ISO/IEC JTC 1/SC 17 - Cards and security devices for personal identification

This document specifies test methods for testing conformity of a mobile driving licence (mDL) or an mDL reader to ISO/IEC 18013-5. This document specifies test methods for: — mDL on its interface to an mDL reader; — mDL reader on its interface to an mDL; — mDL reader on its (optional) interface to an issuing authority infrastructure. Test cases for an issuing authority infrastructure on its interface to an mDL reader are not included in this document. Test cases for the use of OpenID Connect (OIDC) by an mDL reader on its interface to an issuing authority infrastructure are not included in this document. This document only provides test cases for the use of WebAPI on this interface. This document only addresses the functional behaviour of an implementation under test (IUT) on its interface(s) in scope. It does not address: — the internal implementation of an IUT, such as a secure area in an mDL; — any functional requirements to an IUT not specified in ISO/IEC 18013-5, for example, requirements of a particular issuing authority; — non-functional aspects of the IUT, nor IUT interfaces not listed above, such as the interface from an issuing authority infrastructure to an mDL, used to provision mDL data.

This document establishes: — functional architecture of a Biometric System-on-Card (BSoC); — definition of Type ID-1 BSoC (ISO/IEC 7810 conformant) and Type ID-T BSoC (see ISO/IEC 18328-2:2021, Annex A) implementation of a BSoC; — sensor types in a BSoC; — requirements to a BSoC with respect to: — discriminative power (i.e. biometric accuracy criteria); — interfaces; — power supply options. — The following aspects are out of scope of this document (see ISO/IEC 24787-1): — off-card biometric comparison, storage-on-card; — on-card biometric comparison (sensor-off-card); — work-sharing implementations; — detailed specification and configuration of individual components. This document provides a functional architectural description of a BSoC and describes how the interfaces are mapped using existing commands and data structures from other International Standards.

This document specifies mechanism for use of certification on trustworthiness of secure area that is defined in ISO/IEC 23220-1. This document aims at enabling secure area providers to describe capabilities and confidence level of secure area for verification by eID issuers or mobile eID Attestation service providers, or both. This document specifies: — list of elements describing capabilities and confidence level of a secure area; — structure and management for use of a certificate, affixed or not to the secure area, containing that list of elements. This document refers to existing standards and applicable industry specifications which partly address the trustworthiness related issue (e.g. DLOA specified in GlobalPlatform specification GPC_SPE_095[ REF Reference_ref_3 \r \h 1 08D0C9EA79F9BACE118C8200AA004BA90B0200000008000000100000005200650066006500720065006E00630065005F007200650066005F0033000000 ], MDS specified in FIDO Alliance specification[ REF Reference_ref_4 \r \h 2 08D0C9EA79F9BACE118C8200AA004BA90B0200000008000000100000005200650066006500720065006E00630065005F007200650066005F0034000000 ], and SAAO specified in ISO/IEC TS 23220-3), and aims to minimize the differences between them.

This document establishes conformance testing for the requirement described in ISO/IEC 24787-2, which is: — work-sharing on-card biometric comparison. Measuring the performance of on-card biometric comparison algorithms such as error rates or speed is not within the scope of this document.

This document augments the capabilities of the mobile driving licence (mDL) standardized in ISO/IEC 18013-5 with the following additional functionality: — presentation of a mobile driving licence to a reader over the internet.

This document establishes conformance testing for the requirements described in ISO/IEC 24787-1, which are: — framework for on-card biometric comparison, both in sensor-off-card systems and as part of Biometric System-on-Card; — security policies for on-card biometric comparison. Measuring the performance of on-card biometric comparison algorithms such as error rates or speed is not within the scope of this document.

This document establishes requirements and recommendations for the design format and data content of a drone or UAS remote pilot and remote crew licence, encompassing both visual human-readable features and machine-readable technologies. By establishing a common basis, this document aims to standardize drone or UAS remote pilot and remote crew licence without impeding the efforts of individual national or regional drone or UAS-related authorities. NOTE Not all jurisdictions require drone or UAS remote pilot and remote crew licences.

This document defines test methods which are specific to proximity cards and objects, proximity coupling devices and proximity extended devices, defined in ISO/IEC 14443-1, ISO/IEC 14443-2, ISO/IEC 14443-3 and ISO/IEC 14443-4. NOTE Test methods defined in this document are intended to be performed separately. A given proximity card or object, proximity coupling device or proximity extended device, is not required to pass through all the tests sequentially. The conformance test plan defined in Annex O specifies the list of tests required for each part of the ISO/IEC 14443 series.

This document specifies test methods for testing conformity of a mobile driving licence (mDL) or an mDL reader to ISO/IEC 18013-5. This document specifies test methods for: — mDL on its interface to an mDL reader; — mDL reader on its interface to an mDL; — mDL reader on its (optional) interface to an issuing authority infrastructure. Test cases for an issuing authority infrastructure on its interface to an mDL reader are not included in this document. Test cases for the use of OIDC by an mDL reader on its interface to an issuing authority infrastructure are not included in this document. This document only provides test cases for the use of WebAPI on this interface. This document only addresses the functional behaviour of an implementation under test (IUT) on its interface(s) in scope. It does not address: — the internal implementation of an IUT, such as a secure area in an mDL; — any functional requirements to an IUT not specified in ISO/IEC 18013-5, for example, requirements of a particular issuing authority; — non-functional aspects of the IUT, nor IUT interfaces not listed above, such as the interface from an issuing authority infrastructure to an mDL, used to provision mDL data.

This document specifies data objects and encoding rules of generic eID-Systems in terms of building blocks for mobile document system infrastructures, and standardizes generic data models for data exchanges between mdoc apps and verification applications. This document is applicable to entities involved in specifying, architecting, designing, testing, maintaining, administering, and operating a mobile eID-System in parts or as a whole.

This document specifies considerations that can be of use to implementers and developers that elect to participate in work around updates to ISO/IEC TS 18013-7. These considerations are intended to support the improvements, to maximize backward compatibility and to, at minimum, maintain the security and privacy properties already embodied in ISO/IEC TS 18013-7.

This document augments the capabilities of the mobile driving licence (mDL) standardized in ISO/IEC 18013-5 with the following additional functionality: — presentation of a mobile driving licence to a reader over the internet.

This document defines: — dimensions of a type ID-1 Biometric System-on-Card (BSoC) and type ID-T BSoC; — position and capture area of the biometric capture device according to the needs of the biometric modality; — minimum requirements to a BSoC with respect to: — mechanical durability; and — human-machine interface and ergonomics. This document is not applicable to other on-card devices such as an electronic display or a keypad.

This document provides requirements and general principles and specifications for a biometric comparison methodology suitable for the on-card environment. This document establishes — architectures of biometric comparison using an ICC, — on-card biometric comparison, both in sensor-off-card systems and as part of biometric system-on-card, and — security policies for on-card biometric comparison. This document does not establish — requirements for off-card biometric comparison, — requirements for biometric system-on-card (defined in the ISO/IEC 17839 series), — work-sharing on-card biometric comparison (defined in ISO/IEC 24787-2), or — modality-specific requirements for storage and comparison.

This document provides requirements for a biometric comparison methodology suitable for the on-card environment. In particular, it establishes the work-sharing on-card biometric comparison techniques that require an intensity exceeding the capabilities of integrated circuit cards (ICCs). This document does not establish — architectures of biometric comparison using an ICC, — on-card biometric comparison, both in sensor-off-card systems and as part of biometric system-on-card, — security policies for on-card biometric comparison, — requirements for off-card biometric comparison, — requirements for biometric system-on-card (defined in the ISO/IEC 17839 series), or — modality-specific requirements for storage and comparison.

This document specifies cryptographic functions of the drone/unmanned aircraft system (UAS) security module. The drone/UAS security module is a security device that serves as a container for the drone/UAS pilot license, drone/UAS operator license, and other personal identification. It provides storage space for storing optional elements and has the capability of cryptographic functions including integrity validation, authentication and data encryption.

This document comprises a methodology for determining a test plan to simulate a card's service life. The methodology defines two parameters of card service life: the expected card service life in years and the average number of uses per day. This document and ISO/IEC 24789-2, together along with ISO/IEC 10373-1 describe the evaluation methods to be used and their criteria. This document was originally developed for ID-1 cards conforming to ISO/IEC 7810 but can be useful in whole or in part for other types and form factors.

This document provides methods of evaluation for ID-1 identification card service life for the applications provided in ISO/IEC 24789-1. The listed evaluation methods represent available tests, not mandatory tests. The selection of mandatory tests is listed in ISO/IEC 24789-1.

This document describes the software (SW) layer called “proxy”. It supports the programming interface to security devices and the application using this API to access the application related security devices defined in ISO/IEC TS 23465-2. This document is applicable to: — proxy requirements, functionality and layers; — resolving mechanisms for API functions; — data structures related to security device handling; — translation for security device communication; — serialization/de-serialization syntax and methods.

This document specifies directly or by reference, data elements, including composite data elements that are applicable to interindustry interchange. It identifies the following characteristics of each data element: — identifier; — name; — description and reference; — format and coding (if not available in other ISO standards or parts of the ISO/IEC 7816 series). The layout of each data element is described as seen at the interface between the interface device and the card. This document provides the definition of data elements without consideration of any restrictions on the usage of the data elements. It does not cover the internal implementation within the card and/or the outside world. With the exception of login data objects (6.5), only application class tags are eligible in this document. When using an interindustry template, an application is allowed to nest context-specific class tags (see ISO/IEC 7816-4) under such a template unless it is previously marked as reserved for future use by ISO/IEC JTC 1/SC 17.

This document introduces and describes the concept of the application programming interface (API) to security devices with the intention to simplify the usage of commands and mechanisms defined by the ISO/IEC 7816 series. This document gives guidelines on: — the system overview and description of the system of the programming interface; — the architecture description; — the data model in general, used by the API; — the use cases and the usage model of the API.

This document describes the following aspects of the programming interface between the client application dealing with the security device and the proxy, based on the framework outlined in ISO/IEC 23465-1: — the generic API definition; — state and security models for use cases; — class and API definitions of functionality, defined in other standards, e.g. the ISO/IEC 7816 series.

This document specifies generic system architectures and generic life-cycle phases of mobile eID systems in terms of building blocks for mobile eID system infrastructures. It standardizes interfaces and services for mdoc apps and mobile verification applications. It is applicable to entities involved in specifying, architecting, designing, testing, maintaining, administering and operating a mobile eID system in parts or entirely.

This document specifies security-related interindustry commands that are intended to be used for personal verification through biometric methods in integrated circuit cards. It also defines the data structure and data access methods for use of the card as a carrier of the biometric reference and/or as the device to perform the verification of the cardholder's biometric probe (on-card biometric comparison). Identification of persons using biometric methods is outside the scope of this document.

This document defines physical characteristics and test methods for cards with devices, including but not limited to, power supplying devices, displays, sensors, microphones, loudspeakers, buttons or keypads. This document also covers aspects of coexistence of technologies of devices on the card and other machine-readable card technologies. Additional requirements related to biometric capture devices are defined in ISO/IEC 17839-2. Such requirements can be applied in addition to the ones defined in this document. ISO/IEC 17839-2 defines a type S2 card; the physical dimensions of the type S2 card are specified in Annex A.

This document establishes interface specifications for the implementation of a driving licence in association with a mobile device. This document specifies the interface between the mDL and mDL reader and the interface between the mDL reader and the issuing authority infrastructure. This document also enables parties other than the issuing authority (e.g. other issuing authorities, or mDL verifiers in other countries) to: — use a machine to obtain the mDL data; — tie the mDL to the mDL holder; — authenticate the origin of the mDL data; — verify the integrity of the mDL data. The following items are out of scope for this document: — how mDL holder consent to share data is obtained; — requirements on storage of mDL data and mDL private keys.

This document defines the conformance test plan, based on ISO/IEC 10373-6, for the contactless interface of eMRTDs and eMRTD associated readers compliant with ICAO Doc 9303. Application requirements for eMRTD and eMRTD reader are outside of the scope of this document and are defined in ICAO Doc 9303-10.

This document summarizes how some of the main international standards and recommendations approach personal identification and its related information security, with regard to the integration of biometrics and integrated circuit cards (ICCs). It also provides examples of how biometrics and ICCs are integrated in applications.

This document specifies interindustry commands which can be used for security operations. This document also provides informative directives on how to construct security mechanisms with commands defined in ISO/IEC 7816‑4. The choice and conditions of use of cryptographic mechanism in security operations can affect card exportability. The evaluation of the suitability of algorithms and protocols is outside the scope of this document. It does not cover the internal implementation within the card and/or the outside world.

This document specifies the requirements for a protocol derived from HCI/HCP (see ETSI TS 102 622) enabling communication for devices regardless of data link and physical layers. This document covers the following: a) outline of a system comprised of one or more hosts and one controller; b) extension of connection topology between hosts and host controller (i.e. star topology and additional other topologies); c) segregation between existing system using ETSI TS102 613 and new system compliant to this document (this document refers ETSI TS 102 613, but does not change its specification and does not use RFU). For ETSI TS 102 622, data link layer and physical layer like SWP specified in ETSI TS 102 613 is out of the scope. Albeit questioned in this document, the duplication of OSI transport layer by e.g. enforcing encapsulation of HCP into T=1 or the reverse, is out of the scope.

This document defines the technical requirements to be met by contactless public transport (PT) devices in order to be able to interface together using the ISO/IEC 14443 (all parts) contactless communications protocol. This document applies to PT devices: — PT readers which are contactless fare management system terminals acting as a PCD contactless reader based on ISO/IEC 14443 (all parts); — PT objects which are contactless fare media acting as a PICC contactless object based on ISO/IEC 14443 (all parts). This document addresses interoperability of consumer-market NFC mobile devices, compliant to NFC Forum specifications, with above mentioned PT devices, aligns with ISO/IEC 14443 (all parts) and does not seek to limit compliance for PT readers with EMV Contactless Interface Specification.

This document lists all the test conditions to be performed on a PT reader or a PT object in order to ensure that all the requirements specified in ISO/IEC TS 24192-1 are met for the PT device under test. This document applies to PT devices only: — PT readers which are contactless fare management system terminals acting as a PCD contactless reader based on ISO/IEC 14443 (all parts); — PT objects which are contactless fare media acting as a PICC contactless object based on ISO/IEC 14443 (all parts). This document applies solely to the contactless communication layers described in ISO/IEC 14443 (all parts). Application-to-application exchanges executed once contactless communication has been established at RF level fall outside the scope of this document. However, a test application is used to make end-to-end transactions during tests on the RF communication layer. This document does not duplicate the contents of ISO/IEC 14443 (all parts) or ISO/IEC 10373‑6. It makes reference to the ISO/IEC 10373‑6 applicable test methods, specifies the test conditions to be used and describes the additional specific test conditions that can be run.

This document describes the test methods for characteristics of identification cards according to ISO/IEC 7810 and other standards, such as those listed in the Introduction. NOTE 1 Criteria for acceptability do not form part of this document but are found in other International Standards including those mentioned in the introduction. NOTE 2 Test methods described in this document are intended to be performed separately. A given card is not required to pass through all the tests sequentially.

This document specifies the characteristics of the fields to be provided for power and bi-directional communication between proximity coupling devices (PCDs) and proximity cards or objects (PICCs). This document does not specify the means of generating coupling fields, nor the means of compliance with electromagnetic radiation and human exposure regulations, which can vary depending on the country.

The ISO/IEC 10373 series defines test methods for characteristics of identification cards according to the definition given in ISO/IEC 7810. Each test method is cross‑referenced to one or more base standards, which can be ISO/IEC 7810 or one or more of the supplementary standards that define the information storage technologies employed in identification card applications. NOTE 1 Criteria for acceptability do not form part of the ISO/IEC 10373 series, but can be found in the International Standards mentioned above. This document defines test methods which are specific to proximity cards and objects, proximity coupling devices and proximity extended devices, defined in ISO/IEC 14443‑1, ISO/IEC 14443‑2, ISO/IEC 14443‑3 and ISO/IEC 14443‑4. NOTE 2 Test methods defined in this document are intended to be performed separately. A given proximity card or object, proximity coupling device or proximity extended device, is not required to pass through all the tests sequentially. ISO/IEC 10373‑1 defines test methods which are common to one or more integrated circuit card technologies and other parts in the ISO/IEC 10373 series deal with other technology‑specific tests. The conformance test plan defined in Annex O specifies the list of tests applicable for each part of the ISO/IEC 14443 series.