1
/
of
8
PayPal, credit cards. Download editable-PDF and invoice in 1 second!
GB/T 37036.1-2018 English PDF (GBT37036.1-2018)
GB/T 37036.1-2018 English PDF (GBT37036.1-2018)
Regular price
$190.00 USD
Regular price
Sale price
$190.00 USD
Unit price
/
per
Shipping calculated at checkout.
Couldn't load pickup availability
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GB/T 37036.1-2018
Historical versions: GB/T 37036.1-2018
Preview True-PDF (Reload/Scroll if blank)
GB/T 37036.1-2018: Information technology -- Biometrics used with mobile devices -- Part 1: General requirement
GB/T 37036.1-2018
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.240.15
L 71
Information Technology - Biometrics Used with Mobile
Devices - Part 1: General Requirement
ISSUED ON: DECEMBER 28, 2018
IMPLEMENTED ON: JULY 1, 2019
Issued by: State Administration for Market Regulation;
Standardization Administration of the People’s Republic of
China.
Table of Contents
Foreword ... 3
1 Scope ... 4
2 Normative References ... 4
3 Terms and Definitions ... 4
4 Technology Architecture ... 6
5 General Process ... 7
6 Functional Requirements ... 8
7 Security Requirements ... 12
Appendix A (informative) A Typical Application Scenario of Biometrics Used with
Mobile Devices ... 15
Bibliography ... 17
Information Technology - Biometrics Used with Mobile
Devices - Part 1: General Requirement
1 Scope
This Part of GB/T 37036 specifies the technology architecture, general process,
functional requirements and security requirements of biometrics used with mobile
devices.
This Part is applicable to the design, production, integration and application of
biometric system used with mobile devices.
2 Normative References
The following documents are indispensable to the application of this document. In
terms of references with a specified date, only versions with a specified date are
applicable to this document. In terms of references without a specified date, the latest
version (including all the modifications) is applicable to this document.
GB/T 26237 (all parts) Information Technology - Biometric Data Interchange Formats
GB/T 26238 Information Technology - Terminology for Biometrics
GB/T 33767.1-2017 Information Technology - Biometric Sample Quality - Part 1:
Framework
GB/T 35273-2017 Information Security Technology - Personal Information Security
Specification
ISO/IEC 30107 Information Technology - Biometric Presentation Attack Detection
3 Terms and Definitions
What is defined in GB/T 26238, and the following terms and definitions are applicable
to this document.
3.1 Mobile Device
Mobile device refers to a small and hand-held information technology product that can
be connected to the network.
NOTE: Mobile devices may include tablet computers and mobile smart terminals.
the mobile device, which has a relatively strong security capability to ensure that the
application programs and sensitive data running in it are stored, processed and
protected in a relatively trusted environment.
4 Technology Architecture
The biometric technology architecture used with mobile devices is mainly constituted
of several functional modules on the mobile device side and the server side, which
mainly include: biometric collection module, biometric storage module and biometric
comparison module, etc. Specifically speaking, biometric collection module includes
sub-functional modules like biometric sample collection, quality judgment, presentation
attack detection and biometric item extraction. Biometric sample collection collects
user’s biometric samples by accessing the biometric collection elements (such as:
image collection element, audio collection element and fingerprint sensing element,
etc.) in the mobile device.
Under normal circumstances, the biometric process on mobile device may be locally
completed in the mobile device; the biometric result is output to the mobile application
calling the biometric service. The mobile application is a service caller of biometrics in
a mobile device. It can provide a system service to an independent mobile application
software, a functional module in the mobile application software or the mobile device
operating system. In certain application scenarios, some modules or sub-modules of
biometrics, such as: quality judgment, presentation attack detection and biometric item
extraction, as well as biometric storage module and biometric comparison module, can
complete the corresponding functions on the server side.
See Appendix A for a typical application scenario of biometrics used with mobile
devices.
The technology architecture of biometrics used with mobile devices is shown in Figure
1.
2) The biometric collection module in the mobile device collects the user’s
biometric samples, and through quality judgment and presentation attack
detection, further extracts the user’s biometric items.
3) Store the user’s biometric items in the biometric storage module as this
user’s biometric template; associate it with the user’s identity.
4) End the enrollment process.
b) The recognition process includes the following steps:
1) The user initiates the recognition process in the mobile device.
2) The biometric collection module in the mobile device collects the user’s
biometric samples, and through quality judgment and presentation attack
detection, further extracts the user’s biometric items.
3) Compare the extracted user biometric items with one or multiple biometric
templates stored in the biometric storage module.
4) In accordance with the comparison result, make recognition decisions
and output the recognition results.
5) End the recognition process.
c) The log-out process includes the following steps:
1) The user initiates the log-out process on a mobile device.
2) In the biometric storage module in the mobile device, delete all the
biometric templates associated with the user to be logged out; delete the
identity of the user to be logged out.
3) End the log-out process.
6 Functional Requirements
6.1 General Requirements
6.1.1 Basic functions
The basic functions of biometrics used with mobile devices include, but are not limited
to:
a) It should be applicable to users of difference races and ages;
b) It should be applicable to mobile device users and biometric system
administrators;
biometric comparison. An irreversible mode should be adopted to extract
biometric items from user’s biometric samples;
d) It shall be able to transmit the extracted user’s biometric items to the
subsequent processing modules, for example, biometric storage module or
biometric comparison module;
e) It shall be equipped with the capability of determining and handling abnormal
conditions, such as corresponding processing mechanisms for biometric
sample collection failure, failed biometric sample quality judgment, detection
of presentation attacks and biometric item extraction failure, etc.
6.2.2 Quality judgment
It shall be able to judge the quality of the collected user’s biometric samples, so as to
determine whether the current biometric samples meet the requirements of biometric
processing.
When the biometric samples fail to pass the quality judgment, it shall be equipped with
a corresponding processing mechanism, for example, prompting the user to re-collect,
or prompting that there is a failure.
In accordance with different biometric modalities, the basis for quality judgment shall
comply with the requirements of GB/T 33767.1-2017 for sample quality.
6.2.3 Presentation attack detection
It shall be able to conduct presentation attack detection on the currently collected
user’s biometric samples, so as to prevent malicious forgery. When presentation attack
is detected, there shall be corresponding processing mechanism, for example, failure
/ error prompts or risk prompts.
Presentation attack detection shall comply with the methods of ISO/IEC 30107.
6.2.4 Data interchange format
For the successfully collected user’s b...
Get QUOTATION in 1-minute: Click GB/T 37036.1-2018
Historical versions: GB/T 37036.1-2018
Preview True-PDF (Reload/Scroll if blank)
GB/T 37036.1-2018: Information technology -- Biometrics used with mobile devices -- Part 1: General requirement
GB/T 37036.1-2018
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.240.15
L 71
Information Technology - Biometrics Used with Mobile
Devices - Part 1: General Requirement
ISSUED ON: DECEMBER 28, 2018
IMPLEMENTED ON: JULY 1, 2019
Issued by: State Administration for Market Regulation;
Standardization Administration of the People’s Republic of
China.
Table of Contents
Foreword ... 3
1 Scope ... 4
2 Normative References ... 4
3 Terms and Definitions ... 4
4 Technology Architecture ... 6
5 General Process ... 7
6 Functional Requirements ... 8
7 Security Requirements ... 12
Appendix A (informative) A Typical Application Scenario of Biometrics Used with
Mobile Devices ... 15
Bibliography ... 17
Information Technology - Biometrics Used with Mobile
Devices - Part 1: General Requirement
1 Scope
This Part of GB/T 37036 specifies the technology architecture, general process,
functional requirements and security requirements of biometrics used with mobile
devices.
This Part is applicable to the design, production, integration and application of
biometric system used with mobile devices.
2 Normative References
The following documents are indispensable to the application of this document. In
terms of references with a specified date, only versions with a specified date are
applicable to this document. In terms of references without a specified date, the latest
version (including all the modifications) is applicable to this document.
GB/T 26237 (all parts) Information Technology - Biometric Data Interchange Formats
GB/T 26238 Information Technology - Terminology for Biometrics
GB/T 33767.1-2017 Information Technology - Biometric Sample Quality - Part 1:
Framework
GB/T 35273-2017 Information Security Technology - Personal Information Security
Specification
ISO/IEC 30107 Information Technology - Biometric Presentation Attack Detection
3 Terms and Definitions
What is defined in GB/T 26238, and the following terms and definitions are applicable
to this document.
3.1 Mobile Device
Mobile device refers to a small and hand-held information technology product that can
be connected to the network.
NOTE: Mobile devices may include tablet computers and mobile smart terminals.
the mobile device, which has a relatively strong security capability to ensure that the
application programs and sensitive data running in it are stored, processed and
protected in a relatively trusted environment.
4 Technology Architecture
The biometric technology architecture used with mobile devices is mainly constituted
of several functional modules on the mobile device side and the server side, which
mainly include: biometric collection module, biometric storage module and biometric
comparison module, etc. Specifically speaking, biometric collection module includes
sub-functional modules like biometric sample collection, quality judgment, presentation
attack detection and biometric item extraction. Biometric sample collection collects
user’s biometric samples by accessing the biometric collection elements (such as:
image collection element, audio collection element and fingerprint sensing element,
etc.) in the mobile device.
Under normal circumstances, the biometric process on mobile device may be locally
completed in the mobile device; the biometric result is output to the mobile application
calling the biometric service. The mobile application is a service caller of biometrics in
a mobile device. It can provide a system service to an independent mobile application
software, a functional module in the mobile application software or the mobile device
operating system. In certain application scenarios, some modules or sub-modules of
biometrics, such as: quality judgment, presentation attack detection and biometric item
extraction, as well as biometric storage module and biometric comparison module, can
complete the corresponding functions on the server side.
See Appendix A for a typical application scenario of biometrics used with mobile
devices.
The technology architecture of biometrics used with mobile devices is shown in Figure
1.
2) The biometric collection module in the mobile device collects the user’s
biometric samples, and through quality judgment and presentation attack
detection, further extracts the user’s biometric items.
3) Store the user’s biometric items in the biometric storage module as this
user’s biometric template; associate it with the user’s identity.
4) End the enrollment process.
b) The recognition process includes the following steps:
1) The user initiates the recognition process in the mobile device.
2) The biometric collection module in the mobile device collects the user’s
biometric samples, and through quality judgment and presentation attack
detection, further extracts the user’s biometric items.
3) Compare the extracted user biometric items with one or multiple biometric
templates stored in the biometric storage module.
4) In accordance with the comparison result, make recognition decisions
and output the recognition results.
5) End the recognition process.
c) The log-out process includes the following steps:
1) The user initiates the log-out process on a mobile device.
2) In the biometric storage module in the mobile device, delete all the
biometric templates associated with the user to be logged out; delete the
identity of the user to be logged out.
3) End the log-out process.
6 Functional Requirements
6.1 General Requirements
6.1.1 Basic functions
The basic functions of biometrics used with mobile devices include, but are not limited
to:
a) It should be applicable to users of difference races and ages;
b) It should be applicable to mobile device users and biometric system
administrators;
biometric comparison. An irreversible mode should be adopted to extract
biometric items from user’s biometric samples;
d) It shall be able to transmit the extracted user’s biometric items to the
subsequent processing modules, for example, biometric storage module or
biometric comparison module;
e) It shall be equipped with the capability of determining and handling abnormal
conditions, such as corresponding processing mechanisms for biometric
sample collection failure, failed biometric sample quality judgment, detection
of presentation attacks and biometric item extraction failure, etc.
6.2.2 Quality judgment
It shall be able to judge the quality of the collected user’s biometric samples, so as to
determine whether the current biometric samples meet the requirements of biometric
processing.
When the biometric samples fail to pass the quality judgment, it shall be equipped with
a corresponding processing mechanism, for example, prompting the user to re-collect,
or prompting that there is a failure.
In accordance with different biometric modalities, the basis for quality judgment shall
comply with the requirements of GB/T 33767.1-2017 for sample quality.
6.2.3 Presentation attack detection
It shall be able to conduct presentation attack detection on the currently collected
user’s biometric samples, so as to prevent malicious forgery. When presentation attack
is detected, there shall be corresponding processing mechanism, for example, failure
/ error prompts or risk prompts.
Presentation attack detection shall comply with the methods of ISO/IEC 30107.
6.2.4 Data interchange format
For the successfully collected user’s b...
Share
