IEEE 2410-2019

The Biometric Open Protocol Standard (BOPS) provides three application-programming interface (API) calls to support biometric identification and authentication including liveness. The BOPS implementation allows the systems to meet security needs by using the API. The BOPS implementation need not know whether the underlying system is a machine learning model, a relational database management system (RDBMS), or a search engine. The BOPS implementation functionality offers a “point-and-cut” mechanism to add the appropriate security to the production systems as well as to the systems in development. Additionally, BOPS includes the biometric identification that the industry frequently calls the “one-to-many” (1:M) case. In the past, biometric identification was not considered because it requires a lookup against previously stored biometrics and this lookup required indexing and storing the biometric in plain text biometric identification. This specification includes biometric identification by using biometric features vectors as input to the enroll endpoint, biometric feature vectors as input to the predict endpoint, and either video or audio as input to the liveness endpoint.

This standard provides a biometric-agnostic, multilevel security protocol.

Revision Standard - Superseded. Identity assertion, role gathering, multilevel access control, assurance, and auditing are provided by the Biometric Open Protocol Standard (BOPS). An implementation of the BOPS III spec is described, which includes both the software running on the client device as well as the server. Pluggable components are allowed to replace existing components’ functionality, accepting integration into current operating environments in a short period of time. A “point-and-cut” mechanism to add the appropriate security to both development and production systems is offered through the BOPS implementation functionality. Homomorphic encryption and a tremendous simplification of the API are also described.