TECHNICAL ISO/IEC TR REPORT 30125 Firstedition 2016-05-01 Information technology - Biometrics used with mobile devices Technologies de I'information-Biométrie utilisee avec des appareils mobiles Reference number IS0/IECTR30125:2016(E) IEC Intemational Organization for Standardization IG INST OF STANDARDIZATION C1 5956617 @IS0/IEC2016 No reproduction or itted without license from IHS IS0/IECTR30125:2016(E) COPYRIGHTPROTECTEDDOCUMENT IS0/IEC 2016,Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISO's member body in the country of the requester. ISo copyright office Ch. de Blandonnet 8.CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +4122 749 09 47 [email protected] www.iso.org Uicensee-ZHEJIANG INST OF STANRAJSAANFEC3d6 -All rights reserved etworking permitted without license from IHS Not for Resale, 2016/7/20 08:18:50 IS0/IECTR30125:2016(E) Contents Page Foreword ..iv Introduction.. ... 1 Scope. 2 Normative references 3 Terms and definitions 4 Abbreviatedterms ..2 5 The use of biometrics in mobile devices .2 5.1 Taxonomy of usage of biometrics in mobile devices .2 5.1.1 General .2 5.1.2 Generic considerations for all use cases. .2 5.1.3 Accesstothedevice.. 4 5.1.4 Access to the local applications, services and/or data. 4 5.1.5 Accesstothecommunicationschannel 5 5.1.6 Verification/authentication of, or to, a remote resource or point of transaction... .5 5.2 Genericchallengesintheintegrationofbiometrics inmobiledevices. .6 5.2.1 Computational power 6 5.2.2 Data protection and privacy .6 5.2.3 Biometric sample capture .8 5.2.4 Sample authentication process 9 5.2.5 Usability... ..10 5.2.6 Solution testing ..12 5.2.7 Challenges common to other scenarios and platforms ..12 6 Biometrics services withinthe Osof themobile device ..13 7 Biometricservicesattheapplicationlevelinamobiledevice ..15 8 Biometric application development [using the biometric engine(s) provided) .16 9 Functional and operational guidance .20 9.1 General guidance. .20 9.1.1 Guidance on functional architecture 20 9.1.2 Guidance on environmental conditions and constraints 20 9.2 Guidanceforenrolment. 20 9.2.1 Generalguidanceforenrolment. .20 9.2.2 Supervised enrolment .21 9.2.3 Unsupervised enrolment .21 9.3 Guidance for authentication .22 9.3.1 Remote unsupervised authentication .22 9.3.2 Local unsupervised authentication .23 10 Useofmulti-factorauthentication. .23 10.1 Fusionand scoresformulti-biometrics .23 10.2 Combining biometric and non-biometric authentication techniques for greater securityand/orusability ..24 11 Biometricmodalityspecificguidance ..24 Bibliography .27 iii See=ZHEJIANG INSTOFSTANDARDIZATION C15956617 No reproduction or networking permi ed without license from IHS