iBeta report compares ISO and FIDO standards for biometric presentation attack testing
The paper begins by describing the company’s two testing services, and how they both require two primary levels of PAD testing.
While both certifications are internationally accepted as conforming with biometric security standards, tests to obtain the ISO 30107 requires performance testing on only one level, and FIDO requires it at both levels.
More specifically, ISO conformance testing’s two modes are ‘liveness-only’ and ‘full-system.’
Both involve the creation of PAIs (presentation attack instruments) such as masks, designed to penetrate the system’s security safeguards, but while liveness-only testing evaluates a biometrics system’s ability to differentiate a living human being and an attack, full-system also tests the biometric system’s ability to identify an individual.
The FIDO Alliance Biometric Component Certification, on the other hand, includes a PAD testing phase, and a performance testing one.
The first sees the biometric system tested in a laboratory setting, and the second makes it undergo mass testing in a population mirroring real-world conditions.
Additional technical details about both certifications are available in the document’s full text, but iBeta included a section at the end of the report aimed at helping companies choose between ISO and FIDO PAD.
“For companies trying to sell their technology to banking or other financial institutions, those institutions will indicate which type of testing they require,” reads the report.
The iBeta Biometrics ISO PAD and FIDO Testing Comparison 2022 report concludes with a FAQ section addressing various matters regarding the company’s biometric testing methods, certification process, and more.
The research comes weeks after an in-depth analysis of PAD testing in an interview with the new deputy director of Biometrics at iBeta, David Yambay.