Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hosted by: June 23-26, 2003 New York City State of Biometric Standards Jeff Stapleton, Manager Information Risk Management

Published byEileen Little Modified over 9 years ago

Similar presentations

Presentation on theme: "Hosted by: June 23-26, 2003 New York City State of Biometric Standards Jeff Stapleton, Manager Information Risk Management"— Presentation transcript:

1 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com State of Biometric Standards Jeff Stapleton, Manager Information Risk Management Jstapleton@kpmg.com (314) 444-1447 Chair X9F4 www.x9.orgwww.x9.org Chair WG10 www.tc68.orgwww.tc68.org

2 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 1 Agenda – Biometric Standards Standards Bodies –International Standards Bodies –USA Domestic Standards Bodies State of the Standards –Past Achievements –Present Activity –Future Work in Progress Who are they? What Are they doing?

3 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 2 International Standards Bodies International Organization for Standardization International Electrotechnical Commission Joint Technical Committee One SC 17 Cards & Personal Identification SC 17 Cards & Personal Identification SC 27 IT Security Techniques SC 27 IT Security Techniques SC 37 Biometric Technology SC 37 Biometric Technology TC 68 Banking, Securities and Financial services TC 68 Banking, Securities and Financial services SC 2 Security and General Banking Operations SC 2 Security and General Banking Operations Formal Liaison Relationships Relative to Biometric Standards

4 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 3 Informal Bodies USA Standards Bodies International Organization for Standardization International Electrotechnical Commission Joint Technical Committee One Accredited Standards Committee USA National Standards Body BioAPI Consortium

5 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 4 US Interactive Relationships Financial Services Security Financial Services Industry Biometric Security Retail Banking Public Key Infrastructure incits IT Security T4 M1 B10 SC27 SC37 SC17 Biometric Technology ID Card Technology X9A X9F X9F5 X9F4 X9F6 TC68 SC2 SC6 WG10 WG8 WG6 Retail Bank Card Security Liaison Relationship US TAG Relationship Industry Relationship

6 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 5 ISO Overview Established 1946 www.iso.ch www.iso.ch –146 National Standards Bodies –94 Member Bodies USA is a Member Body with a National Standards Body – American National Standards Institute Over 200 Technical Committees –TC 1 Screw Threads … –TC 68 Banking and Financial Services … –TC 215 Health Informatics International Organization for Standardization

7 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 6 TC 68 Overview International Organization for Standardization Develops international technical standards –Financial Services Industry –Including banking and securities Subcommittees www.tc68.org www.tc68.org –SC 2 Security Management and General Banking Operations Biometrics, Public Key Infrastructure (PKI), Security Guidelines –SC 4 Securities and Related Financial Instruments –SC 6 Retail Financial Services Including PIN management, key management, and cryptographic hardware devices used in the Retail Financial Services Cardholder at ATM and Point-of-Sale (POS) Terminals

8 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 7 JTC1 Overview Established early 1980’s www.jtc1.ch www.jtc1.ch –38 Liaison Members –94 National Member Bodies USA is a Member Body with a National Standards Body – American National Standards Institute 18 Active Subcommittees … –SC 17 Cards & Personal Identification INCITS/B10 –SC 27 IT Security Techniques INCITS/T4 –SC 37 Biometrics (established 2002) INCITS/M1 Joint Technical Committee One

9 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 8 JTC1/SC37 Overview Established June 2002www.jtc1www.jtc1 –First meeting held December 2002 –Scope is biometric technologies File formats, APIs, application profiles, testing… –Excluded from SC37 scope SC17 biometrics for cards and personal identification SC27 biometric security and evaluation methodologies –Formal Liaisons include SC37 to SC17 SC37 to SC27

10 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 9 Overview Founded in 1918 as a membership-based, not-for-profit organization, ANSI is … –A coordinator and facilitator of the U.S. voluntary consensus standards and conformity assessment system –An accreditation body for U.S. standards developers, U.S. Technical Advisory Groups and U.S. certification programs –The forum for the U.S. standards and conformity assessment communities American National Standards (ANS) Developers –Currently more than 270 ANSI accredited standards developers, representing 200 distinct entities –Not all standards developed by these organizations are submitted for consideration as ANS

11 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 10 X9 Overview Financial Services Industry www.x9.orgwww.x9.org –X9A Subcommittee on Retail BankingTC68/SC6 –X9B Subcommittee on Check Processing –X9C Consumer Protection (established 2003) –X9D Subcommittee on SecuritiesTC68/SC4 –X9F Subcommittee on Information SecurityTC68/SC2 X9F1 Cryptographic Tools X9F3 Cryptographic Protocols X9F4 Cryptographic Applications – X9.84 Biometrics X9F5 PKI Policy and Practices X9F6 Management and Security – Retail Banking –X9 WG1 Privacy Accredited Standards Committee

12 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 11 Overview Information Technology Standards www.incits.org www.incits.org –Formerly X3 Committee –36+ Technical Committees B10 Identification Cards and Related DevicesSC17 –AAMVA Driver License / Identification Standard J16 Programming Language C++ … L3 Audio, Picture, Multimedia, and Hypermedia … M1 Biometrics (established 2002) SC37 –ANS INCITS 358-2002 BioAPI, NISTIR 6529-A Common Biometric Exchange File Format (CBEFF) T4 Security Techniques …SC27 –ASN.1 Extended Encoding Rules (XER) incits International Committee for IT Standards

13 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 12 INCITS/M1 Overview Established 2001 –55+ Companies and organizations membership –US TAG to JTC1/SC37 Task Groups ( current organization ) –M1.1 Biometric Data Interchange Formats –M1.2 Biometric Technical Interfaces –M1.3 Biometric Profiles –M1.4 Biometric Performance Testing and Reporting

14 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 13 Overview Established 1993 www.oasis-open.orgwww.oasis-open.org –Originally founded as SGML Standard Generalized Markup Language (SGML) Renamed in 1998 – Extensible Markup Language (XML) –600+ Corporate and Individual Members –100+ Countries including United Nations (ebXML) –XML Common Biometric Format (XCBF) Technical Committee Established February 2002 XCBF patron format of NISTIR 6529-A CBEFF XCBF based on ASN.1 schema in X9.84-2003 XCBF conforms to XML Encoding Rule (XER) in X.693 XCBF relies on X9.96-draft Cryptographic Message Syntax (CMS) Organization for the Advancement of Structured Information Standards

15 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 14 Overview Established 1995 www.biometrics.orgwww.biometrics.org –Co-hosted by NIST and NSA Focal point for biometric research… Operate discuss group info@biometrics.orginfo@biometrics.org Operate information line 1-866-BIOMETRics (866-246-6387) –Working Groups Common Biometric Exchange File Format (CBEFF) Biometrics Interoperability, Performance, and Assurance –NISTIR 6529-2001 CBEFF –NISTIR 6529-A-2002 CBEFF

16 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 15 Overview Established 1998 www.bioapi.orgwww.bioapi.org –Focus was to harmonize the various biometric APIs BioAPI Specification version 1.0 – March 2000 Reference implementation version 1.0 – September 2000 BioAPI Specification & implementation version 1.1 – March 2001 Working Groups –Applications (AWG) – top level interface of the BioAPI –External (XWG) – transition to other standards bodies –Reference Implementation (RWG) – reference implementation –Conformance Test (CTWG) – conformance test suite BioAPI Consortium

17 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 16 ISO/IEC JTC1/SC17 FDIS 7816 Part 11 --- Existing Standards US StandardsISO/IEC JTC1US SpecificationsISO TC68 OASIS XCBF ANS X9.84-2003 Biometric Security ISO TC68/SC2 CD 19092 ballot - NISTIR 6529-A CBEFF 2002 ISO/IEC JTC1/SC37 CD ballot -- ANS INCITS 358-2002 BioAPI ISO/IEC JTC1/SC37 CD 19785 ballot BioAPI 2001 Version 1.1 -AAMVA DL/ID 2000--- WSQ 1993 FBI Fingerprint Compression ---

18 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 17 CBEFF Biometric Architecture Biometric Service Provider BioAPI Framework Application BIR XCBF Extended Markup Language (XML) Cryptographic Service Provider X9.84 Biometric Security ASN.1 Biometric Validation Control Objectives ICC

19 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 18 INCITS/M1 Work in Progress M1.1 Task Group – Biometric Data Formats –Finger Pattern Based Interchange Format –Finger Minutiae Format for Data Interchange –Finger Image Based Interchange Format –Face Recognition Format for Data Interchange –Iris Interchange Format –Signature / Sign Image Based Interchange Format Digitized signature (not PKI digital signature) Low level data interoperability –Vendor “A” format captured by vendor “B” device –Vendor “A” format processed by vendor “C” system

20 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 19 INCITS/M1 Work in Progress M1.2 Task Group – Biometric Interfaces –INCITS 358-2002 BioAPI, NISTIR 6529-A CBEFF –Interoperability between biometric components & subsystems –Security mechanisms for stored and transmitted data X9.84-2003 Biometric Information Management and Security –Reference model for multi-vendor systems High level process interoperability –Functional calls Fetch sample, Create template, Matching … –Application calls Enroll, Identify, Verify …

21 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 20 INCITS/M1 Work in Progress M1.3 Task Group – Biometric Profiles –Interoperability and Data Interchange, Biometric Based Verification and Identification of… –Transportation Workers –Border Crossing –Point-of-Sale (POS) X9.84-2003 for the Financial Services Industry Industry specific needs –To be determined, initial meeting June 9-11 in Seattle WA

22 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 21 INCITS/M1 Work in Progress M1.4 Task Group – Performance and Testing –Biometric metric definitions and calculations –Testing performance –Test reporting Ongoing biometric technology issue… –False Match Rate (a.k.a., False Acceptance Rate) –False Non-Match Rate (a.k.a., False Reject Rate) –Failure to Enroll Rate –To be determined, initial meeting June 11 in Seattle WA

23 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 22 JTC1/SC37 Work in Progress SG 01 Harmonized Biometric Vocabulary –No specific M1 correlation SG 02 Biometric Technical Interfaces –M1.2 Task Group – Biometric Interfaces –US submission CD 19785 ballot comments BioAPI –US submission CD ballot comments CBEFF SG 03 Biometric Data Interchange Formats –M1.1 Task Group – Biometric Data Formats Work sorted by Study Group / Special Group:

24 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 23 JTC1/SC37 Work in Progress SG 04 Biometric Application Profiles –M1.3 Task Group – Biometric Profiles SG 05 Biometric Testing and Reporting –M1.4 Task Group – Performance and Testing SG 06 Cross-Jurisdictional and Societal Aspects –No specific M1 correlation Work sorted by Study Group / Special Group:

25 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 24 Other Work in Progress TC68/SC2/WG10 –CD 19092 in ballot (X9.84-2003) due August 2003 JTC1/SC27 –Biometric security in cooperation with TC68/SC2 JTC1/SC17 –ISO 7816 Information Technology – Identification Cards – Integrated Circuit(s) Cards with Contacts Part 11: Personal verification through biometric methods International Civil Aviation Organization (ICAO) –Global Biometric Initiative with JTC1/SC17

26 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 25 Chronology Summary Pre-2000 –June 1993 – FBI Fingerprint Compression WSQ published –November 1995 – Biometric Consortium established –April 1998 – BioAPI Consortium established –January 1999 – X9F4 assigned NWI X9.84 Year 2000 –March 2000 – BioAPI Specification v1.0 published –June 2000 – AAMVA Drivers License / Identification published –December 2000 – ISO/IEC CD 7816 ICC Part 11 Biometrics ballot

27 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 26 Chronology Summary Year 2001 –January 2001 – NISTR 6529 CBEFF published –March 2001 – ANS X9.84-2001 published (BioAPI v1.0) –March 2001 – BioAPI Specification v1.1 published –March 2001 – NIST 6529 CBEFF published –November 2001 – INCITS/M1 established –December 2000 – ISO/IEC DIS 7816 ICC Part 11 Biometrics ballot Year 2002 –February 2002 – NISTR 6529-A CBEFF published –March 2002 – ANS INCITS 358-2002 (BioAPI v1.1) published –March 2002 – CTST Linden Award presented to Cathy Tilton –June 2002 – JTC1/SC37 established –December 2002 – ISO/IEC FDIS 7816 ICC Part 11 Biometrics ballot

28 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 27 Chronology Summary Year June 2003 (so far) –February 2003 – JTC1/SC37 CD 19785 ballot comments BioAPI –February 2003 – JTC1/SC37 CD ballot comments CBEFF –February 2003 – XCBF 1.0 Committee Specification published –June 2003 – ANS X9.84-2003 Biometric Security published –June 2003 – TC68 CD 19092 in ballot (X9.84-2003) Year July 2003 and beyond… –ISO 7816 ICC Part 11 Biometrics –ISO Standards on Biometric Technology –ISO Standards on Biometric Security –ISO Standards on Industry Applications Financial Services Industry Transportation Industry and government Immigration Services

29 Hosted by: June 23-26, 2003 New York City www.biometritechexpo.com 28 Standards Conclusion Significant advances in the last 36 months –ANS INCITS 358-2002 BioAPI –ANS X9.84-2003 Biometric Security –ISO FDIS 7816 ICC Part 11 Biometrics –NISTIR 6529-A CBEFF Further work in the next 36 months –ISO Biometric Technology Standards –ISO Biometric Security Standards –ISO Biometric Application Standards

Download ppt "Hosted by: June 23-26, 2003 New York City State of Biometric Standards Jeff Stapleton, Manager Information Risk Management"

Similar presentations

Biometric Information Management For Security Phillip H. Griffin Griffin Consulting 1625 Glenwood Avenue Hayes Barton at Five Points Raleigh, North Carolina.

Biometric Information Management For Security Phillip H. Griffin Griffin Consulting 1625 Glenwood Avenue Hayes Barton at Five Points Raleigh, North Carolina.
International Workshop on Usability and Biometrics: NIST Welcome

International Workshop on Usability and Biometrics: NIST Welcome
Standard Norge 2004 Status for biometri standardisering Asbjørn Hovstø ErgoSolutions Hans Mustadsgate 31 N-2810 Gjøvik

Standard Norge 2004 Status for biometri standardisering Asbjørn Hovstø ErgoSolutions Hans Mustadsgate 31 N-2810 Gjøvik
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
Addressing Usability of Biometrics in Standards Elaine Newton NIST.

Addressing Usability of Biometrics in Standards Elaine Newton NIST.
JTC 1 Strategic Advisory Committee Key Areas of Priority February 2014.

JTC 1 Strategic Advisory Committee Key Areas of Priority February 2014.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
ISO/IEC JTC1 SC37 Overview

ISO/IEC JTC1 SC37 Overview
Biometrics in New Zealand Passport issuing Border crossing System and information access Building access.

Biometrics in New Zealand Passport issuing Border crossing System and information access Building access.
PIV Data Model Testing Ketan Mehta March 3, 2006.

PIV Data Model Testing Ketan Mehta March 3, 2006.
GSC16-OBS-03 ITU-T GSC – 16 Observer Presentation Karen Higginbottom, JTC 1 Chair.

GSC16-OBS-03 ITU-T GSC – 16 Observer Presentation Karen Higginbottom, JTC 1 Chair.
Standards for Biometrics Dr. Pushkin Kachroo. Introduction Standards needed for interoperability At all levels of the system –hardware level (using one.

Standards for Biometrics Dr. Pushkin Kachroo. Introduction Standards needed for interoperability At all levels of the system –hardware level (using one.
Asia Biometrics Workshop 2004 Korea Standardization and Research activities of Biometrics Testing Technique 16. Sept 2004 Director, Jason Kim / Director,

Asia Biometrics Workshop 2004 Korea Standardization and Research activities of Biometrics Testing Technique 16. Sept 2004 Director, Jason Kim / Director,
An Overview of Accredited Standards Committee X9 October 27, 2014 Claudia Swendseid Senior Vice President Federal Reserve Bank of Minneapolis Presentation.

An Overview of Accredited Standards Committee X9 October 27, 2014 Claudia Swendseid Senior Vice President Federal Reserve Bank of Minneapolis Presentation.
Geneva, Switzerland, 4 December 2014 ISO work on Mobile Financial Services Patrice Hertzog, Chairman, ISO T68/SC7 ITU Workshop.

Geneva, Switzerland, 4 December 2014 ISO work on Mobile Financial Services Patrice Hertzog, Chairman, ISO T68/SC7 ITU Workshop.
JAVAPOSTM Java for POS Devices

JAVAPOSTM Java for POS Devices
DL/ID Card Design Specification 1 2004 Responsible Retailing Forum Rich Carter (AAMVA) 2004 Responsible Retailing Forum The Next Generation of State IDs.

DL/ID Card Design Specification Responsible Retailing Forum Rich Carter (AAMVA) 2004 Responsible Retailing Forum The Next Generation of State IDs.
Introduction to ebXML Mike Rawlins ebXML Requirements Team Project Leader.

Introduction to ebXML Mike Rawlins ebXML Requirements Team Project Leader.
ISO 9001:2015 Revision overview - General users

ISO 9001:2015 Revision overview - General users
Accredited Standards Committee X9, Inc. An Introduction to Financial Industry Global Standards.

Accredited Standards Committee X9, Inc. An Introduction to Financial Industry Global Standards.

Similar presentations

Ads by Google