Biometrics Glossary

Full list of biometric terms & definitions

person finds a biometrics glossary here

The BioID Glossary provides an understanding of common biometric technology terms and definitions. If you are missing a term or have any questions about a particular technical phrase, feel free to contact us at any time.

Person finds a biometric glossary here

Biometrics Glossary

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

 


A

  • Accreditation Body: An independent authoritative body that performs conformity assessment. For example, TÜViT (TÜV).

 

  • Active Liveness Detection: A method where the user has to intentionally confirm their presence by performing an action such as moving the head or blinking. (Cf. passive liveness detection) More info here: blog article active-passive.

 

  • AI (Artificial Intelligence): A broad branch of computer science that deals with developing intelligent machines that can carry out tasks that normally require human intelligence.

 

  • AML (Anti-Money Laundering): Activities of financial institutions (e.g. monitoring and reporting suspicious customers and transactions) to comply with legal requirements with the aim of tackling the laundering of illegally acquired funds by criminals or terrorist organizations.

 

  • APCER (Attack Presentation Classification Error Rate): Standardized measure of Presentation Attack Detection performance as specified in ISO/IEC 30107-3. The proportion of presentation attacks falsely classified as live. More info here: liveness-detection-certification.

 

  • API (Application Programming Interface): A set of commands, functions, and protocols that can be used by developers to create software or interact with an external operating system or application.

 

  • Application-Level Attack: Attacks such as the injection of modified camera streams or virtual cameras, that do not affect the biometric sensor level and can be prevented through secure applications that prevent attacks through virtual cameras.

 

  • Artifact: An inanimate object, either physically such as a mask, or digitally such as a recording on a smartphone, with the goal of reproducing human biometric traits.

B

  • Biometrics: The science of measuring and comparing data representing the unique physical traits or behaviors of an individual to identify that individual based on those unique traits or behaviors.

 

  • Biometric User Authentication: The process of comparing a person’s live identity with the previously secured biometric template using their unique biometric/human characteristics.
  • Biometric sample: Raw data (e.g. a facial face image) collected by a biometric capture device or sensor.

 

  • Biometrics-on-device: The user’s biometric data is collected and processed locally on the device, such as a computer or a smartphone, for enrollment, liveness detection, verification, and identification. The biometric template is typically stored on the device and must be taken care of by the owner. Furthermore, users must enroll separately with each device.

 

  • Biometrics-on-server (= cloud biometrics): The user’s biometric data is collected device-independently, encrypted, and sent to a remote server for enrollment, liveness detection, verification, and identification. This enables omnichannel usage without the necessity for the user to enroll on each device or re-enroll each time they switch to a new device.

 

  • BPCER (Bona Fide Presentation Classification Error Rate): The proportion of bona fide presentations incorrectly classified as presentation attacks in a specific scenario. A living person is falsely classified as a presentation attack.

C

  • Capture: The process of a digital sensor or device such as a camera collecting a biometric sample from an individual.

 

  • Certification: The conformity assessment process of a biometric system performed by an independent authoritative body such as TÜViT according to specified performance standards.

 

  • Challenge Response: A technique to confirm the presence of a user and prevent presentation attacks by prompting them to follow random instructions such as turning the head in one specific direction. Only if these challenges are performed correctly, the operation is successful.

 

  • Cheap Fakes (or Shallow Fakes): Fake media content (videos, photos, or audio) created without the help of AI but using simpler (and “cheaper”) and more accessible methods such as photoshopping, changing the speed or rearranging videos into a new context with a simple image or video editing.

D

  • Database: A structured dataset designed for easy access, management, and updating. The BioID face database has been recorded and published to give all researchers working in the area of face detection the possibility to compare the quality of their algorithms with others.

 

  • Deepfake: Fake videos, photos, and even fake audio produced by AI using deep learning where peoples’ faces, actions, or voices are adjusted in a certain way.

E

 

  • eIDAS (electronic IDentification, Authentication, and trust Services): EU regulation on electronic identification and trust services for electronic transactions in the European internal Market. Enables online access to public services for people and businesses with their own national electronic identification schemes.

 

  • eKYC (Electronic Know Your Customer): The electronic (and automated) process of verifying the identity of customers for onboarding remotely. More info here: KYC with Biometrics

 

  • Enrollment: The process of collecting the biometric data from a user and then converting it into a biometric template, a mathematical representation of a user’s facial features (“characteristics”), which is intended to be used for subsequent biometric operations such as verification and identification.

 

  • eSigning: The process of digitally signing a document online with or without using a qualified electronic signature certificate. The eIDAS Regulation (link) defines the use of electronic signature procedures.

F

  • Face Recognition: Biometric verification based on facial characteristics.

 

  • FAR (False Acceptance Rate): Measures the probability of a biometric system incorrectly granting access to an unauthorized user during a fraud attempt. The lower this number, the more sophisticated and secure the technology. (Cf.: FRR)

 

  • FIDO (Fast IDentity Online): The FIDO Alliance is an open industry association dedicated to developing standards for authentication with the aim to reduce the world’s dependency on passwords. A FIDO typically supports only Biometrics-on-device. More info at: https://fidoalliance.org

 

  • FRR (False Rejection Rate), False Non-Match Rate (FNMR): Measures the probability of a biometric system incorrectly rejecting the correct user during an authentication process. The lower this number, the higher the user-friendliness of the system. (Cf: FAR)

I

  • ICAO 9303: An international standard, that defines specifications on Machine Readable Travel Documents, issued by the ICAO (International Civil Aviation Organisation), a special organization of the United Nations.

 

  • ID Ownership Verification: Verification that the person trying to authenticate with an ID document is present and actually the owner of the document.

 

  • Identity (ID) Verification: The process of validating a user’s identity and ownership authenticity against a government-issued ID document such as a passport, or driver’s license.

 

  • Identity Fraud /Identity Theft: The criminal act of using someone’s personal information without authorization in order to pretend to be that person (usually for the purpose of financial gain illegally).

 

  • Impostor: A person who attempts to impersonate a pre-enrolled user in order to deceive a biometric system.

 

  • ISO 30107-3: The ISO (International Organization for Standardization) testing guidance for evaluation of anti-spoofing technology for presentation attack detection.

K

    • KYC (Know Your Customer): The process of verifying the identity of customers for onboarding typically as part of Anti-Money-Laundering regulations.

 


L

  • Liveness Detection: Also scientifically called Presentation Attack Detection (PAD), is a method of biometric fraud prevention. The software distinguishes live persons from spoofing and presentation attacks such as photos, videos, deepfakes or masks.

M

  • Machine Learning: A field of artificial intelligence that focuses on using data and algorithms to mimic the way humans learn and to improve its accuracy step by step.

 

  • Matching: Freshly incoming biometric data is compared to a previously enrolled/saved template of the user. When both biometric traits match within an acceptable threshold, the matching is successful.

 

  • Multimodal Biometrics: A combination of biometric traits, such as face and eye traits, that are captured and analyzed in parallel to increase security of a biometric system. Each feature is analyzed independently and given its own score. The results are combined using a fusion algorithm to provide a single yes/no decision.

N

  • NIST (National Institute of Standards and Technology): The U.S. government agency that provides measurement science, standards, and technology to advance economic advantage in business and government. More info here: nist.gov.

P

  • Passive Liveness Detection: A method that does not require any specific actions from the user to confirm their presence (cf. active liveness detection).

 

  • Presentation Attack Detection: The scientific term for liveness detection, refers to fraud prevention for biometrics in general, whereas liveness detection is specifically used for face recognition.

 

  • PAI (Presentation Attack Instruments): Tools used by fraudsters to subvert a biometric system such as photos, videos, masks, deepfakes, avatars, etc.

 

  • Presentation Attack: The attempt of a fraudster trying to spoof a biometric system using presentation attack instruments (PAI) such as photos, videos, masks, deepfakes, avatars, etc.

Q

  • Quality Check: The process of analyzing whether the image quality of a photo meets ICAO and ISO/IEC standards for biometric passports or eID cards. BioID’s quality check is a state-of-the-art ICAO photo quality assessment service.

R

  • Remote Identity Proofing: The process of supplying adequate information (e.g. credentials, documents) to automatically verify a person’s identity online. Unattended automated identity proofing is necessary for efficient digital onboarding. A typical identity proofing process consists of two components, namely ID document authenticity verification, and ID ownership authenticity verification. BioID’s PhotoVerify service enables ID ownership authenticity verification.

S

  • Sensor Level Attacks: Commonly referred to as presentation attacks by means of presenting to the biometric sensor a presentation attack instrument in order to subvert a biometric system. Presentation attacks such as printed photos, cut-outs, 3D paper or silicon masks, videos on displays, video projections, etc. are presented to a biometric sensor in order to spoof the system.

 

  • Spoofing: The process of fooling a biometric sensor. For face recognition, a spoofing attack can be an impostor wearing a mask, holding a printed photo, playing a video on a display, etc. in front of the camera, attempting to be recognized as a legitimate user. Spoofing can be prevented through BioID’s Liveness Detection.

T

  • Template: A mathematical representation of a user’s specific biometric features. For face verification, the face template is compared to that of a freshly incoming face image. If both data match within an acceptable threshold, the verification is deemed successful.

 

  • TÜV Informationstechnik GmbH: An independent German testing laboratory performing Presentation Attack Detection evaluations based on the ISO standard ISO/IEC 30107-3.

V

  • Verification (one-to-one or 1-to-1):  1:1 face recognition for biometric user authentication. Used for online login, access control, transaction authorization, etc. typically coupled with liveness detection.