Home' RTCA Documents for Review : DO-230H FRAC Contents 55
©2017 RTCA, Inc.
in its matching performance. In some devices, it is possible to collect two biometric characteristics from a
single presentation. For example, there are reader devices that are now capable of capturing fingerprint and
finger vein biometrics in a single presentation. Also, iris and face recognition may be combined in one
collection process. However, such multi-biometric techniques may add to the cost of the technology. As
another alternative, security personnel at staffed entry points can be used to visually verify identity
credentials and allow entry. It may even be possible to perform this function remotely, via intercom with
Following enrollment, a final “test verification” step should be performed by having the participant verify
that the individual biometric works in conjunction with his / her specific credential. The applicant performs
test verification to the enrolled biometric stored on the badge or in a system ensuring that he/she can
successfully use the technology in normal operations. This is also an excellent training opportunity to ensure
that the participant understands how to use the card and properly present his or her biometric sample to the
Every biometric enrollment should include a test verification procedure that requires the applicant to present
his/her biometric sample to a sensor immediately after enrollment and have the biometric sub-system
attempt to match that biometric sample against the sample that was just enrolled. This ensures that the
enrollment template is usable. Should the initial enrollment be deemed unsatisfactory, repeat
enrollment attempts may be performed.
Training (Enrollees and Operators)
Training in the use of biometrics for access control plays an integral role in maximizing the security benefits
and participant acceptance of the technology. The following are factors that should be considered in
developing the participant training plan for a biometric device used for access control:
Participant training procedures that do not require excessive amounts of instruction.
Stand-alone training (e.g., Computer Based Training, video, DVD) that can be administered by
tenant trainers authorized by the system administrator (e.g., air carrier, ground handlers, law
enforcement officers, and fire department). Keep in mind that training material containing sensitive
security information as defined by 49 CFR Part 1520 should be protected and handled accordingly.
A training package that incorporates a knowledge test and the capability to record training results
and that can be imported to the airport’s training record database.
Training that can be conducted immediately after the issuance of the secure credential/badge with
a field reader setup. Participants should be given several opportunities to try the process of
presenting his/her biometric to the sensor with a training supervisor present to demonstrate the
Retention of Original Biometric Identifiers
During biometric enrollment, an applicant’s biometric sample is captured and processed into a template
for storage on the credential and/or in the system. This is necessary since all biometric matching takes place
at the template level. Storing biometric templates on the card or in an on-line database also enhances privacy
by limited exposure to personally identifiable information (PII) since templates do not reveal the original
biometric data representation (e.g., bitmap image of a fingerprint pattern). Ideally, if fingerprint is the
biometric method used for access control, the enrollment template for the access control system should be
generated from the original CHRC fingerprint image data collected during applicant processing. [Reference
Links Archive Navigation Previous Page Next Page