Information technology — Biometric performance testing and reporting — Part 7: Testing of on-card biometric comparison algorithms

ISO/IEC 19795-7:2011 establishes a mechanism for measuring the core algorithmic capabilities of biometric comparison algorithms running on ISO/IEC 7816 integrated circuit cards. Specifically, ISO/IEC 19795-7:2011 instantiates a mechanism for on-card biometric comparison testing; standardizes procedures for the measurement of the accuracy of on-card biometric comparison implementations running on object-based, test-specific sample cards; standardizes procedures for the measurement of durations of the various operations; gives examples for matching ISO/IEC 19794-2:2005 compact card minutiae templates. The following are specifically not within the scope of ISO/IEC 19795-7:2011: procedures for securing the communications channel, including cryptographic protection of the biometric templates; procedures for protection of sample or template integrity using digital signatures; authentication of the card and reader; selection or use of transmission protocols (e.g. contactless); profiles of specific data interchange standards; procedures for evaluation of readers, including performance, conformance and interoperability; procedures for evaluation of ruggedness or durability of the card; on-card template generation (e.g. extraction of minutiae from images); template update or adaptation; formal conformance tests of ISO/IEC 7816-4 and ISO/IEC 7816-11; testing of devices not conforming to ISO/IEC 7816, including all system-on-card devices.

Technologies de l'information — Essais et rapports de performance biométriques — Partie 7: Essais des algorithmes de comparaison biométrique sur carte

General Information

Status
Published
Publication Date
10-Jan-2011
Current Stage
9093 - International Standard confirmed
Start Date
15-Jul-2022
Completion Date
14-Feb-2026

Overview - ISO/IEC 19795-7:2011 (On‑card Biometric Comparison Testing)

ISO/IEC 19795-7:2011 is an international standard for biometric performance testing and reporting focused on on‑card biometric comparison algorithms running on ISO/IEC 7816 integrated circuit (smart) cards. The standard defines a mechanism to measure the core algorithmic capabilities of comparison implementations executed on‑card, standardizes procedures to measure accuracy and timing (durations) of operations, and provides examples for matching ISO/IEC 19794-2 compact fingerprint minutiae templates. It targets objective, repeatable performance evaluation of on‑card biometric comparison subsystems (BITs).

Key Technical Topics and Requirements

  • Test planning requirements

    • Fundamental test concepts, phased testing, and options for participation (classes of participation).
    • Specification of interface hardware/software and data formats for comparison and off‑card templates.
    • Profiling of the Biometric Information Template (BIT) and card–comparison subsystem combinations.
  • Test execution and metrics

    • Procedures to measure accuracy (comparison results) and speed (operation durations).
    • Methods for measuring duration and uncertainty, and conditions for demonstrating equivalence between on‑card and off‑card algorithms.
  • On‑card interface specification

    • Use of ISO/IEC 7816 APDU‑based commands for selection, storage, retrieval and comparison of templates.
    • Commands for reading card and comparison subsystem identifiers, score retrieval, and handling of stateful behavior.
    • Examples and APDU tables for select/store/compare operations.
  • Informative annexes

    • Conversion guidance for ISO/IEC 19794-2 minutiae records to compact templates.
    • Standard finger‑position codes, test plan examples, and a sample API for template generation and matching.
  • Scope exclusions

    • Explicitly excludes procedures for securing communications (cryptography), template integrity (digital signatures), card/reader authentication, transmission protocol selection (e.g., contactless), reader evaluation, card ruggedness, on‑card template generation, template adaptation, and formal conformance tests of ISO/IEC 7816 parts.

Practical Applications and Who Uses It

  • Smart card vendors and biometric chipset manufacturers use the standard to validate on‑card matching performance and to compare implementations.
  • Biometric algorithm developers and integration teams use it for benchmarking and demonstrating equivalence to off‑card algorithms.
  • Testing laboratories and certification bodies apply the procedures to produce reproducible accuracy and timing reports.
  • System architects and government agencies evaluating privacy‑preserving biometric solutions use it to assess on‑card comparison tradeoffs (accuracy, speed, resource use).

Related Standards

  • ISO/IEC 7816 (smart card interface and APDUs)
  • ISO/IEC 19794-2 (fingerprint minutiae data formats)
  • Other parts of ISO/IEC 19795 (general biometric testing framework and modality‑specific guidance)

ISO/IEC 19795-7 is essential when you need standardized, reproducible evaluation of on‑card biometric comparison algorithms for secure, privacy‑enhancing smart card biometric deployments.

Buy Documents

Standard

ISO/IEC 19795-7:2011 - Information technology -- Biometric performance testing and reporting

English language (26 pages)
sale 15% off
Preview
sale 15% off
Preview

Get Certified

Connect with accredited certification bodies for this standard

BSI Group

BSI (British Standards Institution) is the business standards company that helps organizations make excellence a habit.

UKAS United Kingdom Verified

NYCE

Mexican standards and certification body.

EMA Mexico Verified

Sponsored listings

Frequently Asked Questions

ISO/IEC 19795-7:2011 is a standard published by the International Organization for Standardization (ISO). Its full title is "Information technology — Biometric performance testing and reporting — Part 7: Testing of on-card biometric comparison algorithms". This standard covers: ISO/IEC 19795-7:2011 establishes a mechanism for measuring the core algorithmic capabilities of biometric comparison algorithms running on ISO/IEC 7816 integrated circuit cards. Specifically, ISO/IEC 19795-7:2011 instantiates a mechanism for on-card biometric comparison testing; standardizes procedures for the measurement of the accuracy of on-card biometric comparison implementations running on object-based, test-specific sample cards; standardizes procedures for the measurement of durations of the various operations; gives examples for matching ISO/IEC 19794-2:2005 compact card minutiae templates. The following are specifically not within the scope of ISO/IEC 19795-7:2011: procedures for securing the communications channel, including cryptographic protection of the biometric templates; procedures for protection of sample or template integrity using digital signatures; authentication of the card and reader; selection or use of transmission protocols (e.g. contactless); profiles of specific data interchange standards; procedures for evaluation of readers, including performance, conformance and interoperability; procedures for evaluation of ruggedness or durability of the card; on-card template generation (e.g. extraction of minutiae from images); template update or adaptation; formal conformance tests of ISO/IEC 7816-4 and ISO/IEC 7816-11; testing of devices not conforming to ISO/IEC 7816, including all system-on-card devices.

ISO/IEC 19795-7:2011 establishes a mechanism for measuring the core algorithmic capabilities of biometric comparison algorithms running on ISO/IEC 7816 integrated circuit cards. Specifically, ISO/IEC 19795-7:2011 instantiates a mechanism for on-card biometric comparison testing; standardizes procedures for the measurement of the accuracy of on-card biometric comparison implementations running on object-based, test-specific sample cards; standardizes procedures for the measurement of durations of the various operations; gives examples for matching ISO/IEC 19794-2:2005 compact card minutiae templates. The following are specifically not within the scope of ISO/IEC 19795-7:2011: procedures for securing the communications channel, including cryptographic protection of the biometric templates; procedures for protection of sample or template integrity using digital signatures; authentication of the card and reader; selection or use of transmission protocols (e.g. contactless); profiles of specific data interchange standards; procedures for evaluation of readers, including performance, conformance and interoperability; procedures for evaluation of ruggedness or durability of the card; on-card template generation (e.g. extraction of minutiae from images); template update or adaptation; formal conformance tests of ISO/IEC 7816-4 and ISO/IEC 7816-11; testing of devices not conforming to ISO/IEC 7816, including all system-on-card devices.

ISO/IEC 19795-7:2011 is classified under the following ICS (International Classification for Standards) categories: 35.040 - Information coding; 35.240.15 - Identification cards. Chip cards. Biometrics. The ICS classification helps identify the subject area and facilitates finding related standards.

ISO/IEC 19795-7:2011 is available in PDF format for immediate download after purchase. The document can be added to your cart and obtained through the secure checkout process. Digital delivery ensures instant access to the complete standard document.

Standards Content (Sample)


INTERNATIONAL ISO/IEC
STANDARD 19795-7
First edition
2011-01-15
Information technology — Biometric
performance testing and reporting —
Part 7:
Testing of on-card biometric comparison
algorithms
Technologies de l'information — Essais et rapports de performance
biométriques —
Partie 7: Essais des algorithmes de comparaison biométrique sur carte

Reference number
©
ISO/IEC 2011
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

©  ISO/IEC 2011
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2011 – All rights reserved

Contents Page
Foreword .vi
Introduction.vii
1 Scope.1
2 Conformance .2
3 Normative references.2
4 Terms and definitions .2
5 Abbreviations.2
6 Requirements on test planning.3
6.1 Fundamental concept of the test.3
6.2 Specification of interface hardware and software .4
6.3 Specification of the data formats.4
6.3.1 Format for comparison data.4
6.3.2 Format for off-card images and templates .4
6.4 Profiling of the BIT .4
6.5 Card-comparison subsystem combinations .4
6.6 Phased testing.5
6.7 Options for participation.5
6.8 Metrics .5
6.9 Comparison results.5
7 Requirements on test execution.6
7.1 General .6
7.2 Conditions for demonstrating equivalence of on-card and off-card algorithms.6
7.3 BIT Processing .6
7.4 Measurement of speed of execution .6
7.4.1 Quantities to be measured .6
7.4.2 Methods for measuring duration .7
7.4.3 Methods for measuring uncertainty .7
8 On-card biometric comparison interface specification.7
8.1 Overview.7
8.2 Approach to the use of ISO/IEC 7816.7
8.3 Establish Communications .8
8.4 Selection of the test application .8
8.5 Store enrollment template on the card.8
8.6 Read of the BIT .9
8.7 Use of the BIT .9
8.8 Verification .11
8.8.1 APDU specifications .11
8.8.2 Locking of the card .11
8.8.3 Locking of the PC-based algorithm.12
8.8.4 Comparison scores.12
8.8.5 Prohibition of stateful behavior .12
8.9 Reading card identifier.12
8.10 Reading comparison subsystem identifier.13
Annex A (informative) Conversion of ISO/IEC 19794-2 record to compact size templates.14
A.1 Background.14
A.1.1 Purpose .14
A.1.2 Overview.14
© ISO/IEC 2011 – All rights reserved iii

A.1.3 The record format . 14
A.1.4 The compact-size format . 15
A.2 Minutia uniqueness . 16
A.3 Presence of BITs on card. 17
A.4 Use of BITs . 17
A.5 Number of minutiae . 17
A.5.1 Limits on number. 17
A.5.2 Effect of the BIT . 18
A.5.3 Pruning mechanism. 18
A.5.4 Pruning center. 19
A.6 Sort order of minutiae . 19
A.6.1 Support for ordering. 19
A.6.2 Modulo sorting for large images. 19
Annex B (informative) Standardized Finger-Position Codes. 20
Annex C (informative) Example Material on Planning for a Test Plan. 21
C.1 Purpose. 21
C.2 PC-based API specification . 21
C.2.1 Testing interface . 21
C.2.2 Data format profile and conformance. 21
C.2.3 Submission. 21
C.2.4 Testing interface . 21
C.2.5 Runtime behavior. 23
Annex D (informative) API for Fingerprint Minutia Template Generation and Matching . 24
D.1 Minutiae extraction . 24
D.2 Minutiae matching . 25
D.3 Implementation identifiers . 25
Bibliography. 26

Figures
Figure A.1 – Conversion of INCITS 378 data to ISO/IEC 19794-2 data 17

Tables
Table 1 – Classes of participation.5
Table 2 – Command APDU for selection of on-card comparison application .8
Table 3 - Example Application ID .8
Table 4 – Response APDU from selection of comparison application .8
Table 5 – Command APDU for storage of reference template.8
Table 6 – Response APDU from storage of reference template .9
Table 7 – Command APDU for retrieval of biometric information template.9
Table 8 – Response APDU from retrieval of biometric information template.9
Table 9 - Biometric Information Template based on ISO/IEC 19785-3 and ISO/IEC 19794-2 (EXAMPLE). 10
Table 10 – Command APDU for comparison of biometric templates. 11
Table 11 – Response APDU from comparison of biometric templates . 11
Table 12 – Command APDU for retrieval of verification comparison score . 12
Table 13 – Response APDU for retrieval of verification comparison score. 12
Table 14 – Command APDU for retrieval of Card identifier. 12
Table 15 – Response APDU for retrieval of Card identifier. 13
Table 16 – Command APDU for retrieval of Comparison subsystem identifier. 13
Table 17 – Response APDU for retrieval of Comparison subsystem identifier. 13
Table A.1 – Record profile of ISO/IEC 19794-2:2005 standard . 15
Table A.2 – Card profile of ISO/IEC 19794-2:2005 standard . 15
Table A.3 – ISO/IEC 19794-2 minutiae template DO. 16
Table A.4 – ISO/IEC 19794-2 zonal quality DO . 16
Table A.5 – ISO/IEC 19794-2 zonal quality data. 16
iv © ISO/IEC 2011 – All rights reserved

Table B.1 – ISO/IEC 19794-2 and ISO/IEC 19785-3 finger position codes.20
Table D.1 – API create_template function.25
Table D.2 – API match_templates function.25
Table D.3 – API get_pids function.25

© ISO/IEC 2011 – All rights reserved v

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 19795-7 was prepared by Joint Technical Committee ISO/IEC JTC 1, Subcommittee SC 37,
Biometrics.
ISO/IEC 19795 consists of the following parts, under the general title Information technology — Biometric
performance testing and reporting:
⎯ Part 1: Principles and framework
⎯ Part 2: Testing methodologies for technology and scenario evaluation
⎯ Part 3: Modality-specific testing [Technical Report]
⎯ Part 4: Interoperability performance testing
⎯ Part 5: Access control scenario and grading scheme
⎯ Part 7: Testing of on-card biometric comparison algorithms
The following part is under preparation:
⎯ Part 6: Testing methodologies for operational evaluation

vi © ISO/IEC 2011 – All rights reserved

Introduction
Biometric recognition algorithms have been ported to ISO/IEC 7816 integrated circuit cards to realize the
privacy enhancing benefits asserted for the on-card biometric comparison paradigm. While the most common
commercial realization of this capability has been the comparison of fingerprint minutiae templates on card,
comparison of data from other modalities has been implemented also. Indeed the relevant card standards
have been explicitly drafted to support arbitrary biometric modalities. Further information on modality-specific
aspects can be found in ISO/IEC 19795-3. In any case, while the computational capability of such cards has
increased in recent years, there remains the question of whether verification accuracy needs to be traded off
for speed or data size or both. For fingerprint templates, the goal of improved efficiency has led to the
development of the ISO/IEC 19794-2:2005 compact-size card formats specifically for on-card biometric
comparison.
This part of ISO/IEC 19795 specifies a mechanism for measuring both accuracy and speed of ISO/IEC 7816
integrated circuit cards processing data from arbitrary modalities. It includes examples for the data structures
and commands needed to match conformant ISO/IEC 19794-2:2005 minutiae templates on cards.

© ISO/IEC 2011 – All rights reserved vii

INTERNATIONAL STANDARD ISO/IEC 19795-7:2011(E)

Information technology — Biometric performance testing and
reporting —
Part 7:
Testing of on-card biometric comparison algorithms
1 Scope
This part of ISO/IEC 19795 establishes a mechanism for measuring the core algorithmic capabilities of
biometric comparison algorithms running on ISO/IEC 7816 integrated circuit cards. Specifically, this part of
ISO/IEC 19795
⎯ instantiates a mechanism for on-card biometric comparison testing;
⎯ standardizes procedures for the measurement of the accuracy of on-card biometric comparison
implementations running on object-based, test-specific sample cards;
⎯ standardizes procedures for the measurement of durations of the various operations; and
⎯ gives examples for matching ISO/IEC 19794-2:2005 compact card minutiae templates.
The following are specifically not within the scope of this part of ISO/IEC 19795:
⎯ procedures for securing the communications channel, including cryptographic protection of the biometric
templates;
⎯ procedures for protection of sample or template integrity using digital signatures;
⎯ authentication of the card and reader;
⎯ selection or use of transmission protocols (e.g. contactless);
⎯ profiles of specific data interchange standards;
⎯ procedures for evaluation of readers, including performance, conformance and interoperability;
⎯ procedures for evaluation of ruggedness or durability of the card;
⎯ on-card template generation (e.g. extraction of minutiae from images),
⎯ template update or adaptation;
⎯ formal conformance tests of ISO/IEC 7816-4 and ISO/IEC 7816-11;
⎯ testing of devices not conforming to ISO/IEC 7816, including all system-on-card devices.
© ISO/IEC 2011 – All rights reserved 1

2 Conformance
A test is conformant to this part of ISO/IEC 19795 if it conforms to the normative requirements of Clauses 5
and 6.
An on-card comparison implementation is conformant to the test specification of Clause 7 if it supports all the
requirements of Clause 7.
3 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO/IEC 7816-4:2005, Identification cards — Integrated circuit cards — Part 4: Organization, security and
commands for interchange
ISO/IEC 7816-6:2004, Identification cards — Integrated circuit cards — Part 6: Interindustry data elements for
interchange
ISO/IEC 7816-11:2004, Identification cards — Integrated circuit cards — Part 11: Personal verification through
biometric methods
ISO/IEC 19785-3:2007, Information technology — Common Biometric Exchange Formats Framework —
Part 3: Patron format specifications
ISO/IEC 19795-1:2006, Information technology — Biometric performance testing and reporting — Part 1:
Principles and framework
ISO/IEC 19795-2:2007, Information technology — Biometric performance testing and reporting — Part 2:
Testing methodologies for technology and scenario evaluation
4 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 19795-1 and the following apply.
4.1
on-card comparison
execution of a comparison algorithm on a ISO/IEC 7816 integrated circuit card
NOTE The informal term match-on-card is deprecated in this part of ISO/IEC 19795 in favour of on-card biometric
comparison as used in ISO/IEC 24787. The terms matcher and matching algorithm are deprecated in favour of
comparison subsystem and comparison algorithm respectively. These terms are taken from SC 37's Standing Document 2,
Harmonized Biometric Vocabulary.
5 Abbreviations
For the purposes of this document, the following abbreviations apply.
⎯ APDU Application Protocol Data Unit as used in ISO/IEC 7816-4
⎯ BIT Biometric Information Template as defined in ISO/IEC 7816-11
⎯ DET Detection error tradeoff characteristic – a plot of FNMR vs. FMR
2 © ISO/IEC 2011 – All rights reserved

⎯ FMR False match rate
⎯ FNMR False non-match rate
⎯ IC Integrated circuit
⎯ IDMS Identity management system
⎯ ISO/IEC 7816 Multipart standard for “Identification cards - Integrated circuit(s) cards with contacts”
⎯ ISO/IEC 19794 Multipart standard of “Biometric data interchange formats”
⎯ PC/SC Generic interface specification for PC to IC card connectivity
⎯ SC 17 Subcommittee 17 of Joint Technical Committee 1 – developer of IC card standards
⎯ SC 37 Subcommittee 37 of Joint Technical Committee 1 – developer of biometric standards
⎯ SDK Software Development Kit (as library software)
6 Requirements on test planning
6.1 Fundamental concept of the test
The on-card comparison capability shall be tested in one or two stages, as listed below. Stage 2 is optional.
⎯ Stage 1: Measure the speed and accuracy of the on-card comparison algorithm by executing biometric
sample comparisons on the card under test. This shall be achieved by repeatedly storing reference
templates on the card and sending verification templates to the card for comparison according the
requirements of Clause 8. Accuracy shall be computed from either or both of
⎯ the comparison scores computed on the card, and
⎯ the verification decisions computed on the card.
⎯ Stage 2 (optional): Measure the accuracy of the on-card comparison algorithm by executing biometric
sample comparisons on an implementation running on a general purpose (e.g. PC class) computer. This
stage shall not be used to state the accuracy of on-card comparison implementations unless the
comparison scores retrieved from the card in stage 1 are exactly equal to those generated in this stage
for all given pairs of reference and verification templates.
The first stage gives assurance that the accuracy of stage 2 is obtainable by the card under test.
NOTE 1 A test in which the card is required to produce comparison scores supports production of a DET characteristic
plotting false non-match and false match rates as a function of operating threshold. If, however, a test allows cards to
produce only a pass-fail verification decision then only a single point on the DET characteristic can be computed.
NOTE 2 Guidance on the minimum number of comparisons needed to sustain a claimed error rate is given in
ISO/IEC 19795-1.
NOTE 3 The second stage allows a larger number of comparisons to be conducted quickly. This allows very large
numbers of comparisons to be conducted. This supports, for example, testing of a claim that FMR is less than 0.0001.
NOTE 4 The second stage comparison score identity requirement gives assurance that the off-card and on-card
comparison algorithms are the same. The second stage implementation might be tested using the procedures of Annex C
and the API of Annex D.
© ISO/IEC 2011 – All rights reserved 3

6.2 Specification of interface hardware and software
The test shall be executed using the commands of Clause 8 and the test plan shall state this requirement. The
test plan shall establish specifications for the interface to the cards under test. This should include
specifications of the card reader. The test may limit scope to ISO/IEC 7816 contact IC cards or to
ISO/IEC 14443 contactless cards.
EXAMPLE The test laboratory might state that while it does not currently intend to use undisclosed card readers, it
reserves the right to do so for any purpose.
6.3 Specification of the data formats
6.3.1 Format for comparison data
The data format might be a standard format or a proprietary or de facto standard format. The test plan shall
identify any allowed variants of the data format in use.
EXAMPLE Clause 9 of the ISO/IEC 19794-2:2005 standard gives the “format type” codes for variants which differ in
the encoding and placement requirements on minutiae. Placement variation, such as whether a ridge ending is encoded
as the ridge skeleton end-point or as the valley bifurcation, remains an open issue in minutiae interoperability. Thus, cards
must return a value for the “format type” in the BIT tag '88', and encoders should follow the ISO/IEC 19794-2:2005,
Clause 6 guidance on placement.
The test plan shall specify formats for the biometric enrollment data that resides on the card. The test plan
shall specify the allowed formats for the data transmitted to the card for matching. This might include a line-by-
line profile of the relevant standards or specifications. Annex A gives an example of such a profile.
NOTE For fingerprints, the test plan may re-iterate the applicable finger position codes given in Annex B.
6.3.2 Format for off-card images and templates
The test plan shall identify the formats for all data that is provided to the implementations running off card. The
test plan shall also identify the formats for all data required to be generated by the implementations running off
card.
EXAMPLE See the sample text in Annex A.
6.4 Profiling of the BIT
The test plan shall identify one or more BIT structures and their organisation. The test plan shall define the
operations that are parameterized by data elements in the BIT.
The test plan and test report shall state required variations or values in the BIT. The test plan shall state
whether the BIT(s) are allowed to contain other pieces of information (e.g. as allowed by the standards). This
data would be read but likely ignored.
EXAMPLE 1 The test plan will indicate which biometric modality is in use, and define the appropriate data
representation standard.
EXAMPLE 2 In ISO/IEC 19794-2:2005 the tag '83' is used to store the “feature handling indicator” i.e. whether the
matching algorithm supports ridge counts, cores, deltas and cell quality. A test might require these capabilities to be
present or absent, or might require all of them to be optional.
6.5 Card-comparison subsystem combinations
Tests conformant to this part of ISO/IEC 19795 are intended to measure on-card matching capability by
measuring algorithm accuracy in the intended environment (i.e. the specific card). It may be appropriate for
the test plan to state a policy on the kinds of card-supplier biometric sub-system supplier teams that are
allowed to participate, and on how such teams should be contacted and identified.
4 © ISO/IEC 2011 – All rights reserved

NOTE It may be possible for a matching algorithm to be tuned to be more accurate when it is implemented on a more
capable card, or is tailored to the card.
6.6 Phased testing
The test plan should state whether the test will be conducted in phases. A first phase might allow a smaller
and faster evaluation of submitted software and cards which would support bug-fixes and development by the
vendor. A second phase might be the formal test. In any case, the test plan should state a policy on the
following
⎯ The number of phases
⎯ Whether participation in phase N is required for participation in phase N+1
⎯ Whether to allow the supplier to update the cards and software between any two phases
⎯ What measurements and results will be released to whom, on what schedule
6.7 Options for participation
The test plan shall state what hardware and software components are required for each phase.
EXAMPLE A test plan could state: “All implementations submitted to the test must provide the components identified
in one or more of the rows of Table 1.”
Table 1 — Classes of participation
Class of Participation ISO/IEC 7816 Card + PC-based Template PC-based Template
Comparison subsystem Comparison subsystem Generator
Class A + +
Class B + + +
6.8 Metrics
The test plan shall disclose what performance metrics it intends to measure and report. The test shall
measure and report false non-match rates at one or more specific false match rates. The test plan shall state
a primary target false match rate. This allows implementers to conduct any necessary alteration of their
implementations for the test.
False match rates and false non-match rates shall be rendered in the form of a receiver operating
characteristic (ROC) or detection error trade-off (DET) curve.
EXAMPLE The test report will include full detection error tradeoff (DET) characteristics for all implementations tested.
In addition the report will include performance interoperability matrices as standardized in ISO/IEC 19795-4:2008. Such
tables will report false non-match rates at fixed false match rates of 0.0001 as the primary figure of merit. The report may
include other metrics also.
6.9 Comparison results
For each VERIFY command, the card shall make either or both of a comparison score and a verification
decision available to the test harness. The production of comparison scores supports computation of a full
DET characteristic. The production of a verification decision supports computation of a single point on the
DET.
NOTE 1 Some matching algorithms produce only a small number of unique comparison scores (naturally or otherwise).
This may have operational consequences. It will also influence the smoothness of the DET characteristic.
© ISO/IEC 2011 – All rights reserved 5

NOTE 2 Some requirements of this part of ISO/IEC 19795, for example the requirements to return comparison scores
and to have stateless behaviour (clause 8.8.5) are often not desirable in commercial and operational use for security or
other reasons.
7 Requirements on test execution
7.1 General
The test shall adhere to the requirements of ISO/IEC 19795-1:2006 and of Clause 6 of ISO/IEC 19795-2:2007.
7.2 Conditions for demonstrating equivalence of on-card and off-card algorithms
To verify that the on-card comparison algorithm is identical to that running on the general purpose computer
the test laboratory shall execute at least 100 genuine and 100 impostor comparisons on the card and replicate
those on the general purpose computer. The minimum number of individuals used in those comparisons shall
be 50. The testing laboratory shall check that the resulting comparison scores are exactly equal.
NOTE 1 The values 100 and 50 are somewhat arbitrary. They are present because it is unlikely that card-based and
PC-based algorithms could produce identical outputs (from randomly selected inputs) if they were actually different.
NOTE 2 A test laboratory may supplement the requirements of this subclause with other test methods.
7.3 BIT Processing
The test harness shall read one or two ISO/IEC 7816-11 BITs from each card under test. The BITs shall be
read as a group per the card APDU in 8.6. The BITs shall be used to parameterize the conversion of the raw
sample to the format required by the card.
The same conversion shall be applied to data sent to the implementation of the on-card comparison algorithm
running on the general purpose computer.
EXAMPLE For fingerprint minutiae matching, the BIT includes parameters for the conversion of INCITS 378
templates to ISO/IEC 19794-2 compact-size card templates. The conversion occurs before the data are sent to the
card-based comparison implementations. The same conversion would be applied for templates passed to the PC-based
implementation.
7.4 Measurement of speed of execution
7.4.1 Quantities to be measured
The test shall measure and report the duration of the execution of the VERIFY command. The duration of all
VERIFY commands shall be measured. The test shall record duration with an indication of whether the
VERIFY was an impostor or genuine attempt. The test shall record the duration with a number indicating the
size of the authentication data, in bytes, sent during the VERIFY command. Operationally the end-to-end time
may be the most important measurement.
The test shall also measure and report the duration of all other functions. If the following actions are
conducted then statistics for the execution times shall be reported.
⎯ The template generation operations.
⎯ Any off-card template comparisons.
⎯ The storage of the reference template on the card.
6 © ISO/IEC 2011 – All rights reserved

7.4.2 Methods for measuring duration
The test plan shall establish and document the mechanism of measuring duration of each command for which
timing was measured.
EXAMPLE 1 A protocol analyzer might be used. This would allow timing of specific APDU commands to be measured.
This might be via manual observation or instrumentation of the process to run in a batch mode over many APDU calls.
EXAMPLE 2 Each APDU call from the host driver can be wrapped in a pair of timing calls. For example to measure
end-to-end wall time using the IEEE Std 1003.1, 2003 Edition, Standard for Information Technology – Portable Operating
System Interface (POSIX) function “gettimeofday” the following code fragment applies:
#include
struct timeval before, after;
gettimeofday(&before, NULL);
// call to VERIFY here
gettimeofday(&after, NULL);
const unsigned int microsecs = after.tv_sec*100000 + after.tv_usec -
before.tv_sec*100000 - before.tv_usec ;
7.4.3 Methods for measuring uncertainty
The test report shall state what is being measured (e.g. duration of on-card comparison operation plus the
communications overhead). The test report shall state how accuracy of the measurement was determined.
EXAMPLE While the gettimeofday() call offers better than microsecond resolution on the LINUX platform used for
testing, the measured durations include more than just the elemental card operations. The overhead includes these:
⎯ all the calls to the PC/SC library,
⎯ communication from the card driver process to the PC/SC smartcard daemon,
⎯ USB communication, and
⎯ data transmission to the smart card.
8 On-card biometric comparison interface specification
8.1 Overview
All cards shall be accessed using the mechanisms of this clause. The test report shall document any
deviations from these requirements.
This includes selection of the application, reading and use of the Biometric Information Template (BIT),
installation of a reference template, verification, recovery of comparison scores, and retrieval of identifiers.
NOTE The interface specification here is one possible interface for accessing IC cards. It is included here as being a
clear, exact and sufficient procedure for measurement of the core algorithmic accuracy and speed of the implementation
under test.
8.2 Approach to the use of ISO/IEC 7816
This interface was designed with the following criteria in mind.
⎯ Adherence to the provisions of ISO/IEC 7816-4:2005, ISO/IEC 7816-11:2004 and the relevant part of
ISO/IEC 19794 (e.g. ISO/IEC 19794-2 for finger minutia).
⎯ To select odd INS values, indicating that the command data fields contain TLV objects.
⎯ To only define new elements when existing standards are silent on a necessary functionality.
© ISO/IEC 2011 – All rights reserved 7

8.3 Establish Communications
An Answer-to-Reset shall be obtained from the card to determine the transmission protocol (T=0, T=1 or
T=CL).
8.4 Selection of the test application
The test lab shall establish an Application ID. This card shall be supplied with a dedicated testing application.
It shall be invoked once by using the SELECT command in Table 2. The response shall be as in Table 4.
Table 2 — Command APDU for selection of on-card comparison application
Command Parameter Required Value Meaning
CLA ‘00’
INS ‘A4’ SELECT
P1-P2 ‘04 0C’ AID follows, 1100b
L field 16 Length of AID
c
Data field See EXAMPLE below See EXAMPLE below
L field Absent
e
EXAMPLE See the hexadecimal value of Table 3.
Table 3 — Example Application ID
Command Parameter Required Value Meaning
Data field 'F0 4E 49 53 54 20 4D 4F 43 20 54 53 54 20 50 31' AID
In ASCII, "≡NIST MOC TST P1"
where P1 connotes Phase 1
Table 4 — Response APDU from selection of comparison application
Response Parameter Meaning
Data field Empty
SW1-SW2 See ISO/IEC 7816-4:2005

8.5 Store enrollment template on the card
For replacing the sample or template on the card the APDU of Table 5 shall be used. It uses the PUT DATA
instruction to overwrite the existing reference template.
Table 5 — Command APDU for storage of reference template
Command Required Value Meaning
Parameter
CLA ‘00’
INS ‘DB’ PUT DATA
P1-P2 '3F FF' Store anywhere in the current Dedicated File (Application DF)
L field Length of command data field
c
Data field EXAMPLE: Table A.3 Data Object in BER-TLV format to be stored (tag '7F 2E')
L field Empty
e
8 © ISO/IEC 2011 – All rights reserved

Table 6 — Response APDU from storage of reference template
Response Parameter Meaning
Data field Empty
SW1-SW2 See ISO/IEC 7816-4:2005

If the biometric reference is too long for a single command APDU, then command chaining shall be used to
send the biometric reference to the card in subsequent APDUs.
NOTE 1 Bit 5 of CLA set to 0 indicates that the command is the last or only command of a chain. Bit 5 of CLA set to 1
indicates that the command is not the last command of a chain.
NOTE 2 ISO/IEC 7816-4 does not standardize an APDU for enrollment. PUT DATA is required here, but note that
some implementations use '24' CHANGE REFERENCE DATA.
NOTE 3 Operationally the process of putting the reference data on the card would ordinarily be accompanied by a
writing the BIT to the card also. This would contain the biometric subtype information (for fingerprints, this is the finger
position). Such data is not required here because no standard regulates the transmission of such data and because the
test laboratory would usually only conduct comparisons of same-subtype templates (e.g. right index fingers).
NOTE 4 Operationally, putting reference data onto the card would generally be preceded by user authentication and
establishment of a trusted channel to the card.
8.6 Read of the BIT
The test harness shall use the command of Table 7 to retrieve the BIT group template of Table 9 per the
response of Table 8.
Table 7 — Command APDU for retrieval of biometric information template
Command Required Meaning
Parameter Value
CLA ‘00’
INS ‘CB’ GET DATA
P1-P2 '3F FF' Retrieve from anywhere in the current Dedicated File (Application DF)
L field '04'
c
Data field '5C'
'02'
'7F 61' Data Object identifier to be retrieved (group of BIT)
L field ‘00’
e
Table 8 — Response APDU from retrieval of biometric information template
Response Parameter Meaning
Data field Biometric Information Template (see Table 9)
SW1-SW2 See ISO/IEC 7816-4:2005

8.7 Use of the BIT
The test harness shall parameterize the production of enrollment samples or templates using the first BIT. The
test harness shall parameterize the production of verification samples or templates using the second BIT. If
only one BIT is present it shall apply it to both the enrollment and verification templates. Whether there are
one or two BITs, they shall be included in a BIT group template.
All instances of a submitted card type shall have the same BIT group.
© ISO/IEC 2011 – All rights reserved 9

EXAMPLE Table 9 contains two BITs. These BITs have been adapted from ISO/IEC 19785-3 and
ISO/IEC 19794-2:2005 for minutia template comparison. A test using these BITs would need to establish or reference the
meaning of the matching algorithm parameters under 'B1'. This might be done via reference to appropriate standards.
Table 9 — Biometric Information Template based on ISO/IEC 19785-3 and ISO/IEC 19794-2 (EXAMPLE)
Tag Len. V
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...