BS ISO IEC 29164:2011 establishes a standardized interface for hardware biometric modules intended for integration into embedded systems, which may have limitations in memory and computational capacity. It specifies a comprehensive interface for these hardware-based biometric modules, referred to as Embedded BioAPI, which outlines the commands that these modules must implement.
The specification is structured at two levels:
- For low-level implementations, a detailed frame definition is provided, along with the encoding of all commands and their corresponding responses. This is defined as a single-master/multiple-slave half-duplex protocol, allowing these messages to be utilized over any communication interface at the physical and link layers. The definition of these communication interfaces is not covered by this International Standard.
- A function header description based on C is included for manufacturers who wish to offer a C-library for integration as a Software Development Kit (SDK) for the complete embedded system.
In terms of security, this International Standard categorizes devices into two types:
- Type A: Devices that do not implement any security mechanisms due to limited processing capabilities.
- Type B: Devices that incorporate security mechanisms to ensure confidentiality, integrity, and/or authenticity. The use of Type B devices is recommended. Minimum requirements for Type B devices are specified, but the selection of security mechanisms is beyond the scope of this International Standard.
The normative part of this International Standard does not cover low-level implementation, although an informative annex (see Annex B) is included.
While security mechanisms are acknowledged in this International Standard, they are not extensively addressed and are referenced to other relevant standards. Specifically, key management falls outside the purview of this International Standard and should be conducted prior to applying this standard.
Specifications and requirements for Embedded BioAPI subcomponents, or any devices suitable for implementing Embedded BioAPI, are also outside the scope of this International Standard.
