November 2008

Fingerprint Templates

Views: 1.4K

www.sagem-securitie.com/

Fingerprint template describes the ISO formats and gives the results of interoperability tests carried out by independent laboratory.

This article explains what is a fingerprint template and presents the necessity of a common template format, for building systems that can operate over a period of several years, with equipment from various vendors. It describes the International Organisation for Standardisation (ISO) formats and gives the results of interoperability tests carried out by independent laboratory. It appears that, although interoperable, all templates from various vendors do not offer the same level of performances.

What does fingerprint reveal?

A fingerprint shows black and white lines, the ridges and the valleys. The ridges have particular points, bifurcations and ends, these points are called minutiae. The capture algorithm detects the minutiae in the fingerprint image, generally from 10 to 100 minutiae in a print, depending on the individual, then calculates the coordinates x & y, the tangent to the ridge at this point and some other additional parameters. Compiling these data makes the template file, this is characteristic of a finger, but it differs from one capture to the other. According to the finger, the vendor and the format, the length of a template varies practically from 170 bytes to a few kbytes. The comparison of two templates is called matching, it could be an identity verification, or 1:1 matching, called Authentication, as is used for checking that the person presenting a smartcard is really the official card owner. Matching could also concern a retrieval of identity among a list (database), it is a 1:N matching, called Identification, as for retrieving a criminal in a police investigation or to detect double identity when a person has registered himself two times in a programme. Both, Authentication and Identification process work with templates only, which make template generation and management of highest importance in a system.

According to its experience and technique, each vendor has developed its own algorithm for detecting the minutiae and determining the coordinates and parameters. Moreover, additional specific information may be used by vendors for their matching process. Algorithms and method of matching contribute significantly to the performances of the recognition process in terms of accuracy and speed, it is a major part in the vendor’s know-how.

Necessity of a universal standard

Currently, each vendor has developed its proprietary template format, with specific advantages, but such templates elaborated by one vendor cannot be processed by any other. This situation is acceptable for access control systems involving some thousands of employees in one or a few sites, and for a period of some years. But it is not acceptable for a state-wide system, involving millions of people, spread over a country and when their identity has to be managed over several years.

Thus, the ISO sub-committee SC37, dedicated to biometrics technology, was created in December 2002, and a common fingerprint template format has been addressed as an urgent matter. Two major standards were published, the ISO 19794-4 related to the image representation and the ISO 19794-2 related to the common template format. The consensus was built on a common view of the minutiae, based on vendors’ know-how as well as existing standards produced in USA by the AAMVA 2000 and in Germany by DIN V66400. The recommendation INCITS-378 was first issued by ANSI then the ISO committee resumed the work and created the ISO 19794-2 recommendation, officially published in 2005.

Description of the ISO formats

The ISO 19794-2 proposes a data format to provide minutiae description, according to several sub-types that target different applications; three sub-types are more commonly used:

  • The sub-type Format Minutiae Record (FMR), may accept up to 255 prints of 255 minutiae.
  • The sub-type FMC-NS (Format Minutiae Card-Normal Size) that accepts only one print.
  • The sub-type FMC-CS (Format Minutiae Card-Compact Size), limited to 512 bytes for two fingers, that offers the capability to record, into a smart card, the full set of minutiae of one finger, through a single APDU.

Other sub-types allow indication of all minutiae found on a rolled finger, or minutiae based on valleys instead of ridges. Basically, the FMR format starts with a header of 24 bytes, fixing the number of considered fingers and the maximum number of recorded minutiae per finger, then comes the first finger header (4 bytes) and the first finger data (x, y, tg, Q, 6 bytes for each minutia), then the second finger, FMC formats have no header and 5 bytes per minutia in NS type or 3 bytes in the SC type.

In addition, the format may include optional fields such as a fingerprint quality mark, the core and the delta location or the ridge count information, which is required by some vendors for their matching process.

Although the ISO recommendation stipulates a global format, with header and fingerprint data, the template files from various vendors are different for several reasons:

  • Number of considered fingers
  • Maximum number of minutiae per finger
  • False, spurious or true minutiae could be analysed differently by vendors
  • Due to the ridge width, a minutia point can be located on different pixels by vendors (see the diagram)
  • The optional fields.

Consequently, although interoperable, the ISO templates are different and provide different levels of accuracy depending on the vendor’s algorithms. In addition, the accuracy attained through standardised format is lower than with a full proprietary solution.

The MINEX tests and results

Within last years, several benchmarks have measured the gap between interoperable solutions versus proprietary solutions. The first was conducted by ILO for the seafarers’ ID documents in 2004; then the NIST, in USA, has launched the MINEX measurement campaign followed by the MTIT in Europe. The MINEX campaign started in 2004, and the US Federal Government took advantage of the results for the Personal Identity Verification (PIV) programme for public servants, which applies the M1 interoperable format, also called ANSI-378 equivalent to ISO 19794-2.

The interoperability test consists, for each vendor, to separate the encoder from the matcher process, and to match templates encoded by all vendors with matchers from all vendors, fixing the FAR at 1percent and to measure the FRR. The best matcher is the one that offers the lowest and the most stable FRR over all the templates.

As for the previous ILO testing campaign and MTIT, the MINEX reports I and II show that Sagem Securite, corresponding to vendor “D”, who is from the beginning one of the most active participant to various committees for standardisation, has the most interoperable matcher with the best FRR.

The integrators should select the right vendors

Although the best performances are obtained when templates are produced and are matched with equipment from the same vendor, the fingerprint templates, meeting the ISO recommendation 19794-2, give to large organisations such as government, ministries, banks and insurance companies, the capability to design and deploy large systems addressing the populations, and open to equipments from several vendors with a long term validity.

However, ISO templates from various vendors are not identical and offer different levels of performances in terms of interoperability, accuracy and speed. The integrators of systems and, consequently the users, will desire a significant advantage by selecting vendors according to their technical performances tested and measured by an independent authority such as NIST in the USA, which has performed the MINEX testing.

Comments

comments

Click to comment

Leave a Reply

Your email address will not be published.

Latest News

To Top