Powered by Google-Search & Google-Books www.ChineseStandard.net Database: 169760 (Sep 18, 2021)
HOME   Quotation   Tax   Examples Standard-List   Contact-Us   Cart
  

GB/T 37036.2-2019 (GB/T37036.2-2019)

Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardSee DetailStatusRelated Standard
GB/T 37036.2-2019English195 Add to Cart 0--10 minutes. Auto-delivery. Information technology -- Biometrics used with mobile devices -- Part 2: Fingerprint GB/T 37036.2-2019 Valid GB/T 37036.2-2019


GB/T 37036.2-2019: PDF in English (GBT 37036.2-2019)
GB/T 37036.2-2019
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.240.15
L 71
Information Technology - Biometrics Used with Mobile
Devices - Part 2: Fingerprint
ISSUED ON: OCTOBER 18, 2019
IMPLEMENTED ON: MAY 1, 2020
Issued by: State Administration for Market Regulation;
Standardization Administration of the People’s Republic of
China.
Table of Contents
Foreword ... 3 
1 Scope ... 4 
2 Normative References ... 4 
3 Terms and Definitions ... 4 
4 Abbreviations ... 6 
5 Technology Architecture ... 6 
6 Operational Process ... 8 
7 Functional Requirements ... 10 
8 Performance Requirements ... 12 
9 Security Requirements ... 13 
Appendix A (informative) Mobile Device Fingerprint Recognition Application
Modes ... 16 
Bibliography ... 20 
Information Technology - Biometrics Used with Mobile
Devices - Part 2: Fingerprint
1 Scope
This Part of GB/T 37036 provides the technology architecture applied to the fingerprint
recognition system used with mobile devices, and specifies the operational process,
functional requirements, performance requirements and security requirements of
fingerprint recognition used with mobile devices.
This Part is applicable to the design, production, integration and application of the
fingerprint recognition system used with mobile devices.
2 Normative References
The following documents are indispensable to the application of this document. In
terms of references with a specified date, only versions with a specified date are
applicable to this document. In terms of references without a specified date, the latest
version (including all the modifications) is applicable to this document.
GB/T 26238-2010 Information Technology - Terminology for Biometrics
GB/T 33767.4-2018 Information Technology - Biometric Sample Quality - Part 4: Finger
Image Data
GB/T 37036.1-2018 Information Technology - Biometrics Used with Mobile Devices -
Part 1: General Requirement
3 Terms and Definitions
What is defined in GB/T 26238-2010, and the following terms and definitions are
applicable to this document.
3.1 Fingerprint Characteristic
Fingerprint characteristic refers to distinguishable and repeatable characteristic
information that can be extracted from individual’s fingerprint information, so as to
achieve the purpose of individual recognition.
3.2 Fingerprint Recognition
Fingerprint recognition refers to the process of individual recognition based on
c) The main function of the presentation attach detection sub-function is to
evaluate and judge the fingerprint samples; block the non-fingerprint samples;
d) The main function of the fingerprint feature extraction sub-function is to extract
fingerprint feature of fingerprint samples that have passed the quality
judgment and presentation attack detection.
The main function of the fingerprint characteristic storage module to form fingerprint
template through fingerprint characteristic verified by the fingerprint characteristic
capture module and store it on the physical chip.
The main function of the fingerprint characteristic comparison module is to compare
the fingerprint feature verified by the fingerprint characteristic capture module with the
fingerprint template of the fingerprint characteristic storage module; output the
comparison result to the mobile application.
The server side includes the fingerprint characteristic storage module, the fingerprint
characteristic comparison module and the three sub-functions (quality judgment,
presentation attack detection and fingerprint feature extraction) in the fingerprint
characteristic capture module. The functions of these functions and sub-functions are
the same as the corresponding functions and sub-functions of the mobile device side.
The application of biometrics in mobile devices may have multiple modes, which mainly
include two modes: local recognition and remote recognition.
The mode of local recognition means the fingerprint characteristic recognition process
of mobile device is locally completed in the mobile device. In addition, the recognition
result is output to the mobile application that calls the fingerprint recognition service.
The mode of remote recognition means some functions (such as: fingerprint
characteristic storage and / or fingerprint characteristic comparison functions) or sub-
functions (such as: quality judgment, presentation attack detection and / or fingerprint
feature extraction sub-functions) of fingerprint recognition are executed on the remote
server.
Generally speaking, the mode of local recognition is adopted. The specific recognition
mode to be used depends on the application purpose and application environment of
the biometric system used with mobile devices, as well as the overall design
considerations. It is set in the recognition system solution.
The description of the local recognition and remote recognition mode is shown in
Appendix A.
6 Operational Process
The operational process of fingerprint recognition used with mobile devices generally
3) End the fingerprint log-out process.
7 Functional Requirements
7.1 General Requirements
7.1.1 Basic functions
It shall comply with the requirements of 6.1.1 in GB/T 37036.1-2018, which include,
but are not limited to:
a) Applicable to users of different races, different ages and different skin colors;
b) Applicable to mobile device users and fingerprint recognition system
administrators;
c) Based on corresponding hardware and software conditions of the mobile
device, it shall be able to support multi-modal or multi-factor fingerprint
recognition.
7.1.2 Functional management
It shall comply with the requirements of 6.1.2 in GB/T 37036.1-2018, which include,
but are not limited to:
a) Fingerprint enrollment:
1) It shall be able to complete fingerprint enrollment in one session;
2) It shall be able to support timeout constraints.
b) Fingerprint recognition:
1) It shall be able to support consecutive failure number constraints;
2) It shall be able to output fingerprint recognition result.
c) During fingerprint log-out, the object of log-out shall pass identity verification.
d) It shall support log management function and generate log recording events.
The events to be recorded include (but are not limited to) success or failure
events during the enrollment process and the recognition process. The log
record of each event should include the event occurrence time, the type of
event, the user, the event execution result or the failure cause.
7.2 Fingerprint Characteristic Capture Module
7.2.1 Basic Functions
It shall comply with the requirements of 6.3 in GB/T 37036.1-2018, which include, but
are not limited to:
a) The stored data does not contain the original image data of the fingerprint;
b) It shall support already enrolled user’s operations (such as: add and log-out)
of fingerprint templates in the fingerprint characteristic storage module;
c) Encrypt the stored fingerprint characteristic data;
d) When it comes to using cryptographic technology to provide security
(confidentiality, integrity, authenticity and non-repudiation), comply with
relevant national standards and industry standards related to cryptography.
7.4 Fingerprint Characteristic Comparison Module
7.4.1 Basic functions
Based on the relevant stipulations of 6.4.1 in GB/T 37036.1-2018, the fingerprint
characteristic comparison module shall be able to support 1:N comparison (where, N
signifies the number of templates, with the value range of an integer from 1 to 99).
7.4.2 Comparison determination and processing
It shall comply with the requirements of 6.4.2 in GB/T 37036.1-2018, which include,
but are not limited to:
a) It shall be able to compare the input user’s fingerprint feature with the already
enrolled fingerprint characteristic templates, so as to calculate the comparison
score;
b) It shall be able to determine the recognition result in accordance with the
comparison score; output the recognition result;
c) It shall be equipped with the function of determining and handling abnormal
conditions, which include, but are not limited to, the definition of the number
of consecutive errors and recovery modes.
8 Performance Requirements
8.1 Resolution
Resolution shall be not less than 300DPI.
8.2 Capture Time
The process from the sending of the fingerprint capture command to the completion of
the reception of fingerprint sample data shall not exceed 250 ms.
It shall comply with the requirements of 7.2 in GB/T 37036.1-2018, which include, but
are not limited to:
a) It should set up a fingerprint characteristic capture timeout processing
mechanism. In other words, within the set effective time, if fingerprint samples
that meet the quality requirements and pass the presentation attack detection
cannot be captured, the module will automatically withdraw from the operation;
b) The sensitive data input by the user, or the collected user’s fingerprint data
shall be protected;
c) The fingerprint characteristic capture module shall receive security protection
through a trusted environment;
d) Under the remote recognition mode, the involved keys should be stored in a
trusted environment, for example, keys involved in the secure communication
with a remote server.
9.3 Security of Fingerprint Characteristic Storage Module
It shall comply with the requirements of 7.3 in GB/T 37036.1-2018, which include, but
are not limited to:
a) In combination with the trusted environment, in an effective and secure mode,
security protection shall be performed on the fingerprint templates stored in
the fingerprint characteristic storage module;
b) Under the remote recognition mode, the user’s fingerprint reference shall be
de-marked or desensitized; be stored in a separate library with the user’s
identity information.
9.4 Security of Fingerprint Characteristic Comparison Module
It shall comply with the requirements of 7.4 in GB/T 37036.1-2018, which include, but
are not limited to:
a) The fingerprint characteristic comparison module is generally implemented in
the form of software. Effective security measures are adopted to ensure the
security of the module. In addition, effective security measures are adopted
to ensure the confidentiality and integrity of the user’s fingerprint data and
recognition decision-making result during the comparison process, and
ensure that they are not stolen or tampered with;
b) Combine the trusted execution environment or security unit processed by the
mobile device to implement the fingerprint characteristic comparison module;
c) Under the remote recognition mode, in combination with the trusted
environment, reinforce the security of the fingerprint characteristic comparison
Appendix A
(informative)
Mobile Device Fingerprint Recognition Application Modes
A.1 Mode 1 -- Local Recognition
Figure A.1 describes typical mode 1. Under this mode, the fingerprint characteristic
capture, storage and comparison modules are located in the mobile device. In
consideration of security, the various modules of the fingerprint recognition system are
protected by the trusted execution environment in the mobile device. The fingerprint
capture subsystem merely allows shared access by rich execution environment and
trusted execution environment, or, merely allows access by trusted execution
environment.
Generally speaking, mobile application is located in the rich execution environment.
Through an external interface provided by the trusted execution environment, the
fingerprint recognition system is called. Then, the fingerprint recognition system calls
the fingerprint capture subsystem, which is located in the mobile device, to capture
fingerprint samples:
a) After the quality judgment is performed, extract fingerprint characteristic;
perform the fingerprint log-out process. After this process is completed, offer
feedbacks of the result to the mobile application that calls fingerprint
recognition;
b) After the quality judgment and presentation attack detection, extract
fingerprint characteristic; perform the fingerprint recognition process. After this
process is completed, offer feedbacks of the result to the mobile application
that calls fingerprint recognition.
......
 
(Above excerpt was released on 2020-06-12, modified on 2021-06-07, translated/reviewed by: Wayne Zheng et al.)
Source: https://www.chinesestandard.net/PDF.aspx/GBT37036.2-2019