Glossary of ID4D terms
BiometricUpdate.com has developed a fully cross-referenced glossary of ID4D terms concerning digital identification systems used to improve development outcomes. Below are some commonly used terms and their meanings.
AFIS or Automated Fingerprint – A database of fingerprints used by law enforcement agencies. However, some civil or government agencies may also use the same database to verify identities.
Algorithm – A sequence of instructions that instructs a biometric system on how to solve a problem. It could have a finite number of steps in the instruction to use in computing whether the sample and the template are matched.
Application Program Interface (API) – A set of protocols use to standardize an application by a developer. For example, an API may be added or interchanged by an application developer into any biometric system.
Artificial Intelligence (AI) – In the context of identification systems, algorithms that adjust to new input to recognize patterns with increasing accuracy. Different models of AI systems, notably including convolutional neural networks (CNNs), are used to process large amounts of data to produce risk or trust scores, or to perform highly precise and accurate biometric matching.
Authentication – A method of proving the truth of a claim. Biometric data is considered to be correct and valid. Also known as “validation.”
Authorization – Authorization is permission granted by an authority to perform a given action. That permission is usually based on an understanding of what the individual or entity seeking to perform the action is allowed to do, and therefore requires that the identity of the individual or entity be authenticated.
Biometric – A physical trait or pattern which is unique to every individual. It often used to verify and authenticate a person’s identity who is enrolled into a system. Biometric patterns can be anything from fingerprints, iris scans, facial recognition or even voice recognition.
Blockchain – A distributed digital record of transactions or interactions, in which each “block” includes a cryptographic hash of the previous one. This makes it difficult or nearly impossible to tamper with records, which makes blockchain potentially useful for identification purposes, as well as cryptocurrencies.
Credential – A credential is an assertion about identity made by the entity that issues it. Identity documents such as birth certificates and passports, therefore, are credentials, as is a digital token which asserts that the user of a mobile device is a certain individual. Login information, such as a username and password, are knowledge-based credentials asserted by the user.
Deduplication – In identity systems deduplication is the search for and resolution of multiple claims to the same identity information, such as those made due to clerical processes or fraud. Biometric identifiers are often added to existing systems as a means of deduplication.
Development – In the context of the United Nations Sustainable Development Goals, “development” is meant in the economic sense of improving living standards and socio-economic participation. The World Commission on Environment and Development in 1987 defined sustainable development as “development that meets the needs of the present without compromising the ability of future generations to meet their own needs.”
Device ID (Device Fingerprinting) – As opposed to scanning a user fingerprint as a biometric for authentication of the individual, device fingerprinting is the use of publicly available data, such as device type and geolocation, to create device identifiers (the “fingerprint”) in environments where the existing device ID is not supported, or not shared by the user.
Digital Identity – A representation of an individual used for online or networked interactions. The representation is functional if it is distinct, continuous, and verifiable. Accounts are assigned to digital identities, after which they can be sometimes be used as a part of that identity.
EMV – A technical standard for digital payment cards and terminals. Named for the companies that developed it; Europay, Mastercard, and Visa. Effectively a global standard for chip-card payments.
Encryption — The conversion of any biometric data into a code which cannot be easily read. A password may be used to decrypt or decode the data.
Enroll — The user who has their biometric template entered into the system.
Failure to Acquire – A biometric system fails to capture, extract and store the data.
False Acceptance – The biometric system accepts either a false identity or incorrectly identifies a wrong identity against a claimed one.
False Match Rate — The moment a match between enrollee and submitted data is done which in turn results to a rejection.
False Rejection – Occurs when an enrolled identity is rejected by the system or when it fails to verify a legitimate identity.
False Rejection Rate – The probability that a biometric system will fail to identify a legitimate identity.
Federated – In identity, federation refers to the use of a token from one authentication process to authenticate the same user for a different system or systems. Federated identity systems, therefore, can be used to minimize the storage and transmission of sensitive personal information.
Foundational ID – An identity established within a system meant to be used by other entities. State’s often operate foundational ID systems through Civil Registration and Vital Statistics (CRVS) agencies with centralized databases. India’s Aadhaar and Social Security Number in the U.S. are examples of foundational ID, and in some cases birth certificates, passports, and other government-issued credentials are used as foundational IDs.
Functional ID – An identity established within a system for a specific purpose, such as to access services from a particular government department or financial institution.
Identification – The recognition of an individual out of a class or group of people, sometimes expressed as “1 to N.” Answers the question; “who are you?”
International Standards Organization (ISO) – ISO is a leading global standards body made up of representatives from national standards bodies. It maintains a set of standards related to identity systems in general, as well as specific standards for biometrics. In describing a healthy and harmonized identity system in the ID4Africa 2018 Almanac, Dr. Joseph Atick identifies 10 different important ISO standards, along with several others.
KYC/AML – Know your customer and anti-money laundering refer to requirements and related processes for determining the identity of customers to comply with industry regulations. KYC requirements commonly apply to telecom network operators or SIM vendors, and AML requirements commonly apply to banks and other financial institutions.
Multi-factor/MFA – A system in which two or more different credentials are required for authentication. The credentials can be based on knowledge, possession, and inherence (something you are), and multi-factor systems usually require users to present evidence from at least two of those categories.
National Institute of Standards and Technology (NIST) – Officially a part of the U.S. Department of Commerce, but provides non-partisan standards and guidelines used internationally. NIST produces resources for cybersecurity and biometric systems, and tests the accuracy of commercial biometric algorithms.
NFC – Near-field communication (NFC) is a set of protocols for a method of wireless data transfer between two devices. The technology is evolved from radio frequency identification (RFID) chips, and typically works up to about 10 cm. NFC chips are sometimes embedded in smartphones, ID cards, and passports.
OTP – A one-time password (OTP) is a knowledge-based authenticator valid for only a single log-in session or transaction on a digital service, within a limited time. The OTP is usually generated by the service and transmitted to the user by email or SMS message. Often used as part of two-factor authentication (2FA).
Personal Identification Number (PIN) — Usually a four-digit number is entered into a system to gain access.
Protocol – In computer science, a protocol is a set of procedures or rules for transmitting data between devices. Important protocols in networking include TCP/IP, which connects devices in a network or on the internet, and HTTP, which governs interactions between web servers and browsers. There are also protocols for particular types of communication, such as FIDO protocols, which define public key cryptography techniques for user authentication.
Revocation – The termination of the validity of a credential or token, often based on a time limit.
SDK — A software development kit (SDK) is a collection of resources for developers to extend the functionality of an application to work with something else, usually another application, service, or platform. An SDK typically consists of one or more application programming interfaces (APIs), and programming tools (such as debugging), sample code, and technical and support documents to enable the API’s implementation.
Sustainable Development Goals (SDGs) – The UN Sustainable Development Goals are a set of 17 goals, each including several of 169 specific targets, intended to transform the world for the better by 2030. They were adopted as a 15-year action plan for the betterment of “people, planet, and prosperity,” which also emphasizes peace and individual freedoms. SDG 16.9 is the establishment of legal identity for all people worldwide, beginning with birth registration.
Template – In biometrics, a template is the digital representation of the features or characteristics used for matching, rather than the original captured image. Entered in a database to be used for online authentication or stored locally on a device for user verification. Should be stored in encrypted form.
Token/Tokenization – Tokenization in data security is the conversion of a sensitive data element into a digital token, which can then be transmitted with a significantly lower security risk.
Trust Score – An assessment performed by an authentication service of the reliability of information about a particular service user, usually aggregated from device or application usage and other information sources. Also used to combine the probability of a correct match in multi-factor identification systems.
Verification – The recognition of an individual as matching given identity data. Verification is sometimes expressed as “1 to 1” matching, and answers the question “are you who you claim to be?”