BioAPI (Biometric Application Programming Interface) is a key part of the International Standards that support systems that perform biometric enrollment and verification (or identification). It defines interfaces between modules that enable software from multiple vendors to be integrated together to provide a biometrics application within a system, or between one or more systems using a defined Biometric Interworking Protocol (BIP) – see below.
Biometrics (measurements of physical characteristics of a person) are increasingly being used to provide verification of the identity of an individual, once they have been enrolled (one or more of their physical characteristics has been measured).
Computer systems that perform biometric enrollment, verification, or identification are becoming increasingly used. The BioAPI specification enables such systems to be produced by the integration of modules from multiple independent vendors.
The BioAPI specification is one of a set of International Standards produced jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under their Joint Technical Committee 1 (JTC1), Subcommittee 37 on Biometrics.
The Standard was based on some early work done in the United States of America and by the BioAPI Consortium which was called BioAPI 1.0 and BioAPI 1.1, but these specifications were revised and extended when the work was introduced to ISO/IEC. The first international version was therefore called BioAPI 2.0. A subsequent international version of BioAPI containing extensions of the user interface-related features and other enhancements produced a BioApi 2.1. Further enhancements to BioAPI are expected.
BioAPI 2.0 is specified in ISO/IEC 19784-1 and was first published on 1 May 2006.
The purpose of the BioAPI specification is to define an architecture and all necessary interfaces (using C programming language specifications) to allow biometric applications (perhaps distributed across a network) to be integrated from modules provided by different vendors.
The ability for system integrator to produce complete systems using components from multiple vendors is essential in the rapidly changing technology of biometrics. It gives flexibility in the provision of modules, avoids vendor lock-in, provides a degree of future-proofing as the best available biometrics technologies change.
The modules being integrated may be software components containing capture devices, such as fingerprint readers, cameras for face recognition, iris scanners, signature recognition devices, vascular imaging systems, etc.
They can also be modules that provide support for image processing of biometric data, feature extraction (a form of compression that is specific to a given biometric technology and allows direct matching of the compressed formats – for example, the relative distances on the face of eyes, nose, mouth, or the number of ridges between identifiable ridge endings or ridge bifurcations).
In addition, modules that provide archiving and retrieval of biometric records to support matching or searching for a match are also a recognized part of the BioAPI architecture.
Applications can be concerned with personal identification (for example for credit cards), or with more specific areas such as identity card verification, checks for duplicate enrollment, passports, or physical access control in a commercial environment or for airport employees or merchant seamen wishing to go on-shore at their arrival port.
Whilst today a system is commonly built using a single device for a single application, it is likely that in the long term many such applications will interact (securely, and via a network) with a common set of trusted devices (with various security policies and certificates).
It is also expected that future biometrics applications will use multiple biometric modalities (for example, fingerprint, iris, and face), both to improve the accuracy of identification and to cope with people that are missing a finger, or have disability problems that prevent use of iris or face recognition.
BioAPI supports all these use cases.
The basic architecture of BioAPI 2.0 is illustrated in the figure at the top of this page. There are multiple possible (independent) biometric applications that interact with a BioAPI Framework, which in turn routes their messages to Biometric Service Providers (BSPs) that support the various biometric capture devices, image enhancement modules, feature extraction, matching, searching, etc.
A later extension of the architecture introduces the concept of a Biometric Function Provider (BFP) and defines further lower-level interfaces between a BFP and a controlling BSP. This minimizes the amount of software that a biometric device vendor needs to develop, allowing (other) software vendors to do most of the work of producing the BSP with an interface to the framework.
The BioAPI Framework is the heart of BioAPI. Procurement of biometric systems need to consider the merits of basing their invitations-to-tender on systems conforming to the BioAPI Standard, which contain a BioAPI Framework module.
The importance of this Framework module is recognized by the BioAPI Consortium, which identifies an implementation of this Framework from BioFoundry.
It might be uncommon to find multiple biometric applications and multiple biometric devices on a single computer system, but the long-term aim of telebiometrics is to allow multiple biometrics applications on multiple systems on the Internet to interwork with multiple other systems that support biometrics devices.
BioAPI has already laid the foundations for this, with its architecture.
Another ISO/IEC JTC 1/SC 37 Standard – BioAPI Interworking Protocol (BIP) – specifies an enhancement of the BioAPI Framework that essentially maps all API calls into network messages (defined using ASN.1) to provide a distributed BioAPI system.
BIP is also being progressed as a Recommendation in ITU-T as Joint text with ISO/IEC.
The Open Systems Interconnection model is a conceptual model that 'provides a common basis for the coordination of [ISO] standards development for the purpose of systems interconnection'. In the OSI reference model, the communications between a computing system are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application.
A smart card, chip card, or integrated circuit card is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, mobile phones (SIM), public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.
ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, and more recently, contactless mobile devices, managed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
A topic map is a standard for the representation and interchange of knowledge, with an emphasis on the findability of information. Topic maps were originally developed in the late 1990s as a way to represent back-of-the-book index structures so that multiple indexes from different sources could be merged. However, the developers quickly realized that with a little additional generalization, they could create a meta-model with potentially far wider application. The ISO/IEC standard is formally known as ISO/IEC 13250:2003.
The Call Level Interface (CLI) is an application programming interface (API) and software standard to embed Structured Query Language (SQL) code in a host program as defined in a joint standard by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC): ISO/IEC 9075-3:2003. The Call Level Interface defines how a program should send SQL queries to the database management system (DBMS) and how the returned recordsets should be handled by the application in a consistent way. Developed in the early 1990s, the API was defined only for the programming languages C and COBOL.
The Linux Standard Base (LSB) was a joint project by several Linux distributions under the organizational structure of the Linux Foundation to standardize the software system structure, including the Filesystem Hierarchy Standard used in the Linux kernel. LSB was based on the POSIX specification, the Single UNIX Specification (SUS), and several other open standards, but extended them in certain areas.
Message-oriented middleware (MOM) is software or hardware infrastructure supporting sending and receiving messages between distributed systems. MOM allows application modules to be distributed over heterogeneous platforms and reduces the complexity of developing applications that span multiple operating systems and network protocols. The middleware creates a distributed communications layer that insulates the application developer from the details of the various operating systems and network interfaces. APIs that extend across diverse platforms and networks are typically provided by MOM.
The Data Distribution Service (DDS) for real-time systems is an Object Management Group (OMG) machine-to-machine standard that aims to enable dependable, high-performance, interoperable, real-time, scalable data exchanges using a publish–subscribe pattern.
IEEE 1471 is a superseded IEEE standard for describing the architecture of a "software-intensive system", also known as software architecture.
Reference Model of Open Distributed Processing (RM-ODP) is a reference model in computer science, which provides a co-ordinating framework for the standardization of open distributed processing (ODP). It supports distribution, interworking, platform and technology independence, and portability, together with an enterprise architecture framework for the specification of ODP systems.
ISO/IEC 19794 Information technology — Biometric data interchange formats — Part 5: Face image data, or ISO/IEC 19794-5 for short, is the fifth of 8 parts of the ISO/IEC standard ISO/IEC 19794, published in 2005, which describes interchange formats for several types of biometric data. ISO/IEC 19794-5 defines specifically a standard scheme for codifying data describing human faces within a CBEFF-compliant data structure, for use in facial recognition systems. Modern biometric passport photos should comply with this standard. Many organizations and have already started enforcing its directives, and several software applications have been created to automatically test compliance to the specifications.
The Open Smart Grid Protocol (OSGP) is a family of specifications published by the European Telecommunications Standards Institute (ETSI) used in conjunction with the ISO/IEC 14908 control networking standard for smart grid applications. OSGP is optimized to provide reliable and efficient delivery of command and control information for smart meters, direct load control modules, solar panels, gateways, and other smart grid devices. With over 5 million OSGP based smart meters and devices deployed worldwide it is one of the most widely used smart meter and smart grid device networking standards.
ISO/IEC JTC 1/SC 37 Biometrics is a standardization subcommittee in the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which develops and facilitates standards within the field of biometrics. The international secretariat of ISO/IEC JTC 1/SC 37 is the American National Standards Institute (ANSI), located in the United States.
Cloud Infrastructure Management Interface (CIMI) is an open standard API specification for managing cloud infrastructure.
WebUSB is a JavaScript application programming interface (API) specification for securely providing access to USB devices from web pages.