ISO/IEC JTC 1/SC 37/WG 2 - Biometric technical interfaces

The ISO/IEC 30108 series defines biometric services used for identity assurance that are invoked over a services-based framework. It provides a generic set of biometric and identity-related functions and associated data definitions to allow remote access to biometric services. Although focused on biometrics, the ISO/IEC 30108 series includes support for other related identity assurance mechanisms such as biographic and document capabilities. Identity attributes verification services (IAVSs) are intended to be compatible with and used in conjunction with other biometric standards as described in ISO/IEC 30108-1. This document implements the specification provided in ISO/IEC 30108-1 using representational state transfer (REST). Specification of biometric functionality is limited to remote (backend) services. Services between a client-side application and biometric capture devices are not within the scope of this document. Integration of biometric services as part of an authentication service or protocol is not within the scope of this document.

This document describes the identification scheme used by the Biometric Registration Authority (BRA) in preparing, maintaining and publishing registers of identifiers for biometric organizations and biometric objects, and provides a description of BRA responsibilities and services. Procedural requirements and recommendations are not within the scope of this document and are maintained separately on the ISO/IEC JTC 1/SC 37 website.

This document specifies an interface of a BioAPI Java framework and BioAPI Java BSP, which will mirror the corresponding components, specified in ISO/IEC 30106-1. The semantic equivalent of ISO/IEC 30106-1 is maintained in this document.

This document specifies an interface of a BioAPI C# framework and BioAPI C# BSP which mirror the corresponding components specified in ISO/IEC 30106-1. The semantic equivalence of this document will be maintained with ISO/IEC 30106-2 (Java implementation). In spite of the differences in actual parameters passed between functions, the names and interface structure are the same.

This document specifies and publishes registered Common Biometric Exchange Formats Framework (CBEFF) patron formats defined by the CBEFF patron ISO/IEC JTC 1/SC 37, and specifies their registered CBEFF patron format types (see ISO/IEC 19785-1) and resulting full ASN.1 OIDs.

This document defines: — structures and data elements for biometric information records (BIRs); — the concept of a domain of use to establish the applicability of a standard or specification that conforms with CBEFF requirements; — the concept of a CBEFF patron format, which is a published BIR format specification that complies with CBEFF requirements, specified by a CBEFF patron; — the abstract values and associated semantics of a set of CBEFF data elements to be used in the definition of CBEFF patron formats; This document describes methods to define CBEFF patron formats using CBEFF data elements to specify the structure of BIRs, including the standard biometric headers (SBHs). This document also provides the means for identification of BDB formats in a BIR, but the standardization and interoperability of BDB formats is not within the scope of this document. This document provides a security block (SB) as a means for BIRs to carry information about the encryption of a BDB in the BIR and about integrity mechanisms applied to the BIR itself. The structure and content of SBs is not within the scope of this document. Further, the specification of encryption mechanisms for BDBs and of integrity mechanisms for BIRs is not within the scope of this document. This document specifies transformations from one CBEFF patron format to a different CBEFF patron format. The following are not within the scope of this document: — the encoding of the abstract values of CBEFF data elements to be used in the specification of CBEFF patron formats; and — protection of the privacy of individuals from inappropriate dissemination and use of biometric data.

This document specifies an interface of a BioAPI C++ framework and BioAPI C++ BSP which will mirror the corresponding components specified in ISO/IEC 30106-1. The semantic equivalence of this document will be maintained with ISO/IEC 30106-2 (Java implementation) and ISO/IEC 30106-3 (C# implementation). In spite of the differences in actual parameters passed between functions, the names and interface structure are the same.

ISO/IEC TR 24741:2018 describes the history of biometrics and what biometrics does, the various biometric technologies in general use today (for example, fingerprint recognition and face recognition) and the architecture of the systems and the system processes that allow automated recognition using those technologies. It also provides information about the application of biometrics in various business domains such as border management, law enforcement and driver licensing, the societal and jurisdiction considerations that are typically taken into account in biometric systems, and the international standards that underpin their use.

ISO/IEC 19795-5:2011 specifies a framework for testing and a grading scheme for reporting the performance of a biometric system suitable for use in access control applications. It also allows for specifying application performance requirements in terms of the required performance of the biometric component of the access control system. It specifies the environment in which and the means by which testing will be performed and how the results will be reported. The grading scheme takes a conservative approach, using statistical analysis and confidence intervals to support the claim that the device performance is at least as good as the graded performance indicates. ISO/IEC 19795-5:2011 addresses conventional access control circumstances, and unusual or extreme circumstances are not within its scope.

ISO/IEC 19784-4:2011 specifies a biometric sensor interface for a Biometric Service Provider (BSP, see ISO/IEC 19784-1). The interface supports a BSP wishing to provide the BioAPI Service Provider Interface (SPI) functions, whilst removing device handling activity from the BSP. ISO/IEC 19784-4:2011 provides an interface that can be used by all types of biometric sensor, including inter alia image streaming sensors (infrared, face, iris, finger, etc.), voice streaming sensors and digital tablets providing dynamic signature data. It is not in the scope of ISO/IEC 19784-4:2011 to define security and privacy requirements for capturing and transferring of biometric data across the Sensor Function Provider Interface (SFPI).

ISO/IEC 24709-3:2011 defines a number of test assertions written in the assertion language specified in ISO/IEC 24709-1:2007. These assertions enable a user of ISO/IEC 24709-3:2011 (such as a testing laboratory) to test the conformance to ISO/IEC 19784-1 (BioAPI 2.0) of any BioAPI Framework that claims to be a conforming implementation of ISO/IEC 19784-1. Each test assertion specified in ISO/IEC 24709-3:2011 exercises one or more features of an implementation under test.

ISO/IEC 19785-4:2010 specifies security block formats (see ISO/IEC 19785-1) registered in accordance with ISO/IEC 19785-2 as formats defined by the CBEFF biometric organization ISO/IEC JTC 1/SC 37, and specifies their registered security block format identifiers. [The security block format identifier is recorded in the standard biometric header (SBH) of a patron format (or defined by that patron format as the only available security block format).] The general-purpose security block format provides for specification of whether the biometric data block (BDB) is encrypted or the SBH and BDB have integrity applied (or both), and can include ACBio instances (see ISO/IEC 24761). This security block provides all necessary security parameters, including those used for encryption or integrity. It does not restrict the algorithms and parameters used for encryption or integrity, but provides for the recording of such algorithms and parameter values. It is a matter for profiling to determine, for a particular application area, what algorithms and parameter ranges can be used by the generator of a security block, and hence what algorithms and parameter ranges have to be supported by the user of a security block. This is out of the scope of ISO/IEC 19785-4:2010. The second security block is more limited, but simpler (and in particular cannot contain ACBio instances, and does not support encryption of the BDB).

ISO/IEC 19785-3:2015 specifies and publishes registered CBEFF patron formats (see ISO/IEC 19785‑1) defined by the CBEFF patron ISO/IEC JTC 1/SC 37, and specifies their registered CBEFF patron format types (see ISO/IEC 19785‑2) and resulting full ASN.1 Object Identifiers.

ISO/IEC 19785-3:2007 specifies several patron formats that conform to the requirements of ISO/IEC 19785-1. ISO/IEC 19785-1 defines a basic structure for standardized biometric information records (BIRs) that consists of three parts, the standard biometric header (SBH), the biometric data block (BDB), and the security block (SB). CBEFF also defines several data elements and their standardized abstract values that can be used in SBHs and SBs (CBEFF treats the BDB as opaque data). CBEFF also establishes mechanisms by which organizations, called “patrons” by CBEFF, can specify and publish BIR format specifications, which are in turn called “patron formats”. CBEFF enables patrons to develop BIR specifications that are fully standardized and interoperable, yet are specifically adapted to the requirements of a particular application environment. CBEFF defines rules for BIRs that contain only one BDB (simple BIR) and that contain at least one BDB (complex BIR). CBEFF defines mandatory data elements that identify the format of a BDB and its security attributes (encryption and integrity). All the other CBEFF-defined data elements and abstract values are optional. CBEFF enables patrons to define additional data elements and abstract values as required by the application environment

ISO/IEC TR 24741:2007 describes the main biometric technologies, with some historical information. An annex describes the work of creating International Standards for biometrics and provides a layered model for the placement of the various International Standards being produced, with a short description of each. A second annex contains some of the terms and definitions currently used in these International Standards or the drafts of these International Standards.