1、BSI Standards Publication PD ISO/IEC TR 29195:2015 T r a v e l l e r p r o c e s s e s f o r biometric recognition in automated borderPD ISO/IEC TR 29195:2015 BRITISH STANDARD National foreword This British Standard is the UK implementation of ISO/IEC TR 29195:2015. The UK participation in its prepa
2、ration was entrusted to Technical Committee IST/44, Biometrics. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct applicatio
3、n. The British Standards Institution 2015. Published by BSI Standards Limited 2015 ISBN 978 0 580 78496 5 ICS 35.040 Compliance with a British Standard cannot confer immunity from legal obligations. This British Standard was published under the authority of the Standards Policy and Strategy Committe
4、e on 31 March 2015. Amendments/corrigenda issued since publication Date Text affectedTraveller processes for biometric recognition in automated border Processus relatifs au voyageur pour la reconnaissance biomtrique aux frontires automatises TECHNICAL REPORT ISO/IEC TR 29195 First edition 2015-03-15
5、 Reference number ISO/IEC TR 29195:2015(E) ISO/IEC 2015 PD ISO/IEC TR 29195:2015 ii ISO/IEC 2015 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2015 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any me
6、ans, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Genev
7、a 20 Te l . + 4 1 2 2 7 4 9 0 1 1 1 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ISO/IEC TR 29195:2015(E) ISO/IEC TR 29195:2015(E)Foreword iv 1 Scope . 1 2 T erms and definitions . 1 3 Key drivers 2 4 Overview of automated border control system 2 4.1 General
8、 . 2 4.2 The biometric process at the border . . 2 4.3 The processing steps 3 5 Key Success Factors 4 5.1 Operational considerations 4 5.1.1 Traveller considerations . 4 5.1.2 Traveller processing . . 5 5.1.3 Operational environment . 5 5.1.4 Border stakeholder engagement . 5 5.1.5 System management
9、. 6 5.1.6 Vulnerabilities 6 5.2 Technical considerations 7 5.2.1 Security/Privacy. 7 5.3 Standards for interoperability . 7 5.4 Enrolment for automated border control systems 8 5.5 Privacy background for ABC systems 8 6 Guidanc e r elating t o specific modalities . 8 6.1 Face . 8 6.1.1 Presentation
10、of subject to camera: . 8 6.1.2 Other factors 9 6.2 Vascular (vein) 9 6.2.1 General 9 6.2.2 Presentation of subject to vein sensors . 9 6.2.3 Other factors .10 6.3 Fingerprint 10 6.3.1 General.10 6.3.2 Enrolment .10 6.3.3 Verification .11 6.4 Iris .11 6.4.1 Presentation of subject to camera .11 Anne
11、x A (informative) Different types of ABC systems 13 Annex B (informative) Examples of automated border control systems .14 Annex C (informative) Malaysia Autogate System 15 Annex D (informative) Nexus iris recognition system .18 Annex E (informative) United Kingdom .19 Annex F (informative) Global E
12、ntry 22 Annex G (informative) Examples of Signage used in ABC Systems .23 Bibliography .26 ISO/IEC 2015 All rights reserved iii PD ISO/IEC TR 29195:2015PD ISO/IEC TR 29195:2015 ISO/IEC TR 29195:2015(E) Foreword ISO (the International Organization for Standardization) and IEC (the International Elect
13、rotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of techni
14、cal activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technic
15、al committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of document should be noted. This document was drafte
16、d in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives ). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such pa
17、tent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this document is information given for the convenience of users and does no
18、t constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT), see the following URL: Foreword Supplementary information
19、. The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 37, Biometrics. iv ISO/IEC 2015 All rights reservedPD ISO/IEC TR 29195:2015 Traveller processes for biometric recognition in automated border 1 Scope This Technical Report provides recommended bes
20、t practices and processes for automated border control systems using biometrics to verify an identity claim by a traveller that uses an ePassport or equivalent identity card as the basis for the claim. It indicates areas that organisations proposing to use biometric technologies will need to address
21、 during design, deployment, and operation. Much of the information is generic to all types of applications especially around signage; however, some information will be specific to the modality of biometric technology used and how that technology is physically implemented. Biometric automated border
22、control systems can have various biometric implementations, they can be manned or unmanned, and might or might not require the presentation of documentation. This Technical Report points out the different requirements relating to many of the different types of biometric application implementations.
23、The following are out of scope for this Technical Report. a. Watch lists, although biometric technology can be used to check watch lists as part of traveller processing in automated border control systems. b. Manual customs and immigration systems mandated by government for travellers. c. Tr usted t
24、 raveller systems (including token-less systems). d. ePassport PKI: Whilst PKI/PKD systems exist, they are not covered in this Technical Report. This subject is referenced in ICAO 9303. The recommendations contained in this Technical Report are not mandatory. 2 Te r m s an d definiti ons For the pur
25、poses of this document, the following terms apply. 2.1 traveller person subject to biometric verification by an automated border control system 2.2 automated border control system employs biometric verification of travellers to meet the requirements and regulations of border stakeholders Note 1 to e
26、ntry: Often referred to as ABC systems. 2.3 border stakeholder state or state-sanctioned entity that carries out border functions including, but not limited to, customs, immigration, transportation, and tourism 2.4 automated gate subsystem of an automated border control system that incorporates phys
27、ical entry/exit control, travel document reading (where applicable), and biometric verification. TECHNICAL REPORT ISO/IEC TR 29195:2015(E) ISO/IEC 2015 All rights reserved 1PD ISO/IEC TR 29195:2015 ISO/IEC TR 29195:2015(E) 2.5 kiosk separate physical device that is part of the ABC system which can b
28、e used for assessing the eligibility of travellers for self-process. 3 Key drivers Automated border control systems using biometrics have several key business drivers including increases in security, improving business processes and improving the travellers experiences. Airlines are now starting to
29、use larger aircraft, fitting more travellers on existing aircraft and deploying more flights. This creates problems when processing travellers due to the increase in traveller numbers and creates many key drivers for authorities (airport, border control etc.) to look at automated processing of trave
30、llers. The key drivers for use of automated border control systems include to: Reduce the costs of the related processing of travellers. Decrease the traveller processing times. Make better use of finite floor space in border control processing areas. Contribute to making the traveller experience th
31、rough border control points a positive one. Provide consistent and secure border control processing of travellers. Provide a lower cost scalable platform to meet growing traveller processing demands into the future. Give greater flexibility for workforce planning including staffing levels for the pr
32、ocessing of increasing traveller numbers. 4 Overview of automated border control system 4.1 General Automated border control systems may consist of one or more physical devices with which the traveller needs to interact. Some systems use a separate physical device (for example: a kiosk) that travell
33、ers must use to determine their eligibility to self-process. In other words, to have their identity claim processed automatically at a subsequent and separate physical device. Other systems undertake the eligibility check and identify claim processing using a single device. Ty pic a l ly, aut om at
34、e d bor der c ont r ol s y s t em s i nc lude ot her b or der c ont r ol pr oc e s s i n g a s r e qu i r e d by a border control authority in addition to the eligibility and identity claim processing. NOTE ABC systems are not intended to replace all manual/human border control policies and procedur
35、es. Current border control initiatives demonstrate a strong need to maintain human oversight and control over ABC systems. 4.2 The biometric process at the border The automated border control system verifies the travellers identity claim by capturing the biometric characteristic presented by the tra
36、veller (for example: face or fingerprint) and, using the biometric verification system component, comparing it with that encoded in the identity document. The system will then, based on results, accept the claim and allow the traveller to pass, or not accept the claim and refer them for processing b
37、y a border control officer. 2 ISO/IEC 2015 All rights reservedPD ISO/IEC TR 29195:2015 ISO/IEC TR 29195:2015(E) 4.3 The processing steps Automated border control systems using biometrics typically involve the following process steps. An example of the processing steps is depicted in Figure 1. Howeve
38、r this will depend on the individual business requirements. Not all the steps outlined below will apply and/or the order of these steps could be different. Each step may require an exception handling procedure that is not described in this document. 1. Detect traveller presence sensors recognise tha
39、t a traveller is proximate to the biometric sensor(s) and initiate the traveller processing by activating instructions for the traveller. 2. Detect Travel Document the traveller places a travel document with an embedded chip on a reader, which reads biographic data and the biometric data from the ch
40、ip. 3. Read Travel Document Data The security features of the document are checked for possible tampering (where applicable) and the biometric and biographic data are read from the chip. 4. Present Questions The traveller is asked to answer border control questions. 5. Assess Eligibility The eligibi
41、lity of the traveller to use automated process is assessed based on eligibility criteria. 6. Store Travel Document Data Relevant data is read from the Travel Document and stored by the border control authority. 7. Issue token The traveller is issued a token with unique identifier for use at the subs
42、equent automated border control system component. 8. Initiate Biometric Verification Process The biometric verification process is started based on the detection of the physical presence of the traveller, the token or other system designed trigger. 9. Retrieve Data Biometric data and other biographi
43、c read from the Traveller Document and stored is retrieved from the relevant data source. 10. Acquire Traveller Biometric Sample the traveller is prompted, if necessary, to present the biometric characteristic of interest and a sample of it is acquired. The suitability of the sample for biometric ve
44、rification is assessed and the traveller is prompted to re-present the biometric characteristic of interest if a new sample is required. 11. Presentation attack detection test The process performs liveness detection of a biometric sample and anti-spoofing tests to the specification as defined in ISO
45、/IEC 30107 multi-part standard. 12. Biometric Verification The system compares the acquired biometric sample against the stored biometric reference obtained from the travel document to verify that the traveller is the same person to whom the document was issued. 13. Clear Traveller The biographic an
46、d biometric data obtained from the travel document is used to assess other border control entry/exit requirements, which may include checking for a valid visa and possibly watchlist processing. Watchlist processing may include comparison of the acquired biometric sample against biometric references
47、contained in the watchlist. This clearance processing may require retrieval of data from a central data repository or the transmission of data to a central repository. Note the exception handling for this stage can be complex. 14. Allow Traveller to Proceed If all data is verified as valid and entry
48、/exit is authorised, the traveller is allowed to proceed (for example: a gate is opened for the traveller to pass through). If entry/exit is not authorised, the traveller is referred for further assessment. The border control data and its outcome are logged. 15. End of process System is set to ready
49、 status. ISO/IEC 2015 All rights reserved 3PD ISO/IEC TR 29195:2015 ISO/IEC TR 29195:2015(E) Fig ure 1 Aut o m a t e d ga te pr o c e s s i n g fl o w (a n ex a m p l e ) 5 Key Success Factors 5.1 Operational considerations The following operational considerations will assist in designing a solution that meets the needs of the business and the traveller in automated border processing. 5.1.1 Traveller considerations Most automated border control systems currently ins
