ISO/IEC JTC 1/SC 37 Biometrics is a standardization subcommittee in the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of biometrics. The international secretariat of ISO/IEC JTC 1/SC 37 is the American National Standards Institute (ANSI), located in the United States.[1]

History

edit

ISO/IEC JTC 1/SC 37 was established in August 2002, after the approval of a proposal submitted by ANSI to ISO/IEC JTC 1 for the establishment of a new JTC 1 subcommittee on biometrics.[2] The main purpose of the new subcommittee was to provide an international venue that would harmonize and accelerate formal international biometric standardization, resulting in better interoperability, reliability, usability, and security for future standards based systems and applications. With better interoperability between biometrics systems, the success of these applications would be much more likely.[3] ISO/IEC JTC 1/SC 37 was created with the intent that it would create standards that could support the rapid deployment of open systems, standard-based security solutions for a number of purposes, such as prevention of ID theft and homeland defense. Standards developed by ISO/IEC JTC 1/SC 37 provide support to a wide range of systems and applications that provide accurate and reliable verification and identification of individuals.[4] The subcommittee has published a number of standards pertaining to biometrics in the areas of technical interfaces, data interchange formats, performance testing and application profiles.[5] Other topics within biometrics that have already, or are currently, being addressed by ISO/IEC JTC 1/SC 37 are performance and conformance testing methodology standards, sample quality standards, and standards and technical reports in support of technical implementation issues and cross jurisdictional issues related to the utilization of biometric technologies in commercial applications.[4]

Scope and mission

edit

The scope of ISO/IEC JTC 1/SC 37 is the "Standardization of generic biometric technologies pertaining to human beings to support interoperability and data interchange among applications and systems." Generic human biometric standards include:[2][6]

  • Common file frameworks
  • Biometric application programming interfaces
  • Biometric data interchange formats
  • Related biometric profiles
  • Application of evaluation criteria to biometric technologies
  • Methodologies for performance testing and reporting and cross jurisdictional and societal aspects

The mission of ISO/IEC JTC 1/SC 37 is to ensure a comprehensive and high priority, worldwide approach for the development and approval of international biometric standards.[2]

Work done by ISO/IEC JTC 1/SC 37 does not include:[7]

  • Work covered by ISO/IEC JTC 1/SC 17 for applying biometric technologies to cards and personal identification
  • Work covered by ISO/IEC JTC 1/SC 27 for biometric data protections techniques, biometric security testing, evaluations, and evaluations methodologies

ISO/IEC JTC 1/SC 37 Roadmap – 12 August 2015

Structure

edit

ISO/IEC JTC 1/SC 37 is made up of six working groups (WGs), each of which carries out specific tasks in standards development within the field of biometrics. The focus of each working group is described in the group's terms of reference. Working groups of ISO/IEC JTC 1/SC 37 are:[8][9]

Working Group Working Area
ISO/IEC JTC 1/SC 37/WG 1 Harmonized Biometric Vocabulary
ISO/IEC JTC 1/SC 37/WG 2 Biometric Technical Interfaces
ISO/IEC JTC 1/SC 37/WG 3 Biometric Data Interchange Formats
ISO/IEC JTC 1/SC 37/WG 4 Technical Implementation of Biometric Systems[10]
ISO/IEC JTC 1/SC 37/WG 5 Biometric Testing and Reporting
ISO/IEC JTC 1/SC 37/WG 6 Cross-Jurisdictional and Societal Aspects of Biometrics

Collaborations

edit

ISO/IEC JTC 1/SC 37 works in close collaboration with a number of other JTC 1 subcommittees, specifically ISO/IEC JTC 1/SC 17: Cards and Personal Identification, and ISO/IEC JTC 1/SC 27: IT Security Techniques.[11] The standard ISO/IEC 7816-11:2004, Identification cards – Integrated circuit cards – Part 11: Personal verification through biometric methods, developed by ISO/IEC JTC 1/SC 17 includes an instantiation of a biometric data encapsulator developed by ISO/IEC JTC 1/SC 37.[12] ISO/IEC JTC 1/SC 37 has also developed standards with external organizations, such as the International Labour Organization (ILO). External organizations, such as the International Civil Aviation Organization (ICAO), have also adopted many of the standards developed by ISO/IEC JTC 1/SC 37. In 2011, ICAO published the sixth edition of Document 9303 Part 1, which specifies requirements for passports (specifically, Machine-readable passports) within the realms of physical security features, biometrics, and data storage media. Many of the specifications for biometrics developed and facilitated by ISO/IEC JTC 1/SC 37 were integrated into the document, specifically those pertaining to face, finger, and iris images.[13][14][15]

Organizations internal to ISO or IEC that collaborate with or are in liaison to ISO/IEC JTC 1/SC 37 include:

Organizations external to ISO or IEC that collaborate with, or are in liaison to, ISO/IEC JTC 1/SC 37 include:[16]

Certain countries represented within ISO/IEC JTC 1/SC 37 have also adopted a number of the subcommittee's standards. Two official documents of Spain, the electronic national identity card (DNIe) and the Spanish ePassport, store biometric data outlined in ISO/IEC JTC 1/SC 37's standard data interchange format.[4] In addition, the Planning Commission of the Unique Identification Authority of India (UIDAI) has also planned to use ISO/IEC JTC 1/SC 37's biometric series of standards for fingerprints (ISO/IEC 19794-4:2005, Information technology – Biometric data interchange formats – Part 4: Finger image data), face (ISO/IEC 19794-5, Information technology – Biometric data interchange formats – Part 5: Face image data) and iris (ISO/IEC 19794-6:2005, Information technology – Biometric data interchange formats – Part 6: Iris image data) data interchange formats for the organization's unique identity project.[13] The UIDAI is currently developing the Aadhaar ("Foundation") system and also plans to incorporate a number of other standards developed and facilitated by ISO/IEC JTC 1/SC 37, including, ISO/IEC 19785 CBEFF (Common Biometric Exchange Formats Framework), which provides the common structure, metadata, and security block in packaging the biometric data.[5][17]

Member countries

edit

Countries pay a fee to ISO to be members of subcommittees.[1]

The 29 "P" (participating) members of ISO/IEC JTC 1/SC 37 are: Australia, Canada, China, Czech Republic, Denmark, Egypt, Finland, France, Germany, India, Israel, Italy, Japan, Republic of Korea, Malaysia, Netherlands, New Zealand, Norway, Poland, Portugal, Russian Federation, Singapore, South Africa, Spain, Sweden, Switzerland, Ukraine, United Kingdom, and United States of America.

The 13 "O" (observing) members of ISO/IEC JTC 1/SC 37 are: Austria, Belgium, Bosnia and Herzegovina, Ghana, Hungary, Indonesia, Islamic Republic of Iran, Ireland, Kenya, Romania, Serbia, Thailand, and Turkey.[1]

Standards

edit

As of May 2017, ISO/IEC JTC 1/SC 37 has 118 published standards (including amendments) in biometrics. The types of standards within biometrics published by ISO/IEC JTC 1/SC 37, by working group, are:[11][18][19]

  • WG 1: Responsible for the development of a Harmonized Biometric Vocabulary: establish a systematic description of the concepts in the field of biometrics pertaining to recognition of human beings and reconcile variant terms in use in pre-existing biometric standards against the preferred terms, thereby clarifying the use of terms in this field (ISO/IEC 2382-37, Information technology – Vocabulary – Part 37: Biometrics, which is freely downloadable from the ISO website).[20][21]
  • WG 2: Technical interface standards: address necessary interfaces and interactions between biometric components and sub-systems, as well as the possible use of security mechanisms to protect stored data and data transferred between systems. Standards under development include BioAPI for Object-oriented programming languages Part 1: Architecture, Part 2: Java implementation, and Part 3: C# implementation.[22]
  • WG 3: Data interchange format standards: specify the content, meaning, and representation of biometric data formats which are specific to a particular biometric modality.
    • Biometric sample quality standards and technical reports: specify terms and definitions that are useful in the specification, use and testing of image quality metrics and define the purpose, intent, and interpretation of image quality scores for a particular biometric modality.
    • Conformance testing methodology standards: specify methods and procedures, assertion language definitions, test assertions, testing and reporting requirements, and other aspects of conformance testing methodologies.
    • Amendments to the data interchange formats to specify XML encoding.[23]
    • Biometric presentation attack detection: the purpose of ISO/IEC 30107-1 is to provide a foundation for Presentation Attack Detection through defining terms and establishing a framework through which presentation attack events can be specified and detected so that they can be categorized, detailed and communicated for subsequent decision making and performance assessment activities. ISO/IEC 30107-1, Biometric presentation attack detection - Part 1: Framework, which is freely downloadable from the ISO website: http://standards.iso.org/ittf/PubliclyAvailableStandards/c053227_ISO_IEC_30107-1_2016.zip
  • WG 4: Technical implementation of biometric systems standards and guidance:[9] develop technical best practices, guidance, implementation requirements and biometric profiles that support the successful use and interoperability of biometric applications.[10] Standards and technical reports under development include the ISO/IEC standard ISO/IEC 30124 Code of practice for the implementation of a biometric system and the Technical Reports ISO/IEC TR 29196 Guidance for Biometric Enrolment and ISO/IEC TR 30125 Use of Mobile Biometrics for Personalization and Authentication[24]
  • WG 5: Biometric performance testing and reporting methodology standards and technical reports: specify biometric performance metric definitions and calculations, approaches to test the performance, and requirements for reporting the test results. Standards under development include:
    • Specifications for Machine-readable test data for biometric testing and reporting
    • An evaluation methodology for environmental influence in biometric system performance
  • WG 6: Standards and technical reports related to cross-jurisdictional and societal issues: address the applications of biometric technologies, specifically in respect to, accessibility, health and safety, and support of legal requirements.

See also

edit

Note: New Zealand Passports accepts passport renewal applications including passport images online. The link above provides access to the New Zealand Online Photo Checker which can be used before completing the application form to independently check that the intended image meets New Zealand Passports photographic requirements.

References

edit
  1. ^ a b c "JTC 1/SC 37 Biometrics". Retrieved 2015-09-11.
  2. ^ a b c ISO/IEC (2012), "Annex 14 - History", ISO/IEC JTC1 Standing Document N2 (SD2), ISO/IEC
  3. ^ Hogan, Michael D.; Podio, Fernando L. (2003). "Biometric Standards – A Key to a More Secure World". ANSI Reporter. 36. American National Standards Institute.
  4. ^ a b c Podio, Fernando L. (February 2011). "Who is Who? Biometrics Provides Answers for Public and Private Sectors". ISO Focus +. 2 (2). ISO Central Secretariat: 18–19.
  5. ^ a b Frost, Roger (February 2011). "Catherine Tilton: Daon – Leading Biometric Solutions". ISO Focus +. 2 (2). ISO Central Secretariat: 3–6.
  6. ^ Corum, Chris; Ryan, Russ (2007-09-28). "The Maturation of Biometric Standards". Secure ID News. AVISIAN Publishing. Retrieved 2013-07-19.
  7. ^ "JTC 1/SC 37: Biometrics". Retrieved 2015-09-10.
  8. ^ Biometrics Institute (July 2012). "International Biometrics Standards: ISO/IEC JTC 1 SC 37 on Biometrics". Biometrics Institute. Retrieved 2015-09-10.
  9. ^ a b ISO. "ISO/IEC JTC 1/SC 37 Structure". Retrieved 2015-09-10.
  10. ^ a b SC 37 Secretariat (2014-01-28). "Resolution G.5". Approved Resolutions from the January 2014 SC 37 Plenary Meeting in Darmstadt, Germany (Resolutions). p. 40.{{cite report}}: CS1 maint: numeric names: authors list (link)
  11. ^ a b Podio, Fernando L.; Rajchel, Lisa (2013-09-30). "BUSINESS PLAN FOR JTC 1/SC 37 'BIOMETRICS'". Retrieved 2015-09-11. {{cite journal}}: Cite journal requires |journal= (help)
  12. ^ ISO (2004). "ISO/IEC 7816-11:2004". Retrieved 2015-09-10.
  13. ^ a b Podio, Fernando L. "Interview with Fernando Podio–Chair of ISO/IEC JTC 1 SC 37–Subcommittee on Biometrics" (PDF) (Interview). Interviewed by Tilton, Catherine. Retrieved 2015-09-10.
  14. ^ ISO/IEC JTC1 SC17 WG3/TF1 for ICAO-NTWG (2007-03-23). Machine Readable Travel Documents (MRTDs): History, Interoperability, and Implementation (PDF) (Report). Release 1, draft 1.4. ICAO. Retrieved 2015-09-10.{{cite report}}: CS1 maint: numeric names: authors list (link)
  15. ^ ICAO NTWG (2004-05-21). Biometrics Deployment of Machine Readable Travel Documents (PDF) (Report). 2. Retrieved 2015-09-10.
  16. ^ "ISO/IEC JTC 1/SC 37 Liaisons". ISO. Retrieved 2015-09-10.
  17. ^ Bhavan, Yojana; Marg, Sansad (December 2009). Biometrics Design Standards For UID Applications (PDF) (Report). 1.0. New Delhi: UIDAI Committee on Biometrics. Retrieved 2015-09-10.
  18. ^ "Standards Catalogue: ISO/IEC JTC 1/SC 37 – Biometrics". Retrieved 2015-09-10.
  19. ^ Podio, Fernando L. (2013-01-01). "Advances in Biometric Standardisation – Addressing Global Market Requirements for Biometric Standards". International Journal of Biometrics. 5 (1): 5–19. doi:10.1504/IJBM.2013.050730. Retrieved 2015-09-10.
  20. ^ ISO. "Freely Available Standards". Retrieved 2015-09-10.
  21. ^ ISO (2012). "ISO/IEC 2382-37:2012". Retrieved 2015-09-10.
  22. ^ ISO (2012-02-28). "ISO/IEC Draft International Standards 30106-1, -2, and -3 - ISO Standards Catalogue – ISO/IEC JTC 1/SC 37 – Standards under development". ISO. Retrieved 2015-09-10.
  23. ^ ISO (2012-09-21). "ISO/IEC 19794-5:2011/DAM Amd 2". ISO. Retrieved 2015-09-10.
  24. ^ "ISO/IEC Draft International Standard ISO/IEC 30124, and ISO/IEC Technical Reports TR 29196 and ISO/IEC TR 30125 - ISO Standards Catalogue – ISO/IEC JTC 1/SC 37 – Standards under development". Retrieved 2015-09-10.
edit