1、BS ISO/IEC 17839-3:2016 Information technology Identification cards Biometric System-on-Card Part 3: Logical information interchange mechanism BSI Standards Publication WB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06BS ISO/IEC 17839-3:2016 BRITISH STANDARD National foreword This British Sta
2、ndard is the UK implementation of ISO/IEC 17839-3:2016. The UK participation in its preparation was entrusted to Technical Committee IST/17, Cards and personal identification. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not
3、 purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2016. Published by BSI Standards Limited 2016 ISBN 978 0 580 79062 1 ICS 35.240.15 Compliance with a British Standard cannot confer immunity from legal
4、 obligations. This British Standard was published under the authority of the Standards Policy and Strategy Committee on 30 November 2016. Amendments/corrigenda issued since publication Date T e x t a f f e c t e dBS ISO/IEC 17839-3:2016 Information technology Identification cards Biometric System-on
5、-Card Part 3: Logical information interchange mechanism Technologies de linformation Cartes didentification Systme biomtrique sur carte Partie 3: Mcanisme dchange de linformation logique INTERNATIONAL STANDARD ISO/IEC 17839-3 Reference number ISO/IEC 17839-3:2016(E) First edition 2016-11-01 ISO/IEC
6、2016 BS ISO/IEC 17839-3:2016ii ISO/IEC 2016 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2016, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanic
7、al, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Swit
8、zerland Tel. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.org www.iso.org ISO/IEC 17839-3:2016(E)BS ISO/IEC 17839-3:2016ISO/IEC 17839-3:2016(E)Foreword iv Introduction v 1 Scope . 1 2 Normative references 1 3 Terms and definitions . 1 4 Symbols and abbreviated terms . 2 5 Conformance . 2 6 Log
9、ical data structures . 3 6.1 BSoC capability . 3 6.2 Biometric reference qualifier . 3 6.3 Configuration data . 3 6.4 Enrolment procedures . 3 6.4.1 Internal enrolment . 3 6.4.2 External enrolment 4 6.5 Biometric comparison process . 4 6.5.1 IFD initiated verification . 4 6.5.2 Self-initiated verifi
10、cation 4 7 Discovery of services 4 8 Operational sequence . 5 9 Feedback mechanisms during biometric acquisition process 5 9.1 Feedback message data objects 5 9.2 Time management in a BSoC 6 9.3 Feedback messages . 8 9.3.1 Successful completion of the command. 8 9.3.2 Status feedback messages 9 9.3.
11、3 Cancellation of the command by the ICC 9 Annex A (informative) Sample APDU for Biometric System-on-Card comparison 10 Annex B (informative) Comparison of commands used among the different kinds of biometric-related implementations .11 Annex C (informative) Examples of self-initiated BSoC activatio
12、n .12 Annex D (informative) Examples of command feedback message retrieving 13 Annex E (informative) State transitions for BSoC time management .14 Bibliography .15 ISO/IEC 2016 All rights reserved iii Contents PageBS ISO/IEC 17839-3:2016ISO/IEC 17839-3:2016(E) Foreword ISO (the International Organi
13、zation for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the resp
14、ective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of informat
15、ion technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different
16、 types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall
17、 not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this document is
18、 information given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT)
19、 see the following URL: Foreword - Supplementary information The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. A list of all parts in the ISO 17839 series can be found on the ISO website.iv ISO/IEC 2016 All ri
20、ghts reservedBS ISO/IEC 17839-3:2016ISO/IEC 17839-3:2016(E) Introduction A Biometric System-on-Card (BSoC) is a portable card size device including the following entities: biometric acquisition, image/signal processing, storage, comparison and decision. The use of a BSoC with such specifications is
21、subject to an information flow and security mechanisms, which are detailed in this document. ISO/IEC 17839-1 describes two types of BSoC. Type S1 is a fully flexible card compliant with ISO/IEC 7810. Type S2 deviates from some of the requirements of size and flexibility, while keeping the rest of th
22、e requirements intact, including the use of a contactless ICC interface. The logical interface and security mechanisms are independent on whether the BSoC is of type S1 or type S2, so the specifications stated in this document are applicable to both types of BSoC. ISO/IEC 2016 All rights reserved vB
23、S ISO/IEC 17839-3:2016BS ISO/IEC 17839-3:2016Information technology Identification cards Biometric System-on-Card Part 3: Logical information interchange mechanism 1 Scope This document specifies logical data structures for a BSoC, enrolment procedures, and usage of commands and data structures defi
24、ned in other ISO standards for BSoC. This document does not define requirements for commands and data structures that apply to devices external to a BSoC, and commands and data structures that apply to logical interfaces inside a BSoC. 2 Normative references The following documents are referred to i
25、n the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 7816-3, Identification cards I
26、ntegrated circuit cards Part 3: Cards with contacts Electrical interface and transmission protocols ISO/IEC 7816-4, Identification cards Integrated circuit cards Part 4: Organization, security and commands for interchange ISO/IEC 7816-11, Identification cards Integrated circuit cards Part 11: Person
27、al verification through biometric methods ISO/IEC 14443-4, Identification cards Contactless integrated circuit cards Proximity cards Part 4: Transmission protocol ISO/IEC 18328-3, Information technology ICC-managed devices Part 3: Organization, security and commands for interchange ISO/IEC 24787, In
28、formation technology Identification cards On-card biometric comparison 3 Terms and definitions For the purposes of this document, the terms and definitions given in ISO/IEC 2382-37 and the following apply. ISO and IEC maintain terminological databases for use in standardization at the following addr
29、esses: IEC Electropedia: available at http:/ /www.electropedia.org/ INTERNATIONAL ST ANDARD ISO/IEC 17839-3:2016(E) ISO/IEC 2016 All rights reserved 1BS ISO/IEC 17839-3:2016ISO/IEC 17839-3:2016(E) ISO Online browsing platform: available at http:/ /www.iso.org/obp 3.1 biometric system-on-card BSoC ca
30、rd size device including biometric acquisition, data processing, storage, comparison and decision to compose a complete biometric verification system 3.2 feedback mechanism mechanism of informing devices outside of a BSoC (3.1) of detailed error, warning or progress message complementing the status
31、bytes by using card-originated byte strings defined in ISO/IEC 7816-4 3.3 on-card biometric comparison performing comparison and decision making on an ICC where the biometric reference data is retained on-card in order to enhance security and privacy 4 Symbols and abbreviated terms APDU application
32、protocol data unit AT control reference template for authentication ATR answer-to-reset BER basic encoding rules BSoC biometric system-on-card CRT control reference template DO BER-TLV data object ICC integrated circuit card IFD interface device PBO perform biometric operation SW1-SW2 status bytes S
33、W1 first status byte SW2 second status byte TLV tag, length, value 5 Conformance A Biometric System-on-Card claiming conformance with this document shall conform to all mandatory requirements specified herein as applicable.2 ISO/IEC 2016 All rights reservedBS ISO/IEC 17839-3:2016ISO/IEC 17839-3:2016
34、(E) 6 Logical data structures 6.1 BSoC capability A biometric information template DO7F60 may include data objects regarding BSoC capabilities specified in ISO/IEC 24787. 6.2 Biometric reference qualifier An application in a BSoC may know which biometric reference data is used in the following ways:
35、 implicitly; commands for a biometric comparison, for example, reference data qualifier in P2 of verify or pbo command; AT (control reference template valid for authentication) in a security environment (see ISO/IEC 7816-4); AT in FCI (file control information) for DF (dedicated file) (see ISO/IEC 7
36、816-4). 6.3 Configuration data A BSoC may use configuration data for BSoC comparison and decision (see Annex A). Each application may provide its own configuration data for a biometric reference template, as defined in ISO/IEC 24787. See ISO/IEC 7816-4 and ISO/IEC 7816-11 for generic handling of CRT
37、s and biometric information template. Regardless of individual configuration data, a BSoC shall implement a retry counter as defined in ISO/IEC 24787. 6.4 Enrolment procedures 6.4.1 Internal enrolment Internal enrolment uses an on-card sensor for capturing biometric data (image or signal). Internal
38、enrolment processes the capturing biometric data and extracts its features. Internal enrolment shall be executed by using the pbo capture and store biometric reference or pbo capture and update biometric reference command. The enrolment may use a single or multiple presentation of the biometric char
39、acteristic by the cardholder. The policy for single or multiple presentation is defined internally by the algorithm and application in the BSoC and not by command parameters. The enrolment in a BSoC shall implement a feedback mechanism as specified in Clause 9, which includes status bytes (SW1-SW2)
40、for the cases specified in Table 1. ISO/IEC 2016 All rights reserved 3BS ISO/IEC 17839-3:2016ISO/IEC 17839-3:2016(E) Table 1 Status bytes related to the operation of the BSoCSW1-SW2 Meaning Normal processing 90 00 Enrolment successful Warning processing 62 XY XY = 02 to 80 State of non-volatile memo
41、ry is unchanged Reason for warning provided in data object (see Clause 9) 63 XY State of non-volatile memory may have changed Execution error 64 XY XY = 02 to 80 State of non-volatile memory is unchanged Enrolment failed, reason for error provided in the data object (see Clause 9) 64 83 Maximum time
42、 for acquisition has expired (timeout) 64 84 Enrolment failed, non-matching sample 6.4.2 External enrolment The application policy may decide to import reference data generated with an off-card sensor and applying different algorithm and parameters. This is called “external enrolment” in the context
43、 of BSoC. External enrolment shall comply with the security policies defined in ISO/IEC 24787 for on-card biometric comparison. NOTE External enrolment in a BSoC is equivalent to the enrolment in on-card biometric comparison. 6.5 Biometric comparison process 6.5.1 IFD initiated verification The biom
44、etric comparison of a BSoC initiated by the IFD shall start with a verify or pbo command specified in ISO/IEC 7816-4 and ISO/IEC 7816-11. 6.5.2 Self-initiated verification The biometric comparison may be initiated by an on-card device with triggering capability (e.g. a mechanical switch) or by autom
45、atic detection of the presented biometric characteristic. Self-initiated verification assumes that the BSoC has power available. Self-initiated verification performs a biometric comparison process on a stand-alone BSoC. The result of this comparison may be stored for usage in further processing in a
46、n IFD-controlled communication, i.e. by an application on the BSoC. The validity time of the comparison results needs to be configurable. For this mechanism, a BSoC has an on-card input device, e.g. a button on a BSoC for triggering this mechanism. Although a power supply to a BSoC is needed for exe
47、cuting this mechanism, its specification is outside of the scope of this document. For executing a biometric comparison process, a pre-defined internal process flow is assumed. Mechanisms and definitions are outside of the scope of this document. Power control and duration management on keeping the
48、result of biometric comparison shall be installed. These mechanisms ensure expiration of the result of biometric comparison using autonomous activation mechanism when low power or end of duration is detected. This duration shall be set at most for 1 min. Example procedures for self-initiated activat
49、ion of a BSoC are provided in Annex C. 7 Discovery of services A BSoC may reveal its capability regarding biometric information process. A general feature management template DO7F74 in EF.ATR/INFO and/or in the FCI of any application DF may indicate existing on-card services, e.g. on-card sensor. DO81 under DO7F74 indicates these on-card features 4 ISO/IEC 2016 All rights reserved