BSI standards to help biometric integration

Guide could be used in smartcard roll-outs

IT managers considering biometric technology to enhance security and tighten identity management were given new guidance in September with the launch of international standards for biometric systems. The guidelines from the British Standards Institution (BSI) will also be used to underpin the government’s identity card scheme if the controversial programme gets approval.

The BS ISO/IEC 19794 series of standards provide technical guidelines covering the use of “biological properties”, such as fingerprints, iris scans and facial recognition, to identify individuals. They introduce best practices for both the collection of biometric data and the storing of that data on corporate databases, and will also help to ensure different vendors’ biometric equipment and software is interoperable.

“The standards will enable one vendor’s equipment to produce a biometric data block in a format that can be compared directly with the relevant data block format produced by a different vendor’s equipment,” the BSI said in a statement.

Some of the standards will be used for the recording of biometric data for UK passports and identity cards, and the government has said the use of biometrics by government departments must also conform to the guidelines.

Experts welcomed the new standards claiming they would make it easier for firms to make purchasing decisions for biometric systems. Peter Dorrington, head of fraud solutions at software vendor SAS, said standards would also make integration easier for firms deploying biometric technologies.

However, Simon Davies of civil liberties group Privacy International said the standards would increase the threat to privacy by making it possible for corporate identity systems to interoperate with data on national ID cards.