ISO/IEC 19794-1:2011/Amd 1:2013

INTERNATIONAL ISO/IEC
STANDARD 19794-1
Second edition
2011-07-15
AMENDMENT 1
2013-02-01
Information technology — Biometric data
interchange formats —
Part 1:
Framework
AMENDMENT 1: Conformance testing
methodology
Technologies de l'information — Formats d'échange de données
biométriques —
Partie 1: Cadre
AMENDEMENT 1: Méthodologie d'essai de conformité

Reference number
ISO/IEC 19794-1:2011/Amd.1:2013(E)
©
ISO/IEC 2013
ISO/IEC 19794-1:2011/Amd.1:2013(E)

©  ISO/IEC 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2013 – All rights reserved

ISO/IEC 19794-1:2011/Amd.1:2013(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees established
by the respective organization to deal with particular fields of technical activity. ISO and IEC technical
committees collaborate in fields of mutual interest. Other international organizations, governmental and non-
governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology,
ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
Amendment 1 to ISO/IEC 19794-1:2011 was prepared by Joint Technical Committee ISO/IEC JTC 1,
Information technology, Subcommittee SC 37, Biometrics.
© ISO/IEC 2013 – All rights reserved iii

ISO/IEC 19794-1:2011/Amd.1:2013(E)

Information technology — Biometric data interchange
formats —
Part 1:
Framework
AMENDMENT 1: Conformance testing methodology
Page vi, Introduction
Add the following paragraphs after Figure 1:
Users of biometric systems desire to use this and other standards to ensure that components of the
biometric system can be substituted with other components from different vendors with a minimum of
effort, and also to ensure that biometric data produced by one system can be used by another system. In
order to achieve this, it is critical that systems claimed to conform to a standard actually are conformant,
and thus there is a need for a standardized conformance testing methodology for each of the biometric
data interchange formats described in ISO/IEC 19794, in order to provide a reasonable degree of
assurance that a conformance claim has validity. While conformance of individual elements of data
interchange records to relevant requirements can be determined, no test can be absolutely
comprehensive and prove that a given system generating or using biometric data interchange records is
conformant under all possible circumstances, especially when there are optional components of the
standard. A well designed conformance test can, however, test all of the most likely sources of problems
and ensure that the implementation under test conforms under a reasonable set of circumstances, giving
assurance, but not a guarantee, of conformance.
There are many different types of conformance testing that may be appropriate for the various parts of
ISO/IEC 19794. Some of these tests are highly specific to each data interchange format but some of them
have many common elements across all of the formats. This part of ISO/IEC 19794 also describes the
different types of conformance testing, and provides details of the common elements for defining test
assertions. It also provides guidelines for conducting the tests and reporting the results of the tests. Tests
and assertions common for most or all biometric data interchange formats (e.g., for common elements of
the general headers and the common elements of the representation headers) are specified in this part of
ISO/IEC 19794; the specific tests and assertions for each biometric data interchange format are left to the
subsequent parts of ISO/IEC 19794.
Annex A of this part of ISO/IEC 19794 is distinct from the ISO/IEC 29109-1 which addressed
conformance testing only of the first edition of ISO/IEC 19794. The normative Annex A of this part of
ISO/IEC 19794 addresses conformance testing of data formats specified in the second edition of ISO/IEC
19794.
Page 1, Scope
Add the following text at the end of the Scope:
This part of ISO/IEC 19794 also specifies the concepts, test types and conformance testing
methodologies to test biometric data interchange records or computer algorithms that create biometric
data interchange records. It defines two types (type A, i.e., biometric data interchange records and
systems generating such records; and type B, i.e., systems using biometric data interchange records),
and three levels (Level1, i.e., checking internal content of each field; Level 2, i.e., checking internal
consistency of the entire record; and Level 3, i.e., checking whether the data record is a faithful
© ISO/IEC 2013 – All rights reserved 1

ISO/IEC 19794-1:2011/Amd.1:2013(E)
representation of the original biometric data) of conformance testing, but it only provides a detailed
description and methodology for the three levels of Type A testing. This part of ISO/IEC 19794 specifies
test requirements, assertions, and test execution and reporting procedures that are common for most or
all biometric data interchange formats. It explicitly does not cover the following areas:
• Modality-specific detailed test elements and assertions or descriptions of any mandatory standard
datasets required for testing. They are provided in the subsequent parts of ISO/IEC 19794.
• Testing whether implementations under test (IUTs) that claim to be able to use conformant biometric
data interchange records are able to correctly process such biometric data interchange records (Type B
testing).
• Conformance testing of CBEFF requirements
• Testing of other characteristics of biometric products or other types of testing of biometric products
(i.e., acceptance, performance, robustness, security).

Page 1
Add the following clause after the Scope and renumber all subsequent clauses accordingly:
2 Conformance
Biometric data interchange format conformance tests that claim conformance to this part of ISO/IEC
19794 shall satisfy the normative requirements of the methodology for those levels of test they are
claiming to perform, as described in Clauses A.1, A.2 and A.3. Any conformance tests shall use the
assertion types defined in Clause A.2 with the specific assertion details given in this and the relevant
subsequent parts of this standard.
Implementations of subsequent parts of ISO/IEC 19794 tested according to the methodology specified in
this part of ISO/IEC 19794 shall be able to claim conformance only to those requirements specified in
ISO/IEC 19794 that are tested by the test methods established by this methodology.

Pages 1 to 8, Terms and definitions
Add the following terms and definitions alphabetically , renumbering accordingly:
4.x
assertion
specification for testing a conformance requirement in an implementation under test expressed in a formal
assertion definition language
4.x
assertion test
specification of software or procedural methods that generate the test outcomes used for assessment of
conformance to an assertion
NOTE This is adapted from the definition of “assertion test” in ISO/IEC 13210:1999.
4.x
attestation
issue of a statement, based on a decision that fulfillment of specified requirements has been
demonstrated
NOTE This is adapted from the definition of “attestation” in ISO/IEC 17000:2004.
© ISO/IEC 2013 – All rights reserved

ISO/IEC 19794-1:2011/Amd.1:2013(E)
4.x
certification
third-party attestation related to products
[ISO/IEC 17000:2004]
4.x
conformance
conformity
fulfillment by a product, process, or service of all relevant specified conformance requirements
NOTE For all practical purposes, data records are considered to be a type of a “product”, i.e., provisions of this
standard that are applicable to “products” apply to data records.
4.x
conformance requirement
requirement stated in a data format specification and defined in a finite, measurable, and unambiguous
manner
NOTE This is adapted from the definition of “conformance requirement” in ISO/IEC 13210:1999.
4.x
conformance test
specified technical procedure of conformance testing
4.x
conformance testing
testing
determination of one or more characteristics of an object of conformity assessment, according to a
procedure
[ISO/IEC 17000:2004]
4.x
conformance testing laboratory
organization that carries out conformance testing.
EXAMPLE This may be the creator of the IUT, the user of the IUT, or an unbiased third party.
4.x
conformance test specification
test specification
provisions of ISO/IEC 19794 biometric data interchange format standard that is concerned with test
methods, sometimes supplemented with other provisions related to testing, such as sampling, use of
statistical methods, and sequence of tests

NOTE This is adapted from the definition of “testing standard” in ISO/IEC GUIDE 2:2004.

4.x
conformance testing suite
CTS
test software used to automate certain types of conformance testing
4.x
conformity assessment
demonstration that specified requirements relating to a product, process, system, person or body are
fulfilled
[ISO/IEC 17000:2004]
© ISO/IEC 2013 – All rights reserved 3

ISO/IEC 19794-1:2011/Amd.1:2013(E)
4.x
data format specification
provisions of ISO/IEC 19794 biometric data interchange format standard containing the specification that
is the subject of the conformance testing

4.x
declaration
declaration of conformity
first-party attestation
[ISO/IEC 17000:2004]
4.x
Implementation conformance statement
ICS
statement by the supplier of an implementation under test that indicates which mandatory and optional
components of the data format specification are supported by the implementation
4.x
implementation under test
IUT
that which implements the data format specification being tested
NOTE Depending on the conformance requirements of the data format specification, this may simply be a set of
biometric data interchange records or it may be a computer algorithm in the form that creates the BDIR and/or uses
the data contained in the BDIR.
4.x
input biometric data record
IBDR
data package containing a less processed form of biometric data which is suitable for use in the creation
of a BDIR
NOTE In some cases, this may be an image, but it may also be raw sensor output such as a time series of data
points from a digitization tablet.
4.x
level 1 testing
conformance testing methodology that checks field by field and byte by byte conformance with the
specification of the BDIR as specified in the data format specification, both in terms of fields included and
the ranges of the values in those fields
NOTE This type of testing tests syntactic requirements of the data format specification.
4.x
level 2 testing
conformance testing methodology that tests the internal consistency of the BDIR under test, relating
values from one part or field of the BDIR to values from other parts or fields of the BDIR
NOTE This type of testing tests syntactic requirements of the data format specification.
4.x
level 3 testing
conformance testing methodology that tests that a BDIR produced by an IUT is a faithful representation of
the IBDR subject to the constraints of the parameters in the metadata records
NOTE This type of testing tests semantic requirements of the data format specification.
© ISO/IEC 2013 – All rights reserved

ISO/IEC 19794-1:2011/Amd.1:2013(E)
4.x
metadata record
data record containing any specific parameters related to the data itself, particularly required by an IUT to
transform an IBDR into a BDIR
EXAMPLE Type of image (basic, full frontal, token frontal or other) and the level of compression for a face image
BDIR; the presence of core, delta, or ridgecounts in the extended area for finger minutiae BDIR; the size of each
pattern in a finger pattern BDIR.
4.x
procedure
specified way to carry out an activity or a process
[ISO 9000:2005]
4.x
requirement
provision that conveys criteria to be fulfilled
[ISO/IEC GUIDE 2:2004]
4.x
test method
specified technical procedure for performing a test
NOTE This is adapted from the definition of “test method” in ISO/IEC GUIDE 2:1996. More recent edition of
ISO/IEC GUIDE 2 or ISO/IEC 17000:2004 no longer contain this definition
4.x
test report
document that presents test results and other information relevant to the execution of the test methods
against an Implementation Under Test
NOTE This is adapted from the definition of “test report” in ISO/IEC 13210:1999 and ISO/IEC GUIDE 2:1996.
4.x
Type A conformance claim
conformance claim that an IUT is a conformant BDIR, or can create conformant BDIRs from appropriate
IBDRs
4.x
Type B conformance claim
conformance claim that an IUT can read conformant BDIRs, interpret them correctly, and perform its
desired function upon them
Page 8, Abbrevaited terms
Add the following abbreviated terms alphabetically:
CTS Conformance Testing Suite
ICS Implementation Conformance Statement
IUT Implementation Under Test
IBDR Input Biometric Data Record

© ISO/IEC 2013 – All rights reserved 5

ISO/IEC 19794-1:2011/Amd.1:2013(E)
Page 14, 8.1 (now renumbered as 9.1)
In the last sentence, change "Annex A" to "Annex B".
Page 25, Annex A
Rename Annex A as Annex B.
Page 24
After Table 7, insert the following annex:
© ISO/IEC 2013 – All rights reserved

ISO/IEC 19794-1:2011/Amd.1:2013(E)
Annex A
(normative)
Conformance testing methodology

A.1 Conformance testing framework
A.1.1 Limitations
While conformance of individual elements of each data interchange record to relevant requirements can be
determined, no conformance test of a given system generating or using biometric data interchange records
can be complete or perfect. Ultimately, it is only possible to prove that an IUT is non-conformant. The goal of
conformance testing is therefore to capture enough of the requirements of the data format specification and
test them under enough conditions, that any IUT that passes the conformance test is likely to be conformant.
Two problems with a data format specification that may only become apparent during conformance testing are
that some areas may be undefined (so that the specification of these areas is left to each vendor) or ill-defined
(so that there is a contradiction between parts of the data format specification or an easy misinterpretation
caused by the wording of the data format specification). The latter problem may be resolved by an
amendment to the standard, but the former problem may be difficult to resolve. An obvious example is the use
of proprietary extended data blocks within a BDIR. There may be good reasons to allow such proprietary data,
but very little conformance testing is possible while the data remains proprietary. Also, if the data format
specification includes a requirement to interpret the BDIR or use it for biometric comparison, then it is difficult
to be sure of the effect of a proprietary data block produced by one IUT when another IUT is attempting to
interpret it.
A.1.2 Managing data records
Note that since CBEFF conformance testing is out of scope for this standard, it is generally assumed that the
BDIRs will have been removed from any CBEFF data structures prior to beginning the conformance test.
Typically, for Type A testing as described in Clause A.1.3, either the IUT will provide BDIRs without a CBEFF
encapsulator or the CTS will remove them from such an encapsulator if one exists. Regardless of the method
used, the test shall provide a means of passing the CBEFF format type corresponding to the IBDRs in the IUT
or produced by the IUT to the CTS. This may be as simple as the supplier of the IUT sending a written
instruction to the testing laboratory that all BDIRs produced by this IUT would have a particular format type, or
it may involve the IUT passing a special parameter or using a specific CBEFF patron format that is not part of
its normal function outside the test. The reason this is required is that several parts of ISO/IEC 19794 have
different format types that determine whether or not certain optional data is present. Thus format type is an
extra field that shall always be present together with a BDIR when conformance testing using that BDIR
occurs.
A.1.3 Conformance testing types
Generally, the goal of biometric data interchange format conformance testing is to assure the users of
conformant biometric products that a BDIR produced by any conformant product can be interpreted and used
correctly by any other conformant product. There are thus two types of fundamental conformance claims.
Type A is the ability to produce conformant BDIRs and Type B is the ability to use conformant BDIRs.
Different IUTs may have different purposes for which they use a conformant BDIR, and thus Type B testing is
more complex than Type A testing because it has to account for all of these purposes. ISO/IEC 19794 is
focused on Type A testing exclusively. When biometric data interchange records themselves are tested in the
absence of any software or hardware that produced them or uses them, this is treated as Type A testing.
© ISO/IEC 2013 – All rights reserved 7

ISO/IEC 19794-1:2011/Amd.1:2013(E)
A.1.4 Conformance testing levels
A.1.4.1 Hierarchy of Conformance Tests
A first step towards the goal of demonstrating conformance is ensuring that all of the specified fields and data
structures in the BDIR are correct and self-consistent. This does not validate the fidelity of the information
contained in the BDIR, however, since that depends on the relationship between the original IBDR and the
BDIR. This leads to a natural hierarchy of conformance testing levels.
The conformance testing hierarchy presented in this standard has three levels. Generally they progress from
least complex and expensive to test to most complex and expensive to test. They also progress from less
useful in predicting the performance of real world systems using conformant products, to more useful,
although even Level 1 conformance testing represents a significant step towards that goal. The types of
assertions for Level 1 and Level 2 testing for all parts of ISO/IEC 19794 are similar and so a list of assertion
operators and operands that should be used to define assertions is given in Clause A.2 of this part of
ISO/IEC 19794. The details of all the Level 1 and Level 2 assertions for each data format specification are
given in the appropriate subsequent parts of ISO/IEC 19794. For the more complex Level 3 testing, where the
actual fidelity of the information in the BDIR is compared to that in the IBDR, the subsequent parts of
ISO/IEC 19794 provide, as far as it is possible, guidance on how to carry out Level 3 testing for their specific
data interchange formats. A given conformance test may therefore involve conformance testing at different
levels.
It will ultimately be up to application profiles or to individual users of ISO/IEC 19794 to determine which level
of conformance testing will be required for a specific application, as well as any requirements on performance
or interoperability. This will be dependent on time, cost, and importance of biometric performance, implications
of non-interoperability and the current state of the published versions of the various parts of ISO/IEC 19794.
A.1.4.2 Level 1 – Data format conformance
In Level 1 testing, a set of BDIRs shall be checked for field-by-field and byte-by-byte conformance with the
specification of the data format specification, both in terms of fields included and the ranges of the values in
those fields. The specific assertions tested for each data format specification shall be those described in the
appropriate part of ISO/IEC 19794.
The advantage of this testing is that it does not require an IUT to be a computer algorithm or a set of hardware
and software. It can simply be a set of BDIRs. Thus, any hardware or software components of the
implementation being tested do not have to come into the possession of the testing lab, only BDIRs created
with those components.
An IUT may have the capability to produce multiple BDIRs, depending on the requirements of the application
in which it is used. Some of these BDIRs may be conformant and others may not, and so it is important to
specify which types were tested and how many of each type. In an ideal world every possible combination of
parameters for a particular biometric data interchange format would be tested, but this is not realistic given the
resources that would be required for such testing. Provided a test reports the presence or absence of optional
fields and the values for variable structural fields it is possible for a user of the data format specification to
determine if the particular variant of the standard tested is appropriate for their needs. The user may also
require conformance test results for a specific type of BDIR. An obvious example would be a two finger BDIR
or two iris BDIR, since many applications require enrollment of more than one biometric characteristic in order
to allow for a back-up if one of them becomes damaged or temporarily unusable. Some IUTs might be
conformant with a single-representation BDIR, or even with multiple representations of a single finger or iris,
but might fail conformance testing when the BDIR contains more than one finger or iris.
A.1.4.3 Level 2 – Internal consistency checking
In Level 2 testing, a set of BDIRs shall be checked to determine if they are internally consistent. The specific
assertions tested for each data format specification shall be those described in the appropriate part of
ISO/IEC 19794.
© ISO/IEC 2013 – All rights reserved

ISO/IEC 19794-1:2011/Amd.1:2013(E)
The nature of Level 2 testing is that it relates values from one part of the BDIR to values from other parts of
the BDIR. This may be due to explicit requirements in the data format specification, such as a requirement
that the record length actually does indicate the number of bytes in the BDIR. It may also be implicit in the
standard, such as determining that the coordinates of a particular feature (such as eye positions in a face
image record or minutiae positions in a finger minutiae record) actually fall within the specified size of the
image.
In some cases, test assertions for Level 2 and higher conformance testing will have to make specific
assumptions about interpreting the data format specification requirements. In those cases, testing
methodology as set forth in ISO/IEC 19794 shall be considered normative in its interpretation of the data
format specification requirements, and any other interpretations shall be considered non-conformant to the
data format specification.
Once again the advantage of this testing is that it does not require an IUT to be a computer algorithm or a set
of hardware and software. It can simply be a set of BDIRs. Then the hardware or software of the IUT does not
have to be part of the test, only BDIRs created with that implementation. The disadvantage is that there are a
limited number of BDIRs and it is quite possible that some of the internal consistency checks will never be
tested because they are not relevant for the set of BDIRs in the IUT. The solution is to test a larger number of
BDIRs that represent multiple different structural variants of the biometric data interchange format under test.
This is why it is so vital to report on the structure of each BDIR variant in the conformance test.
Since Level 1 and Level 2 conformance testing are both required in order to properly test that the structure of
a BDIR is conformant to a data format specification, and since the execution of Level 1 and Level 2 tests will
frequently be intermingled, a conformance test should always include all relevant Level 1 and Level 2 test
assertions.
A.1.4.4 Level 3 – Content checking
Level 3 conformance testing is defined as a conformance testing methodology that tests that a BDIR produced
by an IUT is a faithful representation of the IBDR subject to the constraints of the parameters in the metadata
records. Effectively this is intended to test that the BDIRs produced by an IUT are faithful representations of
the original biometric data and that they satisfy those requirements of the data format specification that are not
simply a matter of syntax and format. In some cases the requirements of the data format specification may
specify biometric data capture conditions. An example would be the use of a fingerprint sensor of a particular
resolution or having a particular certification by an external body to capture fingerprints and generate
fingerprint image records that are noted in the BDIR as having a particular image acquisition level. The only
way to test that such a requirement has been correctly implemented by the IUT is to require that in Level 3
testing, an IUT shall be a combination of computer hardware and/or software that is used in the testing
laboratory. If the IUT is software only, then a set of IBDRs and corresponding metadata records shall be
provided and the IUT shall produce a set of corresponding BDIRs. This, however, only tests the ability of the
IUT to parse the metadata records and the IBDRs and insert the appropriate information in correctly formatted
BDIRs. For some requirements it is essential that the entire process from data capture to BDIR production be
included in the test, and in those cases the IUT will have to be a complete set of hardware and software.
Finally, there are some requirements that cannot be quantitatively tested without significant special effort or
extra equipment and for which the conformance test specification may simply define that no Level 3 test is
possible. An example would be the pose angles listed in a face image data record. Without an external three
dimensional reference frame for the head containing the face that is represented in the data record, there is
no absolute mechanism to verify that these pose angles are correct.
This leads to the following methodology for handling Level 3 conformance tests. As indicated in Clause A.3, all
of the requirements of the data format specification shall be listed in a conformance requirements table that is
in the same form as an implementation conformance statement. This will help the supplier of the IUT to clearly
identify which requirements of the data format specification are supported by the implementation. Certain
columns in this table indicate whether each requirement is a Level 1, Level 2 or Level 3 requirement and for
each Level 3 requirement, indicate whether it can be tested using a software only solution with a database of
IBDRs and metadata records, whether it requires a complete hardware and software IUT, or whether it can’t
be tested at all without special effort. Where they are available, the specific test methodologies to be used for
Level 3 testing involving IUTs composed of both hardware and software are found within specific clauses, as
referenced in the table, in each of the subsequent parts of ISO/IEC 19794. A general methodology to test
© ISO/IEC 2013 – All rights reserved 9

ISO/IEC 19794-1:2011/Amd.1:2013(E)
some Level 3 requirements using a software only solution and a database of IBDRs and metadata records is
described in this clause, but even it will require specific clauses in the subsequent parts of ISO/IEC 19794 on
how to use this methodology for specific requirements.
The basic structure of a software only Level 3 conformance test is that a set of IBDRs and corresponding
metadata records shall be provided and the IUT shall produce a set of corresponding BDIRs. The information
in the BDIRs shall then be compared to the information in the IBDRs to determine if the IUT has faithfully
reproduced that information subject to the constraints of the parameters in the metadata records. Note that
this form of testing is not possible for any IUT in which a correlation between a set of IBDRs and BDIRs
cannot be established. A set of BDIRs, for instance, provided without any knowledge of the corresponding
IBDRs, can be tested for Level 1 and Level 2 conformance but not for Level 3 conformance.
There is potentially significant difficulty in assigning the correspondence between IBDRs with metadata
records as input and BDIRs as output. The features that shall be contained in the BDIR need to be identified
either by a reference BDIR generation algorithm already known to be conformant acting upon the IBDRs and
metadata records or by a human investigator reviewing them in detail. Such features could include, for
instance, ground truth minutiae data such as position, angle and quality which have been generated by human
inspection of the fingerprint images constituting the IBDRs for a specific Level 3 conformance test of
ISO/IEC 19794-2 BDIRs. The permissible tolerances between the expected information in the BDIRs and the
actual information in the BDIRs produced by the IUT need to be defined for each data element. The
databases of IBDRs and metadata records need to be made general enough that they cover a wide range of
possible biometric characteristics and variations of the biometric data interchange format. On the other hand,
some IUTs may not support all the different types of possible parameter combinations. A minimum test is
therefore required to declare Level 3 conformance, but additional test sets may be used to test the
conformance of algorithms with enhanced capabilities. Thus, it is essential to include in the test report all of
the structural variants of the BDIRs generated in the testing, in this case defined by the metadata records in
the input data set. It is also essential to explain the principles by which the reference BDIRs were generated
and what tolerances were permitted when data elements were different between the BDIRs produced by the
IUT and the BDIRs in the reference data set. This makes a test report for Level 3 conformance testing a
significantly more detailed document than is required for Level 1 and 2 conformance testing.
The exact nature of some minimum set of BDIRs (or of corresponding IBDRs and metadata records) that shall
be used in testing Level 3 conformance in order to declare the IUT minimally conformant to the relevant data
format specification is defined, where possible, in each of the subsequent parts of ISO/IEC 19794.
A.1.5 Sample data sets for Level 3 conformance testing
In order to support Level 3 conformance testing, it is necessary to define specific minimum data sets. Ideally,
to ensure consistency among conformance tests key data sets should be common to all conformance tests.
Although some data sets may be publicly available, there is also a benefit to having sequestered data sets
that were not available to the supplier of the IUT prior to the start of the conformance test. This is because
advance knowledge of the data sets (IBDRs, metadata records and either the reference BDIR generation
algorithm, or the corresponding BDIRs) would allow the supplier of an IUT to preprogram their IUT so it
produced the appropriate conformant BDIRs whenever it encountered one of the input data sets. This would
invalidate the conformance test.
The details of Level 3 conformance testing using databases of IBDRs and metadata records, including which
requirements of each data format specification can be addressed using this method, are described in the
subsequent parts of ISO/IEC 19794. At the time of development of this part of ISO/IEC 19794, appropriate
data sets did not exist, but initial steps had been taken to develop them. As conformance testing for biometric
data interchange formats becomes more common, contributions from different test laboratories should
eventually result in acceptable data sets that can be referenced in the subsequent parts of ISO/IEC 19794.
This part of ISO/IEC 19794 simply defines a universal nomenclature for the data sets so that references to
data sets in the subsequent parts of ISO/IEC 19794 and by testing laboratories following this test methodology
can be harmonized. Eventually a minimum data set for each of the subsequent parts should be developed that
permits conformance testing of all Level 3 requirements that can be tested by a software only IUT. A subset of
this data should be kept sequestered and provided only to testing laboratories who are not themselves
suppliers of IUTs. The remainder of the data set should be made public. At that point, all Level 3 conformance
tests should utilize one or both of these two minimum data sets of IBDRs and metadata records. Other data
© ISO/IEC 2013 – All rights reserved

ISO/IEC 19794-1:2011/Amd.1:2013(E)
sets may also be included, but the minimum requirements for Level 3 conformance testing should be based
on either data set serial number 01 or 02. Data set 01 of both IBDRs and metadata records shall be kept
sequestered so that no supplier of an IUT shall have access to it and data set 02 shall be made publicly
available. Each IBDR or metadata record used in any data set for Level 3 conformance testing shall be
assigned a unique identifier following the convention described below:
Ixxssyyyyzzzzzzzz or Mxxssyyyyzzzzzzzz
“I” indicates that this is an IBDR for conformance testing purposes.
“M” indicates that this is a metadata record for conformance testing purposes.
“xx” is a number indicating the part of this multipart standard with which the IBDR is to be used (e.g. 02 for
finger minutiae, 05 for face image, etc.).
“ss” is the serial number of the IBDR set being used in the test. “01” is reserved for a universal sequestered
data set that would be described, if it exists, in part “xx” of ISO/IEC 19794. “02” is reserved for a universal
public data set that would be described, if it exists, in part “xx” of ISO/IEC 19794. Other numbers may be
assigned as specific data sets are created for specific conformance tests.
“yyyy” is the four digit calendar year in which the IBDR data set “ss” was introduced. In the case of data set 01
and 02, these will need to be updated periodically as technology changes.
“zzzzzzzz” is an eight digit sequential number from 00000001 to 99999999 that uniquely identifies a specific
IBDR or metadata record within a given set.
NOTE It will not be necessary to change IBDR sets whenever a data format specification is updated, since the
biometric data interchange format does not affect the IBDR. It is simply produced from the IBDR. The metadata records
may need to be changed, however, since ranges of parameters available in the data format specification may have
changed.
A.2 Common assertion descriptors for Level 1 and 2 testing
A.2.1 General considerations
Regardless of the specific data format specification in question, many of the elements of Level 1 and Level 2
testing will be the same. All of the tests are essentially dealing with mathematical operations performed on
individual field values or lengths extracted from a BDIR. The only difference is that Level 1 tests involve a
direct comparison between a field value and something stated in the data format specification, whereas Level
2 tests involve interactions between multiple values from different parts of the standard and sometimes from
implicit assumptions that are not expressly stated in the data format specification. Thus, Level 1 tests is
performed by a simple byte-by-byte reading of the standard and comparison to known values or ranges of
values, whereas Level 2 tests require more complex validation, usually after the entire BDIR has been parsed.
It should be noted that successful parsing of the data records may involve operations similar or identical to
some of the Level 1 and 2 tests. For example, to successfully parse a data record containing multiple
representations (e.g., finger minutiae), the parsing algorithm will need to read the field containing a value
representing the number of representations, and then parse each set of fields for each representation.
Implementers of the conformance test suites may choose to combine certain elements of the parsing process
with some of the Level 1 and/or 2 tests. However, for the purposes of this standard, parsing of a data record
and its testing are viewed as two distinct processes.
A.2.2 Assertions for big-endian encoding
All parts of ISO/IEC 19794 specify that multi-byte values are to be recorded using big-endian encoding. Since
there is no specific test assertion to check for big endian encoding of an entire data record, each part of
ISO/IEC 19794 shall select a few specific multi-byte fields from its corresponding data format specification that
can only have a single value. One test assertion for each field shall test that it is equal to its correctly big-
endian encoded value. Another test assertion for each field will test that it is not equal to the value it would
© ISO/IEC 2013 – All rights reserved 11

ISO/IEC 19794-1:2011/Amd.1:2013(E)
have had if it had been incorrectly encoded using little-endian encoding. The tests for both of these assertions
should pass for each field if the fields have been correctly big-endian encoded with the correct value. If a
random incorrect value has been used, then the first test should fail but the second test should pass for each
field where an incorrect value has been used. If the correct values have been used but with the incorrect little-
endian encoding, however, then both tests should fail on all the fields for which this check is performed. This
test shall be performed on at least two separate multi-byte fields in each BDIR in order to ensure that big-
endian encoding has taken place. The specific fields to be used are noted in each subsequent part of
ISO/IEC 19794 using the table and test notes described in Clauses A.3.1.5 and A.3.1.6.
A.2.3 Assertion element descriptions
A.2.3.1 Purpose of common assertion descriptions
In order to document and express as many test assertions as possible for each data format specification using
the same assertion vocabulary, this clause provides a reference for the terms used. The assertions
themselves are contained in the subsequent parts of this standard.
A.2.3.2 Field Names
Every field within a set of test assertions for a particular data format specification shall be uniquely named in
order to identify it when referencing fields within Level 2 assertions. This is particularly important when
multiple fields within different parts of the data format specification have the same name. The relationship
between the field names specified in the test assertion and the field names specified in the data format
specification is explicitly identified in the tables in the subsequent parts of ISO/IEC 19794.
A.2.3.3 Operators
A.2.3.3.1 Introduction to operators
The fundamental approach required to determine Level 1 or Level 2 conformance of a BDIR is to compare the
value of each field with a value or range of values which are known to be either valid or invalid according to
explicit or implicit requirements of the data format specification. These values may be determined in advance
(e.g. Format Identifier), or calculated during the test from context dependent data within the BDIR (e.g. Length
of Record). A list of specific operators is given below.
A.2.3.3.2 Equal (EQ)
Indicates the IUT shall pass the test if the field value matches a specified value or is within a specified range
of values.
A.2.3.3.3 Not-Equal (NEQ)
Indicates the IUT shall pass the test if the field value does not match a specified value or is outside a specified
range of values.
A.2.3.3.4 Greater Than or Equal (GTE)
Indicates the IUT shall pass the test if the field value is greater than or equal to the specified value.
A.2.3.3.5 Less Than or Equal (LTE)
Indicates the IUT shall pass the test if the field value is less than or equal to the specified value.
A.2.3.3.6 Greater Than (GT)
Indicates the IUT shall pass the test if the field value is greater than the specified value.
© ISO/IEC 2013 – All rights reserved

ISO/IEC 19794-1:2011/Amd.1:2013(E)
A.2.3.3.7 Less Than (LT)
Indicates the IUT shall pass the test if the field value is less than the specified value.
A.2.3.3.8 Incremental (INC)
Indicates the IUT shall pass the test if the field value is in sequence and within the specified range relative to
the last instance of this field within the current data set. This includes ensuring that the value of the first field
instance is at the start of the specified range. (e.g. Representation Number)
A.2.3.3.9 Calculation (C)
Indicates the IUT shall pass the test if the field value meets a certain criteria that cannot be simply expressed
by one of the other operations. (e.g. unit conversion from 1/100th mm to pixels) The algorithm required to
perform the calculation is described in a note following the table.
A.2.3.3.10 Member Of (MO)
Indicates the IUT shall pass the test if the field value is a member of the specified set.
A.2.3.4 Operands
A.2.3.4.1 Introduction to operands
All absolute operand values are expressed in decimal (e.g. 73) or hexadecimal (e.g. 49 ) notation. A range
Hex
of values is expressed by listing the lower bound, followed by "to", followed by the upper bound (e.g. 1 to 255).
A set of values is expressed by enumerating its members enclosed in braces. Where a test requires more
than one operand, values and ranges are separated by a comma. A very simple mathematical calculation,
involving a number and a Field Name or a pair of Field Names may be expressed directly as an operand.
A.2.3.4.2 {Field Name}
When referring to a value stored within a particular field, the tables use the Field Name surrounded by braces
(e.g. {Number of Representations}).
A.2.3.4.3 Read
Refers to the number of data subsets within the BDIR which contain the data associated with a particular
group of related elements defined in the data format specification. The Read operand is always given in
conjunction with a descriptive name that explains which data subsets it refers to from the data format
specification. This value is recorded by the conformance testing software when reading the BDIR. The
particular data subsets read are context dependent, but examples would include Finger Views Read and
Minutiae Read.
A.2.3.4.4 Bytes Read
Refers to the number of bytes within a specific subset of the BDIR which contains the data associated with a
particular group of related elements defined in the data format specification. The Bytes Read operand is
...