BS PD ISO/IEC TR 29156:2015

BS PD ISO/IEC TR 29156:2015 provides guidance on specifying performance requirements for authenticationusing biometric recognition in order to achieve desired levels of security and usability for theauthentication mechanism.Guidance addresses issues such as the following:

• the biometric performance metrics that impact security and usability;
• comparing and quantifying the security and usability of biometrics and other authenticationmechanisms, when used alone or in combination;
• how to combine performance of individual authentication elements in order to meet an overallsecurity and usability requirement;
• the trade-off between security and usability in applications using biometric recognition;
• considerations in maintaining security and usability in systems incorporating biometrics.

The guidance is targeted towards applications that

• use biometrics for the authentication of individuals, and
• are of small to medium size (in terms of the number of enrolled individuals).

The guidance does not address the following:

• surveillance systems;
• systems whose primary aim is to detect and prevent attempts by individuals to create multipleenrolments under different identities;
• systems with a large and diverse population of enrolees, which can include people with special needs;
• other systems with a complex mix of functional, security and usability requirements.

Such large-scale applications are typically the domain of large organizations, and it is assumed that thedevelopers of such systems will have access to appropriate biometric expertise able to provide guidancebeyond the scope of this Technical Report.This Technical Report does not address biometric modality and technology specific issues, nor does itprovide quantitative biometric performance requirements that would satisfy a particular application.Cross References:ISO/IEC 2382ISO/IEC 2382-37ISO 9241-171:2008ISO 9241-210:2010ISO 13407ISO/IEC 29003ISO/IEC 29115ISO/IEC 30107-3ISO/TS 16071ISO/IEC/TR 24714-1ISO/IEC/TR 29196