Home' RTCA Documents for Review : DO-230H FRAC Contents 63
©2017 RTCA, Inc.
Biometric implementations include a wide range of topics related to the application of biometric technology
in specific use cases and the related societal implications that must be considered. These topics include
domain-specific application profiles, implementation requirements, best practices, application of biometric
technology, and cross-jurisdictional and societal considerations (such as accessibility, health, safety, and
Since many biometric standards contain options and sometimes allow user-defined data, this can create
problems with interoperability. Therefore, it is useful to further define or narrow the available options for
a particular application in the form of an application profile standard. Application profiles define
conforming subsets of base standards to provide specific functions or services. Profiles also perform the
basis for uniform conformance testing within a specific application environment.
An example of a biometric application profile standard is the FBI’s Electronic Biometric Transmission
Specification (EBTS), which is an application profile of the ANSI/NIST ITL-1 2011 Data Format for the
Interchange of Fingerprint, Facial and Other Biometric Information. This is the method by which the FBI
supports the exchange of biometric data used to facilitate identification of a subject from fingerprint, palm,
facial or other biometric information, across criminal justice agencies or organizations. Another example
is ISO/IEC 24713-2 which describes biometric profiles for interoperability and data interchange when used
for physical access control for employees at airports.
The Federal Information Processing Standard 201 (FIPS 201) for Personal Identity Verification (PIV) of
Federal Employees and Contractors describes a set of standards that pertain to the issuance of
biometrically-enabled smart card identity credentials for Federal employees and contractors for use in
accessing secure federal facilities and information systems. FIPS 201 is potentially important to airport
operators because it is becoming a de facto standard for non-Federal issuers of interoperable smart card-
based credentials for access control. It should be noted that previous versions of FIPS 201 constrained the
use of biometrics over the contactless (radio frequency) smart card interface. However, the most recent
version (FIPS 201-2), which was published in August 2013, reduced these constraints. Airport Operators
should closely follow the evolution of technologies for biometric access control based upon PIV
Standardization of biometric data formats and processes extends interoperability to enable use of biometric
technologies to positively bind a centrally issued credential to the intended bearer regardless of
manufacturer of locally deployed biometric equipment.
The requirements for collection and formatting of biometric information associated with the FIPS 201
standard are specified in NIST Special Publication 800-76 (SP 800-76), Biometric Data Specification for
Personal Identity Verification.
Biometric standards in this area address aspects of biometric technologies related to accessibility, health
and safety, and legal requirements. Examples of related standardization efforts include ISO/IEC 24779
“Cross-jurisdictional and societal aspects of implementation of biometric technologies -- Pictograms, icons
and symbols for use with biometric systems” and ISO/IEC 30110 “Cross jurisdictional and societal aspects
of implementation of biometric technologies -- Biometrics and children”.
Other standards are under
development in this area concerning demographic considerations and biometrics for major incident
response (related to preventing and responding to major incidents).
Links Archive Navigation Previous Page Next Page