BS ISO/IEC 19795-5:2011
Information technology. Biometric performance testing and reporting Access control scenario and grading scheme
Standard number: | BS ISO/IEC 19795-5:2011 |
Pages: | 48 |
Released: | 2011-03-31 |
ISBN: | 978 0 580 56518 2 |
Status: | Standard |
BS ISO/IEC 19795-5:2011
This standard BS ISO/IEC 19795-5:2011 Information technology. Biometric performance testing and reporting is classified in these ICS categories:
- 35.240.15 Identification cards. Chip cards. Biometrics
This part of ISO/IEC 19795:
-
defines a common biometric access control scenario for use in scenario evaluation of biometric verification systems;
-
provides a grading scheme for expressing quantitative biometric system requirements and performance levels;
-
provides a common basis for conducting scenario evaluations to demonstrate that specified performance grades are being achieved which is adaptable to particular testing facilities and to specific biometric systems.
This part of ISO/IEC 19795 is applicable to performance testing of biometric systems without detailed knowledge of the comparison algorithms or of the underlying distribution of biometric characteristics in the population of interest.
The minimum false accept rate (FAR) tested by this part of ISO/IEC 19795 is 0.1%. If a lower FAR is required, customized testing (outside the scope of this part of ISO/IEC 19795) might be appropriate, and needs to be fully compliant with ISO/IEC 19795-2.
This part of ISO/IEC 19795 addresses testing a biometric system for physical access control, and the suitability of the testing for logical access devices needs to be determined on a case-by-case basis.
Not within the scope of this part of ISO/IEC 19795 is the measurement of error and throughput rates for people deliberately trying to circumvent correct recognition by the biometric system (i.e. active impostors). In addition, this part of ISO/IEC 19795 does not assess the following:
-
reliability, availability and maintainability;
-
security, including vulnerability;
-
human factors, including user acceptance;
-
environmental impacts;
-
safety;
-
cost/benefit/suitability;
-
privacy regulation compliance.
These assessments are the responsibility of the procuring authority.