|
US$339.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 37036.4-2021: Information technology - Biometrics used with mobile devices - Part 4: Iris
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 37036.4-2021 | English | 339 |
Add to Cart
|
4 days [Need to translate]
|
Information technology - Biometrics used with mobile devices - Part 4: Iris
| Valid |
GB/T 37036.4-2021
|
PDF similar to GB/T 37036.4-2021
Basic data | Standard ID | GB/T 37036.4-2021 (GB/T37036.4-2021) | | Description (Translated English) | Information technology - Biometrics used with mobile devices - Part 4: Iris | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L71 | | Word Count Estimation | 18,188 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 37036.4-2021: Information technology - Biometrics used with mobile devices - Part 4: Iris---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information technology - Biometrics used with mobile devices - Part 4.Iris
ICS 35.240.15
CCSL71
National Standards of People's Republic of China
Information Technology Mobile Device Biometric Recognition
Part 4.iris
Part 4.Iris
Released on 2021-04-30
2021-11-01 implementation
State Administration of Market Supervision and Administration
Issued by the National Standardization Management Committee
Table of contents
Foreword Ⅲ
Introduction Ⅳ
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Abbreviations 2
5 System composition 2
6 Business Process 4
7 Functional requirements 4
7.1 General requirements 4
7.2 Iris feature collection 5
7.3 Iris feature storage 6
7.4 Iris feature comparison 6
8 Performance requirements 6
8.1 MTF value 6
8.2 Acquisition time 7
8.3 Registration time 7
8.4 Recognition time 7
8.5 Presenting the accuracy of attack detection 7
8.6 False acceptance rate and false rejection rate 7
9 Safety requirements 7
9.1 Human safety 7
9.2 Information Security 7
Appendix A (informative) Typical application architecture of iris recognition for mobile devices 10
Appendix B (informative) Mobile device iris recognition presents an example of attack detection implementation 13
Information Technology Mobile Device Biometric Recognition
Part 4.iris
1 Scope
This document proposes the system composition and business process of iris recognition applied to mobile devices, and specifies the functions of iris recognition on mobile devices.
Performance requirements, performance requirements and safety requirements.
This document applies to the design, production and application of the iris recognition system for mobile devices.
2 Normative references
The contents of the following documents constitute the indispensable clauses of this document through normative references in the text. Among them, dated quotations
Only the version corresponding to that date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to
This document.
GB/T 20145-2006 Photobiological safety of lamps and lamp systems
GB/T 26237.6-2014 Information technology biometric data exchange format Part 6.Iris image data
GB/T 33767.6-2018 Information Technology Biometric Sample Quality Part 6.Iris Image Data
GB/T 35783-2017 General Specification for Information Technology Iris Recognition Equipment
GB/T 37036.1-2018 Information Technology Mobile Device Biometric Recognition Part 1.General Requirements
ISO /IEC 30107-3.2017 Information technology biometrics presentation attack detection Part 3.Testing and reporting (Infor-
mationtechnology-Biometricpresentationattackdetection-Part 3.Testingandreporting)
3 Terms and definitions
The following terms and definitions apply to this document.
3.1
Iris characteristic irischaracteristic
Differentiable and repeatable feature information that can be extracted from the iris information of an individual.
3.2
Iris recognition
The process of identifying the individual based on the iris feature information of the individual.
3.3
Iris capture module iriscapturedevice
A functional module component that collects iris recognition feature information and converts it into iris samples.
3.4
Irissample
The analog or digital iris characteristic information value obtained from the iris acquisition module.
3.5
Iris feature item
A value or marker extracted from an iris sample and used for comparison.
6 Business Process
The iris recognition process of mobile devices mainly includes the iris registration process, the iris recognition process and the iris deregistration process.
a) The iris registration process, including but not limited to the following steps.
1) Start the iris registration process;
2) Perform identity authentication and permission check on the user. If the authentication is passed, then perform iris sample collection, otherwise re-identify
Identification and authorization check;
3) Perform quality judgment on the collected iris samples, present attack detection, and extract the iris feature data if the detection passes.
Otherwise, restart the iris sample collection;
4) Store the iris feature item data as the user's iris template and associate it with the user's identity;
5) End the iris registration process and record the iris registration log.
b) The iris recognition process, including but not limited to the following steps.
1) Start the iris recognition process;
2) Carry out iris sample collection;
3) Perform quality judgment on the collected iris samples, present attack detection, and extract the iris feature data if the detection passes.
Otherwise, restart the iris sample collection;
4) Compare the extracted iris feature item data with one or more stored iris templates;
5) Make a judgment decision based on the comparison result and transmit it to the mobile application;
6) End the iris recognition process and record the iris recognition log.
c) Iris cancellation process, including but not limited to the following steps.
1) Start the iris logout process;
2) Delete all iris feature data associated with the user to be logged off and the identity of the user to be logged off;
3) End the iris log-off process and record the log of iris log-off.
7 Functional requirements
7.1 General requirements
7.1.1 Basic functions
The iris recognition of mobile devices shall meet the basic functional requirements of 6.1.1 in GB/T 37036.1-2018, including but not limited to.
a) Applicable to users of different races and ages;
b) Should support iris recognition with colorless lenses or colorless contact lenses;
c) Applicable to mobile device users and iris recognition system administrators;
d) The iris recognition service provider should support the setting of the iris comparison threshold;
e) It is advisable to support the setting of performance indicators such as registration time, recognition time, and presence attack detection threshold.
7.1.2 Management function
The iris recognition of mobile devices shall meet the management function requirements of 6.1.2 in GB/T 37036.1-2018, including but not limited to.
a) Support functions such as new user registration, registered user iris template deletion and update, and registered user logout;
b) Support user registration and store iris template;
c) Support the usage rights of different users such as users and iris recognition system administrators, respectively in the collection, storage and comparison of iris features
Have a corresponding authority management mechanism;
d) In the remote recognition mode, it has the function of setting the iris server address and service port;
e) Ability to handle abnormal situations, including but not limited to the failure of iris sample collection, the failure of iris sample to pass the quality judgment, and the presentation of attack
No response to click detection, iris feature extraction failed, iris template registration failed, iris template deletion failed, iris feature comparison failed
The processing mechanism for failure, identification decision failure, and transmission failure, such as prompting the user to re-collect or prompting failure, etc.
7.1.3 Log management function
The iris recognition of mobile devices should have log management functions, and the events that generate log records should include but are not limited to.
a) Success or failure in the registration process;
b) Success or failure in the identification process;
c) Success or failure events during the logout process;
d) Update of iris template, etc.
For each event, the log record should include the event occurrence time, event type, user, event execution result or failure reason, log
Effective time, etc.
7.2 Iris feature collection
7.2.1 Basic functions
Iris feature collection should meet the requirements of 6.2.1 in GB/T 37036.1-2018, including but not limited to.
a) Support the collection of iris samples in natural scenes. The wavelength of the light source should meet the requirements of 4.4.1 in GB/T 35783-2017.
Select the active light source in the wavelength range of 700nm~1000nm;
b) It has the function of adjusting the light intensity of the active light source to adapt to different environmental light intensities;
c) The iris collection module of a mobile device can be used to collect user iris samples. The content specification of iris samples should comply with GB/T 26237.6-
Requirements of Chapter 6 in.2014;
d) There is an obvious user prompt to inform the user that his iris sample has been collected. If the collection process is divided into multiple times, it should be used
The user clearly indicates the progress of each collection;
e) The iris feature item data should be extracted from the user's iris samples that have passed the quality judgment. The extraction process should adopt an irreversible method.
After the fetch is successful, perform iris feature storage or iris feature comparison;
f) Technical measures should be adopted to judge the distance of the user during the collection process, the deflection angle of the binocular collection, etc.
Prompt the user to cooperate and improve in the situation;
g) In the remote recognition mode, the data compression algorithm can be used to process the iris characteristic data and then transmit it to the iris server for processing.
7.2.2 Quality judgment
Iris feature collection should have a quality judgment function, and should meet the requirements of 6.2.2 in GB/T 37036.1-2018, including but not limited to available
The iris area, iris-sclera contrast, iris-pupil contrast, gray-scale utilization and iris radius, etc., shall be in accordance with GB/T 33767.6-
The provisions of 6.2.1, 6.2.2, 6.2.3, 6.2.5 and 6.2.6 in.2018.
7.2.3 Presentation attack detection
Iris feature collection should have the function of presenting attack detection, and should meet the requirements of 6.2.3 in GB/T 37036.1-2018 and ISO /IEC
The relevant regulations of 30107-3.2017.
It should support the detection function of two-dimensional presentation of attack types, and it should support the detection function of three-dimensional presentation of attack types. See Table 1.
See Appendix B for examples of click detection implementation.
It should be able to prompt and present the attack detection result.
Perform corresponding operations within the scope.
c) It should have the ability to check the operating environment when operating in the remote recognition mode, and should have the corresponding handling when an abnormality in the operating environment is found
Measures, such as reminding users of security risks, closing applications, etc.
d) When a mobile device supports a trusted environment such as TEE or SE, it should be combined with the trusted environment to enhance security, including but not limited to.
1) The security services in TEE or SE should be used, such as secure encryption and decryption services, secure clock services, random number services, etc.;
2) Interaction with users should be realized through the trusted interactive interface in TEE;
3) The key involved should be stored in the TEE or SE.
e) In the remote identification mode, security measures should be taken to protect the security of the transmitted data, including but not limited to.
1) When the mobile device transmits the collected iris sample data or characteristic data to the iris server, effective security should be adopted.
Safely protect the confidentiality and integrity of the data in a way;
2) When the iris server completes the identification and returns the results of quality judgment, presentation attack detection, similarity calculation, and identification decision-making,
Effective security methods should be adopted to protect the confidentiality and integrity of data.
f) Security reinforcement measures should be taken to enhance the level of security protection, including but not limited to.
1) Adopt technical methods such as recompilation, packer protection, and modification of the order of command calls to enhance anti-cracking capabilities;
2) It should have the ability to check the integrity of its own code and files during operation;
3) Do anti-injection processing to your own code to prevent malicious attackers from injecting into the application, modifying code logic, and intercepting sensitive data.
According to other operations.
g) It has an effective security mechanism to protect the confidentiality and integrity of data, and the following requirements should be met when performing iris recognition operations.
1) The accuracy of reading the iris characteristic data;
2) Iris characteristic data will not be stolen or tampered with;
3) The similarity calculation result will not be stolen or tampered with;
4) Identify that the decision-making results are not stolen or tampered with;
5) The quality judgment result will not be stolen or tampered with;
6) Show that the attack detection result has not been stolen or tampered with;
7) After the comparison, the user's iris sample data, iris feature data, and other data generated during the comparison process are immediately cleared.
Data such as similarity score, etc.;
8) The deleted iris feature data cannot be restored.
9.2.2 Iris feature collection
In addition to the safety requirements for iris feature collection of mobile equipment, it should meet the requirements of 7.2 in GB/T 37036.1-2018, and should also meet the following
Claim.
a) It has a time-out processing mechanism, that is, within the set effective time, if it is unable to collect the quality requirements and pass the presentation attack detection
When measuring the iris sample, it will automatically exit the operation;
b) Effective security measures should be taken to protect the sensitive data entered by the user or the collected user iris data to ensure
Its confidentiality and integrity will not be illegally stolen or tampered with, for example, it can be combined with the trusted environment in the mobile device to achieve protection
Features;
c) Use an irreversible calculation method to extract iris feature data from the user's iris sample data, and the feature extraction process ends
After that, the user's iris sample data will be cleared in time to ensure that it cannot be recovered.
9.2.3 Iris feature storage
In addition to the requirements of 7.3 in GB/T 37036.1-2018, the safety requirements for the storage of iris features of mobile devices should also meet the following requirements
Claim.
a) The user's iris characteristic data can only be accessed, added, deleted or updated after the identity authentication is passed;
b) In the local recognition mode, effective security measures should be taken to protect the locally stored user iris data to ensure its
Confidentiality and integrity, not to be illegally stolen or tampered with, for example, it can be combined with the trusted environment in the mobile device to realize the protection function;
c) In remote recognition mode.
1) It is advisable to store the user's iris template in an encrypted manner, and implement an access control strategy for the stored user's iris data;
2) The user's iris data should be anonymized, and the user identification information should be stored in technical isolation, such as
Logical isolation or physical isolation.
9.2.4 Iris feature comparison
In addition to the safety requirements of mobile device iris feature comparison, it should meet the requirements of 7.4 in GB/T 37036.1-2018, as well as the following
Claim.
a) In the local recognition mode, the iris feature comparison function is generally implemented in the form of software, and effective safety measures should be taken to ensure
Its security, and effective security measures are taken to ensure the user iris data used in the comparison process and the identification decision results
The confidentiality and integrity of the mobile device, such as the realization of the trusted environment in the mobile device;
b) In the remote identification mode.
1) Effective security measures should be taken on the iris server to protect the iris feature comparison function to ensure that the comparison process
The confidentiality and integrity of the user's iris data used and the integrity of the identification decision results;
2) It should be combined with the trusted environment to enhance the security of the iris feature comparison function, such as storing and using secure communication in a trusted environment
The key involved uses a trusted interactive interface to show the user the results of the identification and decision-making.
9.2.5 Log
There should be an authorization management mechanism to manage the access, modification, and deletion permissions of the log.
Security measures should be taken to protect the integrity of log information, such as digital signatures.
Clear text iris data, key information, or other security-related parameters should not appear in the log records.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 37036.4-2021_English be delivered?Answer: Upon your order, we will start to translate GB/T 37036.4-2021_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 37036.4-2021_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 37036.4-2021_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|