are
excluded from the scope of this International Standard.
vi © ISO 2008 – All rights reserved

The techniques specified in this International Standard are designed to maintain the integrity and
confidentiality of biometric information and to provide authentication. However, this International Standard
does not guarantee that a particular implementation is secure. It is the responsibility of the financial institution
to put an overall process in place with the necessary controls to ensure that the process is securely
implemented. Furthermore, the controls should include the application of appropriate audit tests in order to
verify compliance with this International Standard.

INTERNATIONAL STANDARD ISO 19092:2008(E)

Financial services — Biometrics — Security framework
1 Scope
This International Standard describes the security framework for using biometrics for authentication of
individuals in financial services. It introduces the types of biometric technologies and addresses issues
concerning their application. This International Standard also describes the architectures for implementation,
specifies the minimum security requirements for effective management, and provides control objectives and
recommendations suitable for use by a professional practitioner.
The following are within the scope of this International Standard:
⎯ usage of biometrics for the authentication of employees and persons seeking financial services by:
⎯ verification of a claimed identity;
⎯ identification of an individual;
⎯ validation of credentials presented at enrolment to support authentication as required by risk
management;
⎯ management of biometric information across its life cycle comprised of the enrolment, transmission and
storage, verification, identification and termination processes;
⎯ security of biometric information during its life cycle, encompassing data integrity, origin authentication
and confidentiality;
⎯ application of biometrics for logical and physical access control;
⎯ surveillance to protect the financial institution and its customers;
⎯ security of the physical hardware used throughout the biometric information life cycle.
The following are not within the scope of this International Standard:
⎯ the individual’s privacy rights and ownership of biometric information;
⎯ specific techniques for data collection, signal processing and matching of biometric data, and the
biometric matching decision-making process;
⎯ usage of biometric technology for non-authentication convenience applications such as speech
recognition, user interaction and anonymous access control.
This International Standard provides the mandatory means whereby biometric information may be encrypted
for data confidentiality or other reasons.
Although this International Standard does not address specific requirements and limitations of business
applications employing biometric technology, other standards may address these topics.
2 Conformance
A biometric authentication system may claim compliance to this International Standard if the implementation
satisfies the management and security requirements identified in this International Standard.
A biometric authentication system that utilizes the cryptographic message requirements recommended in this
International Standard and that has implemented appropriate policies, practices and operational procedures
shall comply with this International Standard.
Compliance of many of the aspects of a biometric authentication system can be achieved by satisfying the
management and security requirements specified in Clauses 9 and 10, and verified if the implementation and
its associated policies, practices and operational procedures meet the validation control objectives identified in
Clause 11. An organization can document compliance to many operational aspects of this International
Standard using the biometric event journal specified in Annex A.
3 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO 10202-3, Financial transaction cards — Security architecture of financial transaction systems using
integrated circuit cards — Part 3: Cryptographic key relationships
ISO/IEC 19790, Information technology — Security techniques — Security requirements for cryptographic
modules
4 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
4.1
adaptation
process of automatically updating or refreshing a reference template
4.2
attempt
submission of a biometric sample on the part of an individual for the purposes of enrolment, verification, or
identification in a biometric system
NOTE An individual can be permitted several attempts to enrol, to verify, or to be identified.
4.3
binning
database partitioning based on information contained within (endogenous to) the biometric patterns
4.4
biometrics
measurable biological or behavioural characteristic, which reliably distinguishes one person from another,
used to recognize the identity, or verify the claimed identity, of an enrolee
4.5
biometric authentication
process of confirming an individual’s identity, either by verification or by identification
2 © ISO 2008 – All rights reserved

4.6
biometric data
extracted information taken from the biometric sample and used to generate either a reference template or a
match template
4.7
biometric identification
one-to-many process of comparing a submitted biometric sample against some or all enrolled reference
templates to determine an individual’s identity
4.8
Biometric Policy
BP
named set of rules that indicate the applicability of a biometric template to some community or class of
application having common security requirements
4.9
Biometric Practice Statement
BPS
statement of the practices which an organization follows during the biometric template life cycle (e.g. creation,
management, and destruction), including business, legal, regulatory and technical matters
4.10
biometric sample
initial (raw) biometric data that is captured and processed
4.11
biometric system
automated system capable of capturing, extraction, matching and returning a decision (match/non-match)
4.12
biometric verification
process of comparing a match template against a specific reference template based on a claimed identity (e.g.
user ID, account number)
4.13
capture
acquisition of a biometric sample
4.14
claim of identity
name or index of a claimed reference template or enrolee used by a biometric system for verification
4.15
claimant
person submitting a biometric sample for verification
4.16
confidentiality
property that information is not made available or disclosed to unauthorized individuals, entities, or processes
[ISO/TR 13569:2005, 3.15; ISO/IEC 13335-1:2004, 2.6]
4.17
cryptographic exchange
secure transport or storage of data or cryptographic materials under the protection of a cryptographic key
4.18
decision policy
logic through which a biometric system provides match/no match decisions, inclusive of the following
elements:
⎯ the biometric system’s matching threshold;
⎯ the number of match attempts permitted per transaction;
⎯ the number of reference templates enrolled per claimant;
⎯ the number of distinct biometric samples (e.g. different fingerprints) enrolled per claimant;
⎯ the number of biometric technologies (e.g. fingerprint, voice) in which the claimant is enrolled;
⎯ the use of internal controls in the matching process to detect like or non-like biometric samples.
NOTE Serial, parallel, weighted or fusion decision models in biometric systems utilize more than one reference
template in the match process for a given user (e.g. multiple-biometric systems as well as systems in which reference
templates are created and stored from multiple fingerprints).
4.19
encryption
reversible transformation of plain text (readable) by a cryptographic algorithm to produce cipher text
(unreadable) to hide the information content of the plain text
4.20
enrolment
process of collecting biometric samples from a person and the subsequent generation and storage of
biometric reference templates associated with that person
NOTE See also initial enrolment (4.36) and re-enrolment (4.47).
4.21
Equal Error Rate
EER
probability or percentage of errors when the decision threshold of a system is set such that the false match
rate is equal to the false non-match
NOTE Historically, this was referred to as “crossover rate”.
4.22
extraction
feature extraction
process of converting raw biometric data into processed biometric data for use in template comparison or
reference template creation
4.23
face biometrics
biometric technology based on the distinctive characteristics of the face, inclusive of features in the visible
spectrum, the infrared spectrum, or both
4.24
failure to acquire
failure of a biometric system to capture a biometric sample, or to extract biometric data from a biometric
sample, sufficient to generate a reference template or match template
4.25
failure to enrol
failure of a biometric system to capture one or more biometric samples, or to extract data from one or more
biometric samples, sufficient to generate a reference template
4 © ISO 2008 – All rights reserved

4.26
False Acceptance Rate
FAR
probability, in a one-to-one system, that a biometric system will incorrectly identify an individual, or will fail to
reject an impostor
NOTE For a positive (verification) system, it can be estimated from the number of false acceptances divided by the
number of impostor verification attempts.
4.27
False Match Rate
FMR
rate for incorrect positive matches by the matching algorithm for single template comparison attempts
NOTE For a biometric system that uses just one attempt to decide acceptance, FMR is the same as FAR. When
multiple attempts are combined in some manner to decide acceptance, FAR is more meaningful at the system level than
FMR.
4.28
False Non-Match Rate
FNMR
rate for incorrect negative matches by the matching algorithm for single template comparison attempts
NOTE For a biometric system that uses just one attempt to decide acceptance, FNMR is the same as FRR (4.29).
When multiple attempts are combined in some manner to decide acceptance, FRR is more meaningful at the system level
than FNMR.
4.29
False Rejection Rate
FRR
probability that a biometric system will fail to identify a genuine enrolee
NOTE For a positive (verification) system, it can be estimated from the number of false rejects divided by the number
of enrolee verification attempts.
4.30
filtering
partitioning a database through the use of exogenous information about the user not discernible from the
biometric patterns, such as sex, age or race
4.31
finger geometry
biometric technology based on the distinctive characteristics of the shape and dimensions of one or more
fingers
4.32
fingerprint biometrics
biometric technology (e.g. finger minutia or finger pattern matching) based on the distinctive characteristics of
the friction ridges and valleys present on an individual’s fingertips
4.33
hand geometry
hand identification
biometric technology based on the distinctive characteristics of the shape and dimensions of the hand
4.34
impostor
person who submits a biometric sample in either an intentional or inadvertent attempt to be authenticated as
another person who is an enrolee
4.35
information security
preservation of confidentiality, integrity and availability of information; in addition, other properties such as
authenticity, accountability, non-repudiation and reliability can also be involved
[ISO/IEC 17799:2005, 2.5]
4.36
initial enrolment
process of enrolling an individual’s biometric data for the first time, such that the individual shall provide a
means of authentication, such as a password or ID in order to establish or confirm an identity
NOTE See also enrolment (4.20) and re-enrolment (4.47).
4.37
integrity
property of safeguarding the accuracy and completeness of assets
[ISO/IEC 13335-1:2004, 2.15]
4.38
iris biometrics
biometric technology based on the distinctive characteristics of features found in the iris
4.39
match
process of comparing a match template against a previously stored reference template and scoring the
degree of similarity or correlation between the two
4.40
match template
data, which represents the biometric measurement of a claimant, extracted from a claimant’s biometric sample
and used by a biometric system for comparison against one or more stored reference templates
4.41
multi-biometric authentication
biometric authentication using two or more different biometric types
NOTE For example, finger biometrics with iris biometrics or voice biometrics with face biometrics.
4.42
multi-factor authentication
authentication using two or more of the following factors:
⎯ knowledge factor, “something an individual knows”;
⎯ possession factor, “something an individual has”;
⎯ biometric factor, “something an individual is or is able to do”.
4.43
one-to-many
biometric identification
4.44
one-to-one
biometric verification
6 © ISO 2008 – All rights reserved

4.45
palm biometrics
biometric technology based on the distinctive characteristics of features found in the palm of the hand,
inclusive of ridge/minutiae information and/or palm lines
4.46
raw biometric data
captured, unprocessed biometric data (e.g. fingerprint image or audio stream) from a sensor device, in digital
form, suitable for subsequent processing to create a biometric sample or template
4.47
re-enrolment
process of enrolling an individual’s biometric data where the same or other biometric data has been enrolled
at least once
NOTE See also enrolment (4.20) and initial enrolment (4.36).
4.48
reference template
data, which represents the biometric measurement of an enrolee, extracted from an enrolee's biometric
sample and typically stored and used by a biometric system for comparison against subsequently submitted
match templates
4.49
registration
process in which a person proves his/her identity by presenting credentials to the biometric service provider
before being allowed to enrol and is assigned an electronic identifier
4.50
retinal biometrics
biometric technology based on the distinctive characteristics of features found in the retina
4.51
risk management
coordinated activities to direct and control an organization with regard to risk
[ISO/IEC Guide 73:2002, 3.1.7]
4.52
score
numerical representation of the degree of similarity between two matched templates
NOTE The specific method by which a biometric score is generated, as well as the probability of its correctly
indicating a true or false match, is generally propriety to each biometric vendor.
4.53
signature verification biometrics
biometric technology based on the distinctive characteristics of features found in the dynamics of a
hand-written signature or other signed symbols
4.54
single-factor authentication
authentication using only one of the following factors:
⎯ knowledge factor, “something an individual knows”;
⎯ possession factor, “something an individual has”;
⎯ biometric factor, “something an individual is”.
4.55
template
data, which represents the biometric measurement of an individual, used by a biometric system to execute
biometric matches
NOTE See match template (4.40) and reference template (4.48).
4.56
threshold
point above which the degree of similarity between two compared templates is sufficiently high to constitute a
“match”, and below which the degree of similarity between two compared templates is sufficiently low to
constitute a “non-match”
NOTE Thresholds can often be adjusted at an administrative level to decrease the False Match Rate (4.27) or to
decrease the False Non-Match Rate (4.28).
4.57
voice biometrics
biometric technology based on the distinctive characteristics of acoustic information found in the voice of a
speaker
5 Symbols and abbreviated terms
ADF Application Data File
AES Advanced Encryption Standard
ATM Automated Teller Machine
BISMS Biometrics Information Security Management System
CA Certification Authority
CDF Common Data File
DEA Data Encryption Algorithm
DES Data Encryption Standard
DSV Dynamic Signature Verification
IC Integrated Circuit
ICC Integrated Circuit Card
ID Identification
KEK Key Encryption Key
PKI Public Key Infrastructure
8 © ISO 2008 – All rights reserved

6 Biometric technology overview
6.1 General
Biometric technology addresses the problems associated with confirming the identity of an individual for the
purposes of financial transactions. The registration processes are a prerequisite for any formal biometric
enrolment. Each person shall prove his/her identity to the biometric service provider using credentials before
being allowed to enrol. This provides assurance that the biometric reference template is actually bound to the
identity of the individual who has enrolled.
Biometric identification leverages the universally recognized fact that certain physiological or behavioural
characteristics can reliably distinguish one person from another. Biometric technology includes both the
automatic collection and the comparison of these characteristics. The digital representations of these
characteristics are stored in an electronic medium and later used to confirm the identity of an individual. A
typical authentication process utilizing biometric technology consists of the following basic steps:
a) capturing the biometric data;
b) evaluating the quality of the captured biometric data and recapturing it if necessary;
c) processing the captured biometric data; and
d) matching the processed biometric data with previously enrolled template(s) to determine if a match exists;
this matching can be done for biometric verification or biometric identification.
There are three basic biometric processes, as described below.
⎯ Enrolment is the process of collecting biometric samples from a person and the subsequent generation
and storage of biometric reference templates associated with that person. Enrolment may entail the
collection of other information about the individual, which links them to an organization, an account, or a
set of privileges. In cases where duplicate enrolment is not allowed, enrolment may be preceded by a
one-to-many comparison to make sure that the individual is not already in the database, perhaps under
another name. If no match is found, the template and its associated information may be added to the
individual’s respective database entries. (See also 9.3.)
⎯ Verification is a “one-to-one” comparison. This process entails the comparison of a match template
generated from a newly captured sample with a previously generated reference template stored in a
database or on an ID card. If the newly captured sample matches the previously generated template, the
claim of identity is confirmed or verified.
⎯ Identification is a “one-to-many” comparison. This process entails the comparison of a match template
generated from a newly captured sample with all of the templates in the database. It is most often used to
determine whether a person has previously enrolled in the system. Some systems use an external
qualifier (e.g. telephone number) to narrow the search and subsequent identification to “one-to-few”.
The advent of modern computing techniques is making the use of biometric technology for the purposes of
identification a viable option in many areas. The characteristics, which can be used to represent an individual,
include fingerprints, voiceprints, iris patterns, hand geometry, facial image, retinal patterns, and signature
verification. These seem to be the current mainstream biometric technologies, and a brief description of these
techniques is given in the following paragraphs. However, these are not the only biometric characteristics
available today. Others include palm identification, head acoustics, wrist vein geometry, body odour, ear
shape and keystroke dynamics. As technology advances, the list of viable characteristics may well expand.
6.2 Fingerprint biometrics
Friction ridges and valleys on an individual's fingertips are considered unique to that individual. For over one
hundred years, law-enforcement agencies have been classifying fingerprint images into one of several main
Henry types and sub-types (i.e. fingerprint patterns such as loops, whorls, and arches) as well as determining
identity by matching key points of ridge endings and bifurcations. Fingerprints appear unique for each finger
on the same hand, as well as between identical twins.
Most modern fingerprint matching technology focuses on the unique points within the finger image, the
minutiae. These minutiae are the points where individual friction ridges branch apart (bifurcate) or end.
Imaging algorithms extract the minutiae and create a proprietary template that codes these minutiae. Pattern
matching systems are based on overall ridge flow as opposed to minutiae. Systems can also analyse the
finger's tiny sweat pores or the number of ridges between two key points (such as the core and the deltas).
Fingerprint biometrics is capable of both verification and identification.
Conditions that may affect the prints of different individuals and reduce the quality of image capture include
dirty, dry or cracked prints. Age, gender and body size are also found to have an impact on the quality of
finger images, as well as the placement (rotation, shift and pressure) of the finger on the scanner. The public
may see the historical use of fingerprinting by government law-enforcement organizations as a negative,
although the capture of the fingerprint is generally regarded as non-invasive. Many fingerprint systems are
being marketed by many companies, and significant advances have been made in the cost, size and speed of
this technology in this competitive environment.
6.3 Voice biometrics
Voice biometrics (also called “speaker recognition”) dates back five decades. Early systems, pre-dating digital
computing, used the output of several analogue filters, which were averaged over time for matching. Current
digital speaker recognition systems model the acoustic features of speech that have been found to differ
between individuals, yet remain stable over time for a single individual. These acoustic patterns reflect both
anatomy (e.g. size and shape of the throat and mouth) and learned behavioural patterns (e.g. voice pitch,
speaking style).
Speaker recognition systems can employ any of three styles of spoken input: text-dependent, text-prompted,
and text-independent speech. Most speaker verification applications use text-dependent input, which involves
selection and enrolment of one or more voice passwords. Text-prompted systems ask users to repeat specific
words, phrases, or numbers. Text-prompted input is used where there is concern regarding tape-recorded
impostors. Text-independent input is free-flowing speech.
Voice biometrics can be used for challenge-response type speaker verification, categorized in
ISO/IEC 7816-11 as “dynamic biometric verification”. Applications of speaker identification by law-enforcement
agencies typically use text-independent input because it does not require enrolment or input of specific words.
Input speech is “digitized” to create a series of numbers. From these numbers, a reduced set of “features” is
extracted mathematically. Voice biometrics is commonly used for verification, but rarely for identification.
Ambient noise levels can be an impediment to the collection of initial and subsequent voice samples. Voice
changes due to ageing also need to be addressed by voice biometrics systems; adaptation can be employed
to evolve the voice template along with changes in the verified speaker’s voice. Many companies market
speaker recognition engines, often as part of large voice processing, control and switching systems. Capture
of the biometrics is seen as non-invasive. The technology needs little additional hardware and can leverage
existing microphones and voice-transmission technology. This provides functionality over long distances via
ordinary telephones (wire line or wireless). However, performance is negatively affected by changes, between
enrolment and sampling, in the microphone type or the transmission path.
6.4 Iris biometrics
The iris of the eye is the coloured portion of the eye surrounding the pupil. Iris imaging uses distinctive
anatomical features such as corona, crypts, filaments, freckles, pits, radial furrows, and striations that make
up the complex iris patterns. Iris biometrics entails illumination of the eye, capture of the resulting image, and
location of distinctive features through specialized video cameras. Iris biometrics is capable of both verification
and identification.
Iris images can be acquired automatically and with reasonably little effort from a distance of more than 0,33 m
from the camera. Iris biometrics systems utilize automatic eye detection and advanced camera technology.
Iris biometrics systems are much easier for the public to use than retinal systems.
10 © ISO 2008 – All rights reserved

The iris, being naturally well protected behind the cornea, appears to be stable over long periods (decades)
according to medical literature. Iris imaging is not perceived as highly invasive, since the minimum distance,
even for less-sophisticated iris identification systems, is between 75 mm and 100 mm (between 3 in and 4 in)
from the sensor. Iris images are unaffected by common contact lenses but can be affected by “designer”
contacts. Reflections caused by eyeglasses and sunglasses can also be a problem.
6.5 Retina biometrics
The retina is a structure in the interior of the eye. Retinal biometrics leverages the pattern of blood vessels on
the retina. Retinal biometrics entails illumination of the eye, capture of the resulting image, and location of
distinctive features through specialized video cameras.
Accurate retinal imaging requires almost perfect alignment of the eye with the scanning device, which requires
the eye to be in close proximity to the scanner. This requires a great deal of effort and training, and can lead
to high levels of enrolment and non-matching errors. At the same time, this contributes to the technology’s
historically low false match rate. Retina biometrics is capable of both verification and identification.
Retinal patterns are highly distinctive, but the retinal structure may change during the life of the person. The
requirement for close proximity to the retinal imager, as well as the beam of light shone into the eye, is
perceived as unpleasant by many.
6.6 Face biometrics
The identification or verification of a person by their facial image is a common use of biometric technology.
Most face biometrics solutions utilize images captured in the visible spectrum using standard camera
technology. An alternative approach, known as facial thermography, uses an infrared camera to capture the
unique heat emission patterns made by people’s faces.
The visible light systems extract features from captured facial image(s). Approaches to modelling facial
images in the visible spectrum include Principal Component Analysis, Local Feature Analysis, neural networks,
elastic graph theory, and multi-resolution analysis. Principal Component Analysis, or the “Eigenface”
technique, models a particular face as a weighted combination
...