Personal identification - European guide for biometric recognition applications based on ID documents (ERG)

This document defines requirements and provides guidance on:
-   capturing of facial images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
-   capturing of fingerprint images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
-   data quality maintenance for biometric data captured by/for verification or identification applica-tions;
-   data authenticity maintenance for biometric data captured by/for verification or identification ap-plications.
This document addresses the following aspects which are specific for biometric data capturing:
-   biometric data quality and interoperability assurance;
-   data authenticity assurance;
-   morphing and other presentation attacks and biometric data injection attacks;
-   accessibility and usability;
-   recognition algorithms and their evaluation;
-   privacy and data protection;
-   optimal process design.
The following aspects are out of scope:
-   other aspects of IT security;
-   data capturing for ID document enrolment purposes, e.g. passport or ID card enrolment.

Persönliche Identifikation - Europäischer Leitfaden für Verifikationsanwendungen auf der Grundlage von ID-Dokumenten (EVG)

Identification des personnes - Guide européen pour les applications de reconnaissance biométrique basées sur des documents d'identité (ERG)

Osebna identifikacija - Evropski vodnik za aplikacije biometričnega prepoznavanja na podlagi osebnih dokumentov (ERG)

General Information

Status
Not Published
Public Enquiry End Date
03-Feb-2025
Technical Committee
Current Stage
5520 - Unique Acceptance Procedure (UAP) (Adopted Project)
Start Date
09-Dec-2024
Due Date
28-Apr-2025

Buy Standard

Draft
kTS FprCEN/TS 18139:2025 - BARVE
English language
30 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-januar-2025
Osebna identifikacija - Evropski vodnik za aplikacije biometričnega
prepoznavanja na podlagi osebnih dokumentov (ERG)
Personal identification - European guide for biometric recognition applications based on
ID documents (ERG)
Persönliche Identifikation - Europäischer Leitfaden für Verifikationsanwendungen auf der
Grundlage von ID-Dokumenten (EVG)
Identification des personnes - Guide européen pour les applications de reconnaissance
biométrique basées sur des documents d'identité (ERG)
Ta slovenski standard je istoveten z: FprCEN/TS 18139
ICS:
35.240.15 Identifikacijske kartice. Čipne Identification cards. Chip
kartice. Biometrija cards. Biometrics
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

FINAL DRAFT
TECHNICAL SPECIFICATION
SPÉCIFICATION TECHNIQUE
TECHNISCHE SPEZIFIKATION
November 2024
ICS 35.240.15
English Version
Personal identification - European guide for biometric
recognition applications based on ID documents (ERG)
Identification des personnes - Guide européen pour les Persönliche Identifikation - Europäischer Leitfaden für
applications de reconnaissance biométrique basées sur Verifikationsanwendungen auf der Grundlage von ID-
des documents d'identité (ERG) Dokumenten (EVG)

This draft Technical Specification is submitted to CEN members for Vote. It has been drawn up by the Technical Committee
CEN/TC 224.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are
aware and to provide supporting documentation.

Warning : This document is not a Technical Specification. It is distributed for review and comments. It is subject to change
without notice and shall not be referred to as a Technical Specification.

EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2024 CEN All rights of exploitation in any form and by any means reserved Ref. No. FprCEN/TS 18139:2024 E
worldwide for CEN national Members.

Contents Page
European foreword . 3
Introduction . 4
1 Scope . 5
2 Normative references . 5
3 Terms and definitions . 6
4 Abbreviated terms . 8
5 Overview of biometric recognition systems . 9
5.1 Concept . 9
5.2 Biometric references . 9
5.3 Types of identity documents . 9
5.3.1 General. 9
5.3.2 ePassport . 10
5.3.3 National identity cards. 10
5.3.4 Schengen visa . 10
5.3.5 Driving licence . 10
5.3.6 Residence permit . 10
5.4 Topologies of identity recognition systems . 10
6 Data protection and privacy . 11
6.1 General. 11
6.2 Obligation to provide information about data processing . 11
6.3 Right of access and right to erasure . 12
6.4 Sharing data with third countries and international organizations . 12
6.5 Saving data for statistic reasons . 12
7 Biometric systems used for recognition . 12
7.1 General requirements and recommendations . 12
7.1.1 Usability and accessibility . 12
7.1.2 Quality or score driven approaches . 14
7.1.3 Evaluation . 16
7.1.4 Biometric security functions . 16
7.1.5 Interoperability assurance . 19
7.1.6 Biometric data quality . 19
7.1.7 Data authenticity assurance . 19
7.1.8 Logging . 20
7.2 Recommendations for biometric systems . 20
7.2.1 Recommendations for face biometrics . 20
7.2.2 Requirements and recommendations for fingerprint biometrics . 24
7.3 Contexts for recognition via biometrics . 26
7.3.1 Automated border control. 26
7.3.2 Manual border control . 27
7.3.3 Mobile recognition . 27
7.3.4 Passenger flow facilitation . 27
Bibliography . 29
European foreword
This document (FprCEN/TS 18139:2024) has been prepared by Technical Committee CEN/TC 224 “Per-
sonal identification, electronic signature and cards and their related systems and operations”, the secre-
tariat of which is held by AFNOR.
This document is currently submitted to the Vote on TS.
Introduction
Biometric reference data for ID documents meanwhile are highly standardized by ISO, ICAO, and CEN.
Within CEN, this work is done by TC 224/WG 18 in close cooperation with the Article 6 Technical Sub-
group and FRONTEX. Several International Standards, in particular ISO/IEC 19794 series and
ISO/IEC 39794 series, achieve technical interoperability of biometric data.
With CEN/TS 17661 [1] the enrolment of biometric data for identity documents has been profiled specif-
ically for European needs. However, biometric data is captured in many other situations as well, even in
the context of ID documents, in particular for verification applications like automated or manual border
control, or temporary enrolment into entry/exit systems. This gap shall be addressed by this TS.
During the development of the TS, a close cooperation between WG18 and the EU has been maintained
to ensure that the needs of the Member States are exactly met.
The document gives recommendations for
• Capturing of facial images for verification applications mainly using reference data stored in identity
documents or traveller/visa databases, covering data quality and interoperability, data authenticity,
morphing and presentation attack detection in several environments,
• Capturing of fingerprint images for verification applications mainly using reference data stored in
identity documents or traveller/visa databases, covering data quality and interoperability, data au-
thenticity, and presentation attack detection in several environments, and
• Processes handling such biometric data for verification and identification purposes considering se-
curity as well as privacy aspects.
This document covers biometric recognition applications based on ID documents. Biometric recognition
applications within the frame of this document are corresponding to the definition of biometric recogni-
tion systems in ISO/IEC 2382-37:2022 encompassing identification and verification systems. This means
that biometric recognition applications should be considered as a subsystem of a complete identity veri-
fication system. Identity verification systems can be ABC gates, inspection systems, mobile phones etc.
1 Scope
This document defines requirements and provides guidance on:
• capturing of facial images to be used for verification or identification purposes in applications based
on reference images in identity or similar documents and traveller or visa databases;
• capturing of fingerprint images to be used for verification or identification purposes in applications
based on reference images in identity or similar documents and traveller or visa databases;
• data quality maintenance for biometric data captured by/for verification or identification applica-
tions;
• data authenticity maintenance for biometric data captured by/for verification or identification ap-
plications.
This document addresses the following aspects which are specific for biometric data capturing:
• biometric data quality and interoperability assurance;
• data authenticity assurance;
• morphing and other presentation attacks and biometric data injection attacks;
• accessibility and usability;
• recognition algorithms and their evaluation;
• privacy and data protection;
• optimal process design.
The following aspects are out of scope:
• other aspects of IT security;
• data capturing for ID document enrolment purposes, e.g. passport or ID card enrolment.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content consti-
tutes requirements of this document. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 2382-37:2022, Information technology - Vocabulary - Part 37: Biometrics
ISO/IEC 29794-4, Information technology - Biometric sample quality – Part 4: Finger image data
ISO/IEC 29794-5, Information technology - Biometric sample quality – Part 5: Face image data
ISO/IEC 39794-4, Information technology - Extensible biometric data interchange formats - Part 4: Finger
image data
ISO/IEC 39794-5, Information technology - Extensible biometric data interchange formats - Part 5: Face
image data
3 Terms and definitions
For the purpose of this document, the terms and definitions given in ISO/IEC 2382-37 and the following
apply:
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
• IEC Electropedia available at https://www.electropedia.org/
• ISO Online Browsing Platfo
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.