iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CEN

CEN/TR 18030:2023

(Main)

Personal identification - Biometrics - Overview of biometric verification systems implemented across Europe

Personal identification - Biometrics - Overview of biometric verification systems implemented across Europe

This Technical Report provides an overview of the current deployment of biometric systems within Europe. It addresses the challenges that are being faced, in order to detect the current needs for improving the specifications for the implementation and deployment of biometric systems. This Technical Report considers all kind of deployments, from border control to ad-hoc services. As most of the deployed systems are based on the use of fingerprints or face recognition, this Technical Report will focus on these two biometric modalities, from the system integrator and interoperability points of view.
Identity documents, in terms of production, structure, interoperability, etc., are out of the scope of this TR. The TR is focused on the performance at system level.
The current European legislative initiatives around this topic (e.g., Entry/Exit System, framework for interoperability between EU information systems, etc.) need a robust framework study about the availability of standard technologies to improve interoperability in biometric products around the European Union.
By showing these needs, a set of recommendations for future standardization works is provided.
From a methodological perspective, the report gathers information of different entities with this classification:
- Capture/enrolment of biometrics including the quality assurance and the generation of feature or biometric models from the images.
- Best practices and guidelines to use biometrics in Europe.
- Data Quality environment using biometrics in European networks.

Persönliche Identifikation - Verwendung biometrischer Verifikationsdaten in allen EU-Ländern und Szenarien

Osebna identifikacija - Biometrija - Pregled sistemov biometričnega preverjanja, ki se izvajajo po Evropi

To tehnično poročilo podaja pregled trenutne uporabe biometričnih sistemov v Evropi. Obravnava izzive, s katerimi se soočajo, da se ugotovijo trenutne potrebe po izboljšanju specifikacij za implementacijo in uporabo biometričnih sistemov. To tehnično poročilo obravnava vse vrste uporabe, od mejnega nadzora do ad hoc storitev. Večina sistemov v uporabi temelji na uporabi prstnih odtisov ali prepoznavanju obrazov, zato se to tehnično poročilo osredotoča na ti dve biometrični modaliteti z vidika integratorja sistema in interoperabilnosti.
Izdelava, struktura, interoperabilnost itd. osebnih dokumentov ne spadajo na področje uporabe tega tehničnega poročila. Tehnično poročilo se osredotoča na zmogljivost na ravni sistema.
Trenutne evropske zakonodajne pobude v zvezi s tem (npr. sistem vstopa/izstopa, okvir za interoperabilnost med informacijskimi sistemi EU itd.) potrebujejo okvirno študijo o razpoložljivosti standardnih tehnologij za izboljšanje interoperabilnosti biometričnih izdelkov v Evropski uniji.
S prikazom teh potreb se zagotovi nabor priporočil za prihodnje standardizacijsko delo.
Z metodološkega vidika poročilo zbira informacije o različnih subjektih s to klasifikacijo:
– zajem/vpis biometričnih podatkov, vključno z zagotavljanjem kakovosti in ustvarjanjem modelov lastnosti ali biometričnih modelov iz slik;
– najboljše prakse in smernice za uporabo biometrije v Evropi;
– okolje kakovosti podatkov z uporabo biometrije v evropskih omrežjih.

General Information

Status
Published
Publication Date
19-Dec-2023
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
CEN/TC 224 - Machine-readable cards, related device interfaces and operations
Drafting Committee
CEN/TC 224/WG 18 - Interoperability of biometric recorded data
Current Stage
6060 - Definitive text made available (DAV) - Publishing
Start Date
20-Dec-2023
Due Date
27-Oct-2023
Completion Date
20-Dec-2023
Directive
2016/679 - REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Mandate
M/487 - Programming mandate addressed to CEN, CENELEC and ETSI to establish security standards
Ref Project
SIST-TP CEN/TR 18030:2024 - Personal identification - Biometrics - Overview of biometric verification systems implemented across Europe

Buy Standard

TP CEN/TR 18030:2024 - BARVETP CEN/TR 18030:2024 - BARVE
PreviousNext
Technical report
TP CEN/TR 18030:2024 - BARVE
English language
33 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-junij-2024
Osebna identifikacija - Biometrija - Pregled sistemov biometričnega preverjanja, ki
se izvajajo po Evropi
Personal identification - Biometrics - Overview of biometric verification systems
implemented across Europe
Persönliche Identifikation - Verwendung biometrischer Verifikationsdaten in allen EU-
Ländern und Szenarien
Ta slovenski standard je istoveten z: CEN/TR 18030:2023
ICS:
35.240.15 Identifikacijske kartice. Čipne Identification cards. Chip
kartice. Biometrija cards. Biometrics
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

CEN/TR 18030
TECHNICAL REPORT
RAPPORT TECHNIQUE
December 2023
TECHNISCHER REPORT
ICS 35.240.15
English Version
Personal identification - Biometrics - Overview of
biometric verification systems implemented across Europe
Persönliche Identifikation - Verwendung biometrischer
Verifikationsdaten in allen EU-Ländern und Szenarien

This Technical Report was approved by CEN on 24 December 2023. It has been drawn up by the Technical Committee CEN/TC
224.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2023 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TR 18030 E
worldwide for CEN national Members.

Contents Page
European foreword . 4
Introduction . 5
1 Scope . 6
2 Normative references . 6
3 Terms and definition s . 6
4 Symbols and abbreviated terms . 7
5 State of the art using biometrics in interoperable scenarios. 8
5.1 General. 8
5.2 Standardization applied to the enrolment . 8
5.3 Standardization applied to the storage . 8
5.4 Standardization applied to the communication between nodes of a biometric network
..................................................................................................................................................................... 9
5.5 Standardization applied to the use of biometrics . 9
5.6 Standardization applied to the environment . 10
5.7 Standardization applied to the quality assurance . 11
5.8 Standardization applied to the data security assurance . 11
5.9 Use of biometrics in border control . 13
6 Technical challenges of a biometric system with interoperability. 14
7 Challenges related to the acquisition of biometric data . 15
7.1 General. 15
7.2 Acquisition requirements during the recognition phase . 16
7.3 Acquisition requirements during the enrolment phase . 17
7.4 Examples of acquisition challenges . 17
7.4.1 General. 17
7.4.2 Fingerprint images: comparison among semiconductor sensors and quality
algorithms . 17
Table 1 — Main characteristics of the sensors used . 18
Figure 1 — Distribution of Quality Scores for Acquisition accepted samples in sensor 1 . 18
Figure 2 — Distribution of Quality Scores for Acquisition accepted samples in sensor 2 . 19
Figure 3 — Distribution of Quality Scores for Acquisition accepted samples in sensor 3 . 19
Figure 4 — Distribution of Quality Scores for Acquisition accepted samples in sensor 4 . 20
Figure 5 — Distribution of Quality Scores for Acquisition accepted samples in sensor 5 . 20
Figure 6 — Distribution of Quality Scores for Acquisition Errors in sensor 1 . 21
Figure 7 — Distribution of Quality Scores for Acquisition Errors in sensor 2 . 22
Figure 8 — Distribution of Quality Scores for Acquisition Errors in sensor 3 . 22
Figure 9 — Distribution of Quality Scores for Acquisition Errors in sensor 4 . 23
Figure 10 — Distribution of Quality Scores for Acquisition Errors in sensor 5 . 23
8 Challenges in the recognition process . 24
8.1 General . 24
8.2 Examples of recognition challenges. 24
8.2.1 General . 24
8.2.2 Face recognition in Spanish ABC points . 24
Table 2 — EER values obtained by the different algorithms/versions used . 25
Table 3 — FRR values obtained by the different algorithms/versions used . 26
8.2.3 Face verification results in NIST FRVT 1:1 on-going evaluation . 26
Figure 11 — FRVT 1:1 Verification results for products 1 to 6 . 28
Figure 12 — FRVT 1:1 Verification results for products 121 to 126 . 29
Figure 13 — FRVT 1:1 Verification results for products 391 to 396 . 29
8.2.4 Fingerprint verification results in public evaluations/competitions . 30
Table 4 — Excerpt of some results from FVC 2006 . 31
9 Recommendations for the future . 32
Bibliography . 33

European foreword
This document (CEN/TR 18030:2023) has been prepared by Technical Committee CEN/TC 224
“Personal identification and related personal devices with secure element, systems, operations and
privacy in a multi sectorial environment”, the secretariat of which is held by AFNOR.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN website.
Introduction
From the beginning of the century, the use of biometrics in real applications has been more and more
extended to other environments different than forensic analysis. With this focus, thorough studies about
normalized mechanisms to harmonize the use of biometrics have been made. Many relevant institutions,
public and private, have collaborated to obtain standards, technical reports, etc. towards best practices
of biometrics.
From the point of view of organizations at the international, European and national level, a big
organizational process has been developed. Other organizations have used and adapted current
standards to produce their own normative related with the use of biometrics (i.e. ICAO, Frontex, Eu-Lisa,
etc).
Biometrics networks where lots of nodes collaborate to obtain the distributed biometrics storage and
matching have been implemented in the public (Eurodac, Interpol, etc) and private scenarios.
It is well known the huge number of challenges that have to be faced when a biometric solution is being
deployed, in particular when trying to cover a high level of interoperability. One example of these
challenges is the difficulty that system integrators (and service providers) have to face when choosing
which capture device will they use, as they can only rely on the figures provided by the manufacturer,
which sometimes are incomplete. Another example is the rigourness in applying quality requirements to
biometric references and probes in different applications or even countries.
A perfect example of this challenge is border control, where the system has to be able to manage
ePassports from all around the world, as well as subjects of all kinds. Even with the high number of
international standards available nowadays, plus some additional requirements (e.g. those issued by
FRONTEX), a huge variety of cases have to be handled, including differences in how the information is
stored in the ePassports, the acquisition scenario and requirements, or even the acceptance thresholds.
The aim of this technical report is to analyse the current state of art in biometrics standardization, its use,
and the identification of gaps between all the relevant standards used in environments applying the
European laws and normative to the applications.
The detected gaps are identified in order to promote the modification of the current standards on
biometrics or/and the generation of new standards in Europe.
1 Scope
This document provides an overview of the current deployment of biometric systems within Europe. It
addresses the challenges that are being faced, in order to detect the current needs for improving the
specifications for the implementation and deployment of biometric systems. This document considers all
kind of deployments, from border control to ad hoc services. As most of the deployed systems are based
on the use of fingerprints or face recognition, this document will focus on these two biometric modalities,
from the system integrator and interoperability points of view.
Identity documents, in terms of production, structure, interoperability, etc., are out of the scope of this
document. The document is focused on the performance at system level.
The current European legislative initiatives around this topic (e.g. Entry/Exit System, framework for
interoperability between EU information systems, etc.) need a robust framework study about the
availability of standard technologies to improve interoperability in biometric products around the
European Union.
By showing these needs, a set of recommendations for future standardization works is provided.
From a methodological perspective, the report gathers information of different entities with this
classification:
— Capture/enrolment of biometrics including the quality assurance and the generation of feature or
biometric models from the images.
— Best practices and guidelines to use biometrics in Europe.
— Data Quality environment using biometrics in European networks.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
EN 17054, Biometrics multilingual vocabulary based upon the English version of ISO/IEC 2382-37:2012
ISO/IEC 2382-37, Information technology — Vocabulary — Part 37: Biometrics
3 Terms and definition s
For the purposes of this document, the terms and definitions given in ISO/IEC 2382-37 and EN 17054
apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https://www.iso.org/obp/
— IEC Electropedia: available at https://www.electropedia.org/
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
CEN/TR 17982:2023(Main)
European Digital Identity Wallets standards Gap Analysis
SIST-TP CEN/TR 17982:2024

This document identifies relevant existing standards and standards work in progress around European Digital Identity Wallets. It also identifies missing work items and overlaps in standards and is supposed to work as a roadmap for future standardization projects in the area.

  • Technical report
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO/IEC 2382-37:2023(Main)
Information technology - Vocabulary - Part 37: Biometrics (ISO/IEC 2382-37:2022)
SIST EN ISO/IEC 2382-37:2024

This document establishes a systematic description of the concepts in the field of biometrics pertaining to recognition of human beings. This document also reconciles variant terms in use in pre-existing International Standards on biometrics against the preferred terms, thereby clarifying the use of terms in this field.
This document does not cover concepts (represented by terms) from information technology, pattern recognition, biology, mathematics, etc. Biometrics uses such fields of knowledge as a basis.
In principle, mode-specific terms are outside of scope of this document.

  • Standard
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17661:2021(Main)
Personal identification – European enrolment guide for biometric ID documents (EEG)
SIST-TS CEN/TS 17661:2022

This document consolidates information relating to successful and high quality biometric enrolment processes of facial and fingerprint systems, while indicating risk factors and providing appropriate mitigations. This information supports decisions regarding procurement, design, deployment and operation of these biometric systems.
This document provides guidance on:
—   capturing of facial images to be used as reference images in identity and secure documents;
—   capturing of fingerprint images to be used as reference images in identity and secure documents;
—   data quality maintenance for biometric reference data;
—   data authenticity maintenance for biometric reference data.
The document addresses the following aspects which are specific for biometric reference data capturing:
—   biometric data quality and interoperability ensurance;
—   data authenticity ensurance;
—   morphing and other presentation attack detection as well as other unauthorized changes;
—   accessibility and usability;
—   privacy and data protection;
—   optimal enrolment design.
The following aspects are out of scope:
—   IT security;
—   data capturing for verification purposes, e.g. in ABC gates;
—   capturing biometric data for enrolment in other systems different from data enrolment for integration in secure MRTD, like entry/exit systems.
This document consolidates the role of the enrolment process in a biometric system and differentiates the enrolment from the authentication, while mentioning key factors of the enrolment process that are feature independent.
Interests of the existing stakeholders are broken down and provide an insight on different views of the enrolment. In addition, organisational enrolment approaches are covered.
This document is not concerned with IT requirements or the capturing of biometric data for inspection, identification or verification purposes without the required step of creating an identity document using the captured data.

  • Technical specification
    73 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17631:2021(Main)
Personal identification - Biometric group access control
SIST-TS CEN/TS 17631:2021

This document provides guidance on providing access:
— to areas with physical access control, e.g. entertainment facilities, train stations, shops, libraries, banks, or border control,
— for small groups of persons, e.g. families with small children or seniors, or other accompanied persons in need of support,
— by means of biometric authentication technologies, e.g. facial, fingerprint, or vein recognition,
— in the European regulatory context.
The document addresses the following aspects, which are specific for biometric and group access:
— accessibility and usability,
— user guidance including group guidance and interaction control,
— privacy including data set content,
— presentation attack detection,
— applicable biometric technologies,
— storage of reference data,
— biometric process integration,
— specific needs considering biometrics for groups,
— biometric performance and error rates, and
— group internal linkage.
The following aspects which reflect on generic access control issues are out of scope:
— IT security,
— application specific physical security,
— policy definition,
— processes not related to biometric authentication, and
— specific performance requirements of identification (1:N) and verification (1:1) applications.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17489-1:2020(Main)
Personal identification - Secure and interoperable European Breeder Documents - Part 1: Framework overview
SIST-TS CEN/TS 17489-1:2020

This document provides an overview of a framework on breeder documents. It introduces the document structure of CEN/TS 17489 (all parts) that specifies how citizens retain the control of breeder document data and how they can use them to support identity proofing and verification. Moreover, the framework provides methodologies to assess and increase the level of trust in breeder documents.
This framework specifies methods for:
-   defining physical and logical/digital representations of a secure breeder document (hardware based, paper-based, server-based),
-   securing breeder document processes,
-   linking the document to its legitimate holder.
The following types of breeder documents are in the scope of the framework:
-   birth certificates,
-   marriage and partnership certificates,
-   death certificates.
The following breeder documents management processes including first-time application, later-in-life registration of an identity, and content update (e.g. name-changing) are in the scope of this framework:
-   registration,
-   issuance,
-   renewal,
-   inspection/verification,
-   revocation.
The specification of policies is out of scope.

  • Technical specification
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 1332-3:2020(Main)
Identification card systems - User Interface - Part 3: Key pads
SIST EN 1332-3:2020

This document covers the ergonomic layout and usability of keypads. The keypad consists of numeric, command and function keys and alphanumeric characters. On the basis that keypad layout impacts performance (keying speed, and errors), this document aims to:
-   enhance usability,
-   ensure ease of use through consistency,
-   increase customer confidence,
-   reduce customer error,
-   improve operating time,
-   ensure ergonomic data entry.
This document specifies the arrangement, the number and location of numeric, function and command keys, including placement of alphabetic characters on numeric keys. Design requirements and recommendations are also provided.
This document applies to all identification card systems with a numeric keypad for use by the public for stationary or non-stationary devices. This document also covers keypads on touch sensitive devices.

  • Standard
    20 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17261:2018(Main)
Biometric authentication for critical infrastructure access control - Requirements and Evaluation
SIST-TS CEN/TS 17261:2019

This document addresses biometric recognition systems that are used as part of an automated access control system to provide a second and independent authentication factor of the individual using the AACS to access secured areas of critical infrastructure.
This document:
-   specifies requirements for biometric recognition systems to be used as part of an AACS for critical infrastructure,
-   describes a methodology for the evaluation of biometric authentication for AACSs against the specified requirements.
The requirements and test methods address biometric authentication for AACS that: (i) operate in an internal environment constituting part of a larger site, access to which is restricted and controlled by a separate access control system; and (ii) use biometrics as a second authentication factor to a token or proximity card.
This document does not consider access by the general public, e.g. passengers in an airport, or visitors to a hospital.
Products that meet the requirements of this document will comprise (i) a biometric sensor(s) external to the secured area, which reads the biometric characteristics of the user at the point of access; and (ii) a biometric server system performing biometric enrolment, signal processing, storage of biometric references and biometric comparison within a secured area.
This document does not address AACS or AACS portals (turnstiles) but is only concerned with the biometric components which integrate with the AACS. Other standards address requirements and testing of the non-biometric parts of the AACS.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 419212-4:2018(Main)
Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 4: Privacy specific Protocols
SIST EN 419212-4:2018

This part specifies mechanisms for SEs to be used as privacy-enabled devices in the context of IAS, and fulfil the requirements of Article 5 of the so-called eIDAS Regulation about data processing and protection.
It covers:
- Age verification
- Document validation
- Restricted identification
- eServices with trusted third party based on ERA protocol

  • Standard
    22 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 419212-5:2018(Main)
Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 5: Trusted eService
SIST EN 419212-5:2018

This part of this series contains Identification, Authentication and Digital Signature (IAS) services in addition to the QSCD mechanisms already described in Part 1 to enable interoperability and usage for IAS services on a national or European level.
It also specifies additional mechanisms like key decipherment, Client Server authentication, identity management and privacy related services.

  • Standard
    58 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 419212-2:2017(Main)
Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services
SIST EN 419212-2:2018

This part specifies mechanisms for SEs to be used as qualified signature creation devices covering:
•   Signature creation and mobile signature creation
•   User verification
•   Password based authentication
The specified mechanisms are suitable for other purposes like services in the context of EU Regulation 910/2014 of the European Parliament and the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.
The particular case of seal is also covered by the specification. The differences between seal and signature are exposed in Annex B. Annex B also explains how the mechanisms for SEs as qualified signature creation devices can be used for SEs as qualified seal creation devices.
Mobile signature is an alternative to the classical signature case which is performed by a secure element. Mobile signature is encouraged by the large widespread of mobile devices and the qualification authorized by the eIDAS Regulation. The particular case of remote signature (or server signing) is covered by this specification in Annex C.
In the rest of this document, except Annex B, there will be no particular notion of a seal since it technically compares to the signature.

  • Standard
    115 pages
    English language
    sale 10% off
    e-Library read for
    1 day