title>Financial services—Biometrics—Security framework - GB/T 27912-2011 - Chinese standardNet - bzxz.net
Home > GB > Financial services—Biometrics—Security framework
Financial services—Biometrics—Security framework

Basic Information

Standard ID: GB/T 27912-2011

Standard Name:Financial services—Biometrics—Security framework

Chinese Name: 金融服务 生物特征识别 安全框架

Standard category:National Standard (GB)

state:in force

Date of Release2011-12-30

Date of Implementation:2012-02-01

standard classification number

Standard ICS number:03.360;35.240.40

Standard Classification Number:General>>Economy, Culture>>A11 Finance, Insurance

associated standards

Procurement status:ISO 19092-1:2006 MOD

Publication information

publishing house:China Standards Press

Publication date:2012-02-01

other information

Release date:2011-12-30

drafter:Wang Pingwa, Lu Shuchun, Li Shuguang, Liu Yun, Zhao Zheng, Lin Song, etc.

Drafting unit:China Financial Electronicization Corporation, Agricultural Bank of China, China CITIC Bank, Shanghai Yinchen Intelligent Identification Technology Co., Ltd., Beijing Zhongke Hongba Technology Co., Ltd., etc.

Focal point unit:National Financial Standardization Technical Committee (SAC/TC 180)

Proposing unit:People's Bank of China

Publishing department:General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China Standardization Administration of China

competent authority:National Financial Standardization Technical Committee (SAC/TC 180)

Introduction to standards:

GB/T 27912-2011 Financial Services Biometric Identification Security Framework GB/T27912-2011 |tt||Standard compression package decompression password: www.bzxz.net
This standard specifies the security framework for the use of biometric identification mechanisms to authenticate personnel in the financial industry, introduces the types of biometric identification technologies, and explains related application issues. This standard also describes the implementation architecture, specifies the minimum security requirements for effective management, and provides control objectives and usage recommendations for professionals. This standard covers: ————The use of biometrics to authenticate persons and employees participating in financial services by verifying their claimed identity or identifying their individual identity; ————Confirmation of credentials submitted by users during registration to support identity authentication in accordance with risk management requirements; ————Management of biometric information throughout its life cycle, including registration, transmission, storage, identity confirmation, identification and termination; ————The security of biometric information throughout its life cycle, including data integrity, source authentication and confidentiality; ————The application of biometric mechanisms in logical and physical access control; ————Monitoring measures to protect financial institutions and their customers; ————The security of physical hardware used throughout the life cycle of biometric information. This standard does not include: ————Privacy and ownership of individual biometric information; ————Specific technologies related to data collection, signal processing and matching of biometric data, and biometric matching decision-making process; ————Convenient applications of biometric technology in non-authentication aspects, such as voice recognition, user interaction and anonymous access control. This standard applies to mandatory methods of encrypting biometric information due to data confidentiality or other reasons.
class="f14" style="padding-top:10px; padding-left:12px; padding-bottom:10px;"> This standard was drafted in accordance with the rules given in GB/T1.1-2009.
This standard is modified to adopt ISO19092-1:2006 "Biometrics for Financial Services Part 1: Security Framework" (English version).
The technical differences between this standard and ISO19092-1:2006 are as follows:
a) Delete the contents related to ISO19092-2 in the whole text (because the ISO19092-2 proposal has been terminated by ISO, and the deletion of these contents does not affect the integrity of the standard);
b) Delete 10.1.2 in the original standard, because all the key names in this section come from the terminated ISO19092-2;
c) 10.1.2 (original standard 10.1.3) Digital signature "The hash algorithm shall meet the specific requirements of the relevant ISO standards (or equivalent national standards)" is changed to "The hash algorithm shall meet the specific requirements of the relevant national standards";
d) Delete the item "shall be hashed over plain text data, the text consists of one or more BiometricHeader and BiometricData type values, in addition to the BiometricHeader and BiometricData values, it shall also include a value of IntegrityBlock type" in 10.1.2 (original standard 10.1.3) of the digital signature;
e) "key management technology, as shown in Table 1, shall be implemented in accordance with the specific provisions of relevant ISO, ISO/IEC standards (or equivalent national standards), such as ISO11568, or ISO/IEC11770" in 10.1.2 and 10.1.3 (original standard 10.1.3 and 10.1.4) is changed to "key management technology shall be implemented in accordance with the specific provisions of relevant national standards";
f) Delete Table 1 in the original standard (subsequent table numbers are reduced by 1);
g) "encryption algorithm shall be implemented in accordance with relevant ISO, ISO/IEC standards (or equivalent national standards), such as ISO11568, or ISO/IEC11770" in 10.1.3 of the encryption for data confidentiality purposes h) Item 147 of Table 12 in 11.3.1 (Table 13 in the original standard): "Key generation uses a key generation algorithm
, as specified in the ISO standard (or equivalent national standard)" is changed to "Key generation uses a key generation algorithm, as specified in the relevant national standard"; i) "Reference template description (e.g., biometric OID)"
in item d) of Appendix A.3.4 is changed to "Reference template description (e.g., biometric target identifier)";
j) Delete Appendix B.2 of ISO19092-1:2006, because the individual identity recognition standard described therein is not suitable for China's national conditions.
This standard also makes the following editorial changes:
———Change "this international standard", "ISO19092", "this part of ISO19092" and "this part" in the original text to "this standard";
———Delete the foreword of the international standard;
———For the sake of consistency throughout the text, the "crossover rate" in the definition of error rate in 4.21 is changed to "crossover error rate";
———The re-enrollment requirement mentioned in item a) of 9.3.3: "Use original credential materials instead of existing biometric templates. This method can provide an adequate level of assurance, which relies on the reliability and availability of existing biometric templates and technologies" is changed to "Use original credential materials instead of existing biometric templates. This method can provide an adequate level of assurance, which relies on the reliability and availability of existing biometric templates and technologies" (errata);
———Item 300 in Table 22 Integrated Circuit Card (ICC) Lifecycle Control in 11.4.5 is revised from “Unless the CDF is in the activated or reactivated state, the IC cannot be used for financial transactions” to “Unless the CDF is in the activated or reactivated state, the ICC cannot be used for financial transactions” (errata);
———“Using a simple probability model [20] for a single-factor biometric identification system, the probability Pr of no systematic mismatch among N users is” in C.8 is revised from “Using a simple probability model [20] for a single-factor biometric identification system, the probability Pr of a systematic mismatch among N users is” (errata).
This standard is proposed by the People’s Bank of China.
This standard is under the jurisdiction of the National Financial Standardization Technical Committee (SAC/TC180).
The responsible drafting unit of this standard is China Financial Electronicization Corporation.
Participating drafting organizations of this standard: Agricultural Bank of China, China CITIC Bank, Shanghai Yinchen Intelligent Identification Technology Co., Ltd., Beijing Zhongke Hongba Technology Co., Ltd., Beijing Watchdata System Co., Ltd., Hangzhou Zhongzheng Biometric Authentication Technology Co., Ltd., Xinghua Central Branch of the People's Bank of China, Taiyuan Central Branch of the People's Bank of China, Shijiazhuang Central Branch of the People's Bank of China.
The main drafters of this standard.

Preface I
Introduction III
1 Scope 1
2 Conformity 1
3 Normative references 1
4 Terms and definitions 2
5 Abbreviations 7
6 Overview of biometric recognition technology 7
7 Technical considerations 10
8 Basic principles of biometric recognition architecture 14
9 Management and security requirements 18
10 Security infrastructure 22
11 Control objectives for biometric identity confirmation 24
Appendix A (Informative Appendix) Event log 47
Appendix B (Normative Appendix) Biometric registration 50
Appendix C (Normative Appendix) Security considerations 51
Appendix D (Normative Appendix) Security requirements for biometric identification devices 61
Appendix E (Informative Appendix) Existing applications 63
References 65

Some standard content:

ICS 03.360;35.240.40
National Standard of the People's Republic of China
GB/T 27912—2011
Financial services
Biometrics-Security framework
(ISO 19092-1:2006,MOD)
Published on 30 December 2011
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China Administration of Standardization of the People's Republic of China
Implemented on 1 February 2012
GB/T 27912---2011
Conformity
Normative references
Terms and meanings
Abbreviations
Overview of biometric identification technology
Technical considerations...
8 Technical principles of biometric identification architecture
Process and security requirements
Security infrastructure
1] Control objectives for biometric identity confirmation Appendix A (informative appendix) Event log
Appendix B (Normative Appendix)
Biological Characteristics Registration
Appendix (: (Normative Appendix) Safety Considerations Appendix D (Normative Appendix)
Appendix E (Informative Appendix)
References
Safety Requirements for Biometric Identification Equipment
Existing Applications
TTKANTKACA
This standard was drafted in accordance with the rules given in GB/T 1.1-2009. GB/T 27912—2011
This revised standard adopts IS0190921:2005 Biometrics for Financial Services Part 1: Security Frame (English version). The technical differences between this standard and 15019092-1.2005 are as follows: a) Delete the contents related to IS019092-2 in the whole text (IS019092-2 has been terminated by I50, and the deletion of these contents does not affect the integrity of the standard;
Delete 10.1.2 in the original standard. Because the key names in this section are all from the terminated IS0190922: c) 10.1.2 (original standard 10.1.3) digital key names \ The hash algorithm should meet the specific requirements of the relevant 1ISO standard (or equivalent national standard)\Change to "The hash algorithm should meet the specific requirements of the relevant national standard": Except for the item in 10.1.2 (original standard 10.1.3) Digital signature "shall be hashed through the plain text data, the text consists of one or more BiometricHeader and BiometricData type values. In addition to the BiometricHeader and BimetricData values, it should also include an IncgrityHlck:k type value\:) 10.1,2 and 10.1.3 (original standard 0.1.3 and 10.1.4) Key management technology, as shown in Table 1 As shown in the table, "It should be implemented in accordance with the specific provisions of the relevant ISO, ISO/IEC standards (or equivalent national standards), such as IS011568, or IS0/IE1177" is changed to "The key management technology should be implemented in accordance with the specific provisions of the relevant national standards"; f) Delete Table 1 in the original standard (the abbreviation of the table after 1 is removed); 10.1.3 "The encryption algorithm for data confidentiality purpose should be in accordance with the specific provisions of the relevant ISO)) standards (or equivalent national standards)" "The encryption algorithm should be implemented in accordance with the specific provisions of the relevant national standards"; h) Item 147 of Table 12 in 11.3.1 (Table 13 in the original standard): "The key generation algorithm is generated using the key generation algorithm, as specified in [ISO) standards (or equivalent national standards)" is changed to "The key generation algorithm is generated using the key generation algorithm, as specified in [ISO) standards (or equivalent national standards)" j) Delete Appendix B.2 of IS019092-1:2006. Because the personal identification standard described there is not suitable for my country's national conditions, this standard also makes the following editorial changes: - Change the original "this international standard", "ISO19992", "this part of IS019092", "this part" to "this standard": - Delete the foreword of the international standard,
... For the sake of consistency in the whole text, the "crossover rate" in the definition of error rate in 4.21 is changed to "crossover error rate";
- The re-registration requirement mentioned in item a) of 9.3.3: use the original credential material instead of the existing biometric template. This method provides a sufficient level of assurance, which relies on the reliability and availability of existing biometric templates and technologies. The revision of "Using original assurance materials instead of existing biometric templates. This method provides a sufficient level of assurance, which relies on the reliability and availability of original credential materials" (Corrigendum: Table 22 of 11.4.5 of 300 items in Integrated Circuit Card (ICC) Lifecycle Control\Unless (IF is in the activated state or reactivated state, otherwise: cannot be used for financial transactions" is changed to "Unless the CDF is in the activated state or reactivated state, it cannot be used for financial transactions" (Corrigendum): "For a single-factor biometric recognition system using a simple probability model [20], the probability P of no systematic mismatch among N users is" is changed to "For a single-factor biometric recognition system using a simple probability model [207, the probability I of a systematic mismatch among N users is (Corrigendum). T
TTTKAONYKACA
GB/T 27912—2011
This standard is proposed by the People's Bank of China.
This standard is sponsored by the National Technical Committee for Standardization of Enterprise Finance (SAC/\C180). The responsible drafting unit of this standard is China Financial Electronicization Company, and the drafting units of this standard are: Agricultural Bank of China, China CITIC Bank, Shanghai Yinchen Intelligent Identification Technology Co., Ltd., Beijing Zhongke Hongba Technology Co., Ltd., Beijing Wushang Data System Co., Ltd., Hangzhou Zhongzheng Niu Biological Certification Technology Co., Ltd., Xinghua Central Branch of the People's Bank of China, Taiyuan Central Branch of the People's Bank of China, and Xingjiazhuang Central Branch of the People's Bank of China. The main drafters of this standard are: Shang Pingxing, Lu Shuchun, Shuguang, Liu Yun, Zhao Zheng, Lin Song, Zeng Wenbin, Qiu Xianchao, Yu Weihua, Zhu Lin, Liang Min, Lv Ying, Zhong Zhihui, Zhang Longlong, and Li Jun.TTKANYKAcA
GB/T 27912—2011
With the introduction of computer technology, business models have undergone major changes. Electronic transactions have replaced previous paper transactions, reducing advertising costs and improving efficiency. These transactions are in an open network environment, and there is a risk of data being compromised. The financial industry needs to take appropriate measures to deal with these risks:
Biometric identification, that is, the identification method of "who you are or what you can do", has been around for several years, including fingerprint recognition, voice recognition, eye scanning, face recognition, etc. Biometric identification technology is becoming more reliable and its cost is gradually decreasing, making its implementation in the financial industry a reality.
This standard describes the mechanisms and processes for using biometric identification technology as an identification mechanism to protect remote electronic access or local physical access to the financial industry.
Biometric identification technology can be used to authenticate the identity of a person during physical or logical access. Logical access can include access to applications, services or authorizations. This standard can promote the application of biometric identification in the financial industry and promote the management of biometric identification information as an integral part of information security management in commercial organizations. This standard provides a strong authentication mechanism for public key infrastructure (PKI) by using biometrics to provide a stronger authentication method and multi-factor authentication mechanism. In addition, this standard allows for re-confirmation that the person who generated the digital signature is actually the person with limited access to the private key. The widespread use of biometric systems is based on a number of factors, and existing biometric technologies vary in these factors, including:
- convenience and ease of use;
- external security level;
- performance;
- non-invasiveness.
The authentication mechanisms discussed in this standard are limited to closed user groups.Group members have agreed to use biometric technology for identification. These agreements can be explicit (service agreements) or implicit (such as access to a facility indicates an incentive to perform a transaction). Systems that regulate personnel are not within the scope of this standard: this standard also uses technologies to protect the integrity and confidentiality of biometric information and provide authentication mechanisms: this standard does not ensure that the implementation of the project is sufficient. Financial institutions are responsible for setting up appropriate business processes and implementing necessary controls to ensure that business processes operate safely. In addition, to verify consistency with this standard, control measures should include appropriate audit tests. Application
TTTKAONATKACA
1 Scope
Biometric Identification for Financial Services
Security Framework
GB/T27912—201
This standard specifies the security framework for the use of biometric identification mechanisms in the financial industry to identify personnel, introduces the types of biometric identification technologies, and explains related application issues. The standard also describes the implementation architecture, specifies the minimum security requirements for effective management, and provides control criteria and usage recommendations for professionals. This standard includes:
- Use biometric identification technology to identify the identities of personnel and employees involved in financial services by verifying their claimed identities or identifying their individual identities.
According to risk management requirements, the credentials submitted during user registration are input to support identity authentication; biometric information is managed throughout the life cycle, including registration, transmission, storage, identity confirmation, identity identification, and termination processes: || tt||- The security of biometric identification information throughout its life cycle, including data integrity, source authentication and confidentiality; the application of biometric identification mechanisms in logical and physical access control; monitoring measures to protect financial institutions and their customers; the security of physical hardware used throughout the life cycle of biometric identification information. This standard does not include:
The privacy and ownership of an individual's biometric identification information; specific technologies related to data collection, signal processing and matching of biometric data, and biometric matching decision-making processes;
The convenience of biometric identification technology in non-identification aspects, such as the use of voice recognition, user interaction and name access control.
This standard applies to biometric identification for data confidentiality or other reasons. Although this standard does not address the specific requirements and restrictions on business application systems using biometric identification technology, other standards may discuss these issues. 2 Conformance
If the implementation of the biometric identification system meets the management and security requirements of this standard, it can be claimed to conform to this standard. A biometric identification system that adopts the cryptographic message requirements recommended by this standard and adopts appropriate policies, implementation and operation can be claimed to conform to this standard.
By meeting the management and security requirements in Chapters 9 and 10 of this standard, many aspects of the conformity requirements of the biometric identification system can be met, and its implementation methods, related policies, and operational procedures can be verified to meet the confirmation control requirements in Chapter 11. The relevant organizations can use the biometric event log specified in the attached requirements to record compliance with the operational requirements of this standard. 3 Normative references
The following documents are indispensable for the application of this document. For all dated references, the version with the date applied to this document is applicable. For all undated references, the latest version (including all amendments) applies to this document. IS()10202-3 Financial transaction cards: Security architecture of financial transaction systems using integrated circuit cards Part 3: Key relationships (Financial transaction eards Security architecture of firuancial transaction systems using integral e rirr:uit enrd-Parl 3: Cryptographic key relationships) 1so/iec1979 Information technology security technology - Security requirements for cryptographic modules (Indornatioltechnology - Security requirements for cryptographic modules 4 Terms and definitions
The following terms and definitions apply to this document, 4. 1
Adaptation
The process of automatically updating or refreshing a reference template. 4.2
Attempt llempt
In a biometric recognition system, the submission of a sample of a biological feature of a part of an individual's body for the purpose of enrollment, confirmation or identification. Note that an individual may make multiple enrollment, confirmation or identification attempts. 4.3
Preclassificationbioniag
The classification of the total number of biological characteristic patterns inherent in a gene. 4.4
Biometric
A measurable feature of human physiology or behavior that can reliably distinguish a person from others in order to identify the identity of the registrant or confirm that I am the person who has registered. 4.5
Biometric authenticationbiometrlc Authentication is the process of confirming the identity of an individual through confirmation or recognition. 4.6
Biometric data
The information extracted from the biometric sample is used to generate a reference template or matching template. 4.7
Biometric identification is the process of comparing the submitted biometric sample with some or all of the registered reference templates to determine the identity of the individual.
Biometric identification policy (BP) Named set of rules that indicate that the application of biometric templates has uniform security requirements for a group or a class of applications. 4.9
Biometric Practice Statements (EPs) Hiametric Practice Statements (BPs) An implementation statement that an organization complies with during the life cycle of a biometric template (e.g., creation, management, and elimination). Including business, legal partners, rules, technical matters, etc.
TTIKANYKACA
Biometric sample biometriesample
Original (raw) biometric data obtained after collection and processing. 4.11
Biometric systemAn automated system that can collect, present, compare and return a decision result (match/no match).4. 12
Biometric verificationGB/T 27912—2011
The process of comparing a matching template with its specific reference template based on the claimed identity (e.g., user ID, account number).4.13
Capture
Acquire a biometric sample,
Claim of identily
The name or index of the reference template or registrant of the claimed identity when the biometric recognition system performs identity verification.4. 15
Claiman
The person who submits a biometric sample for identity verification, 4. 16
Confidentiality
Refers to the property that information is not available or disclosed to unauthorized individuals, entities or processes. [ISO/TR 13569:2Q05;ISO 15782-1:2003+1S0/IEC 13335-1:2004]4.17
Cryptographic exchange The secure transmission or storage of data or cryptographic elements under the protection of a key. 4.18
Decision Policydecisionpoliey
The biometric system provides a match or no match decision through a decision policy, which includes the following factors: - The match threshold of the biometric system - The number of match attempts allowed per transaction; - The number of reference templates registered by each claimant; - The number of different biometric samples (e.g., different fingerprints) registered by each claimant; - The number of biometric technologies used when the claimant registered (e.g., fingerprint, voice): - Internal controls used during the matching process to detect whether the biometric samples are the same Note: In this matching process, the biometric system can use multiple test templates (e.g., a multi-biometric system uses a system that creates and stores test templates from multiple fingerprints) in a parallel, weighted, or fusion model. 4. 19
Encryptionencryption
The reversible conversion of plaintext (readable) into ciphertext (unreadable) through a cryptographic algorithm to hide the plaintext information content. 4.20
Enrolment
The process of collecting a biometric sample from a person and generating and storing a biometric reference template. Note: See also initial enrolment. (1, 6) and re-enrolment (4, optional). 3
TTKANYKAA
GE/T 27912—2011
Equal Error Rate (EER) The decision threshold of a system is set so that the false match rate is equal to the false mismatch rate. The probability or percentage of error in this case is also called the acceptance error rate.
Extraction
Feature Extraction
The process of converting raw biometric data into processed biometric data for template comparison or creation of a reference template. 4.23bzxZ.net
Facial features
Biometric recognition technology based on unique features of the face, including features in the visible spectrum, features in the infrared spectrum, or both.
Failure to acquire
The failure of a biometric recognition system to collect a biometric sample or extract biometric data from a sample that is insufficient to produce a reference template or matching template. 4.25
Failure to enroll
The failure of a biometric recognition system to collect one or more biometric samples or extract biometric data from a sample that is insufficient to produce a reference template.
False acceptance rate (FAR) In a one-to-one system, the probability that a biometric recognition system incorrectly identifies an individual or fails to identify a candidate. NOTE: For a positive (confirmation) system, it can be estimated by dividing the number of false acceptances by the number of identity extraction attempts made by the person. 4.27
false match rate (FMR)
The rate at which false matches occur by the matching algorithm for a single template comparison attempt. NOTE: For biometric systems that use a single attempt to determine acceptance, FMR equals FAR: When multiple attempts are combined to determine acceptance, FAR is more meaningful than FMR at the system level. 4.28
false non-match rate (FNMR) The rate at which no matches are successful by the matching algorithm for a single template comparison attempt. NOTE: For biometric systems that use a single attempt to determine acceptance, FVMR equals FRR. When multiple attempts are combined to determine acceptance, FRR is more meaningful than FNMR at the system level. Meaning: 4.29
False rejection rate (FRR) The probability that a biometric system fails to identify the true enrollee. Note: For a positive (confirmation) system, it can be estimated by dividing the number of false rejections by the number of times the enrollee attempts to confirm his identity. 4.30
Rillering
Separating the database by using information other than the user's biometric characteristics, such as gender, age or ethnicity. 4.31
Finger geometry
Biometric identification technology based on the unique characteristics of the shape and size of one or more fingers. TTTKAONYKACA
Fingerprint identification fingerprintbinmctricsGB/T 27912—2011
Biometric identification technology based on the unique characteristics of the top and bottom lines of an individual's fingertips (such as finger minutiae and finger pattern matching). 4.33
handgeometrr,hand identificationBiometric recognition technology based on the unique characteristics of the shape and size of the hand. 4.34
impostnr
A person who submits a biometric sample and intentionally or unintentionally attempts to be identified as someone else… 4.35
information securityEnsuring the authenticity, integrity and availability of information, as well as other attributes such as authenticity, accountability, non-repudiation and reliability. [IS0/IEC17799:2005]
Initial enrolment
The process of first enrolling a person's biometric data. The individual shall provide some form of identification, such as a password or 11, to establish or confirm identity
Note: See enrolment 4,2 re-enrolment 4.17) 4.37
Integrity
The property of protecting the correctness and completeness of information - IS0/IEC13335-1;2004 7
iris biometrics
Biometric recognition technology based on the unique characteristics of the iris. 4.39
Matching
The process of comparing a matching template with a previously stored reference template and scoring the similarity or correlation between the two. 4.40
match templatematchtemplate
data representing the claimant's biometric features, extracted from the claimant's biometric sample and used by the biometric recognition system to compare with one or more pre-stored reference templates. 4.41
multi-biometric authenticationA biometric authentication mechanism that uses two or more different biometric features. NOTE: For example, fingerprint recognition combined with iris recognition, or voice recognition combined with facial recognition. 4.42
multi-factor authenticationA authentication mechanism that uses two or more factors: knowledge, "something an individual knows"; persistence, "something an individual has"; and biometric factor, "something an individual has or can do". GB/T 27912—2011
one-to-many
one-to-many
biometric identity recognition.
--one-to-one
biometric identity confirmation.
palm bionetrics
biometric identification technology based on the unique characteristics of the palm. Including details/details and/or palm lines. 4.46
raw biometric dataraw biometric data collected from a sensing device in unprocessed digital form (such as a fingerprint image or sound stream), suitable for subsequent processing to create a biometric sample or template. 4.47
re-enrolrnent
The process of enrolling an individual's biometric data after the biometric data has been enrolled at least once. Note: See enrolment (4.2c) and initial enrolment (4.36). 4.48
reference template
Data representing the biometric characteristics of the registrant, extracted from the biometric sample of the registrant, stored and used by the biometric recognition system for comparison with the matching templates subsequently submitted. 4.49
registration
The process by which a person proves his or her identity by providing credentials to the biometric service provider before being allowed to register and assigned an electronic identity.
retinal features retinal biamelries A biometric recognition technology based on the unique characteristics of the retina. 4.51
risk management risk management
The various measures to guide and control an organization's risks. LISO/IEC Guide 73:20021
score gcore
The numerical representation of the similarity of two templates when they are matched. Note: The specific method of generating the biometric score and the accuracy of indicating a match or failure is up to each biometric manufacturer. 4.53
Signature Werification Biometrics Biometrics based on the uniqueness of a handwritten signature or other written symbol. 4.54
single-factor authentication Single-factor authentication: A knowledge factor, "something an individual knows", B possession factor, "something an individual has": biometric factor, "something an individual has". Template
Data representing an individual's biometric features. Biometric recognition systems are used to perform biometric matching. Note: See matching template (4.4C) and reference template (4.4%) 4.56
Threshold
GB/T 27912—2011
A numerical point below which the similarity between two templates being compared is sufficient to establish a "match" relationship, and below which the similarity between two templates being compared is low enough to establish a "mismatch" relationship. Note: The threshold can be adjusted at the system level to reduce the FalseMarchRate (4.27) or the FalkeNon-le:h Rale (4. 28).
Voice Feature Recognition
Jvoice blometries
Biometric identification technology based on the uniqueness of the acoustic information of the speaker's voice. Abbreviations
Advanced Encryption Standard (AdvancedEneryptionStandard)Automated Teller Machine (AutomatedTellcrMarchine)Biometric Information Security Management System (RinumnetricsInformationSerutityManagenenSystem)Certificate Authority (CertificaitonAuthnrily)Data Encryption Algorithm (3ata EnrryptionAlgorithrn)Data Encryption Standard (DataEncryptionStandard)Dynamic Signature Verification (DynamicSignatureVerilication)Integrated Circuit (Integrated IC card (Integrated Circuit Card) Identification (Identification)
Key Encryption Key (KeyEncryptionKey) Public Infrastructure (PublicKeyInlrastructure) 6 Overview of Biometric Recognition Technology
6.1 Introduction
Biometric recognition technology describes the issues related to confirming personal identity in financial transactions. Registration is a prerequisite for formal biometric registration. Everyone should meet with biometric recognition before being allowed to register. The service provider provides credentials to prove its identity. This ensures that the biometric reference template actually belongs to the registrant. Biometric identification is based on the widely accepted fact that certain physiological or behavioral characteristics can reliably distinguish a person. Biometric identification technology involves the automatic collection and comparison of these characteristics. These characteristics are stored in digital form on electronic media1: and are used to confirm the identity of an individual. The typical authentication process using biometric identification technology includes the following basic steps: a) Collect biometric data; b) Evaluate the quality of the collected biometric data. Collect new data if necessary; process the collected biometric data:1 Introduction
Biometric identification addresses the issue of confirming an individual's identity for use in financial transactions. Registration is a prerequisite for formal biometric enrollment. Each person should provide credentials to the biometric service provider to prove their identity before being allowed to enroll. This ensures that the biometric reference template actually belongs to the registrant. Biometric identification is based on the widely accepted fact that certain physiological or behavioral characteristics can reliably distinguish a person. Biometric identification technology involves the automatic collection and comparison of these characteristics. These characteristics are stored in digital form on electronic media1: and are used to confirm the identity of an individual. The typical authentication process using biometric identification technology includes the following basic steps: a) Collect biometric data;
b) Evaluate the quality of the collected biometric data. Collect new data if necessary: ​​Process the collected biometric data:1 Introduction
Biometric identification addresses the issue of confirming an individual's identity for use in financial transactions. Registration is a prerequisite for formal biometric enrollment. Each person should provide credentials to the biometric service provider to prove their identity before being allowed to enroll. This ensures that the biometric reference template actually belongs to the registrant. Biometric identification is based on the widely accepted fact that certain physiological or behavioral characteristics can reliably distinguish a person. Biometric identification technology involves the automatic collection and comparison of these characteristics. These characteristics are stored in digital form on electronic media1: and are used to confirm the identity of an individual. The typical authentication process using biometric identification technology includes the following basic steps: a) Collect biometric data;
b) Evaluate the quality of the collected biometric data. Collect new data if necessary: ​​Process the collected biometric data:
Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.