BIOMETRIC STANDARDS AND METHODS

: Introduction/purpose: Nowadays, user identification systems play a very important role in modern society. Complex security requirements have led experts to explore ways in which biometric data can be used to identify user identities. This paper presents an overview of biometric standards and methods which can be used to identify users in biometric systems, and therefore to protect information and communication systems. Methods: This paper deals with the problem of standardization in the field of biometrics. The first part of the paper presents concrete examples of the most widely used biometric standards. The second part of the paper gives an overview of the most used biometric methods. Results: The obtained results show that the development of biometric systems and biometric sensors contributes to better protection of identity from misuse, because biometric technologies have great potential for improving the security and accuracy of system operation. Biometric systems improve the security of users and also provide much greater precision in establishing identity. Conclusion: The development of biometric standards should focus on their interconnectivity, as well as on increasing connectivity with other IT standards.


Introduction
Nowadays, Personal Identification Numbers (PINs) or various passwords are often used for identification purposes. For example, people are asked to identify themselves when withdrawing money at ATMs, logging in on computers, using keys when opening the doors, using codes when entering buildings, typing passwords on the Internet or giving ID, passport or driver's license numbers as proof of identity. All of these methods have various disadvantages (cards and keys can be stolen, passwords can be hacked). In order to precisely identify an individual to minimize current security issues and threats, biometric technics can be used.
Biometrics is a tool that can be used to complement or even replace existing user identification systems based on what the user knows or what he or she possesses. Biometrics is one of the key methods for user recognition because it provides strong security and has great practicality (Ortega-Garcia et al, 2004). Tot,I. et al,Biometric standards and methods, Biometric systems use one's biological and behavioral characteristics which can be distinguished for the purpose of biometric recognition (Jain et al, 2000), .
The development of biometrics for user authentication has led to the development of standards for biometrics. These standards should provide the set of specifications to ensure interoperability with other biometric systems and products (Prabhakar et al, 2003).
This paper gives an overview of the most applied biometric standards as well as biometric methods that can be used to resolve security issues and threats. ISO has other technical committees with task of dealing with biometric data. These are TC68 for financial services, JTC1 SC32 for data management and exchange, JTC1 SC17 for cards and personal identification, JTC1 SC29 for encoding audio, image, multimedia and hypermedia records, JTC1 SC24 for computer graphics and images, JTC1 SC27 for IT security techniques, JTC1 SC31 for automatic identification and data acquisition techniques, JTC1 SC36 for IT for learning, education and training, ITU-T SG17.

Informal standardization organizations
The BioAPI consortium is an example of informal organization for biometric standards. It was responsible for development of a common biometric application programming interface. The ANSI standard and the ISO standard are the most famous specifications of this group.

Biometric standards
There are different ways of collection and reproduction of biometric data so the safety of biometric data is crucial (Unar et al, 2014 The financial sector was the first sector that used biometric standards. However, the development of biometric systems has led the organizations for standardization to introduce new biometric standards which are related to the security of biometric applications and biometric systems.
Nowadays, there are a lot of studies in the field of biometrics such us biometric transaction security and protection of biometric data.
The most popular biometric technical standards founded by SC37 are the Biometric Application Programming Interface (BioAPI) and the Common Biometric Exchange Format Framework CBEFF).

BioAPI
The BioAPI (Biometric Application Programming Interface) standard determines biometric application interfaces, devices and algorithms for distinguishing biometric data and device types.
This standard introduces basic functions of biometric systems, i.e. Enrollment, Verification and Identification. It also introduces an API (Application Program Interface) and an SPI (Service Provider Interface) for programmers and developers. Figure 1 gives the BioAPI's Application Program Interface/Service Provider Interface model.

CBEFF
The CBEFF (Common Biometric Exchange Format Framework) introduces a set of data elements needed to support biometric technologies in order to provide interoperability between biometric programs and biometric systems made by different manufacturers. Figure 2 refers to the basic data structure for face, iris, fingerprint, palm, etc.

АCBio
In order to ensure the integrity and confidentiality of transactions, the ACBio standard uses data encryption and digital certificates. It specifies the structure of data for a remote biometric verification.
In the ACBio model, a biometric transaction represents a number of processes executed by the Biometric Process Unit -BPU (e.g. sensor, smart card, comparison device, software running on a personal computer, etc.). Each of them sends relevant security information as a data block called the ACBio instance generated by the BPU.

Biometric sensors
In order to reach the phase of user identification, in terms of protection of information and communication systems, it is necessary to Tot collect biometric data through biometric sensors that will be compared with the already existing data registered in the system itself.
A sensor is a device that measures physical quantities and converts them into a signal readable by an observer or an instrument. The measured signal can be light, heat, movement, humidity, pressure or any other environmental phenomenon. The output is usually a legible signal to the observer or instrument at the sensor location itself or can be transmitted electronically over the network for reading and further processing.
Sensors have a wide application in virtually all aspects of life, including safety, security, surveillance, monitoring and detection in general (Ortega-Garcia, 2004). Sensors in the industry occupy a central place in process control, monitoring and security. In medicine, sensors also occupy a primary place because they are used to diagnose and monitor physiological changes in patients.
There are several sensor classifications by different authors and experts (Thevenot et al, 2001). Some are very simple and some very complex. According to one classification of sensors, they are divided into active and passive ones. Active sensors are those that require an external excitation signal or power signal, while passive sensors, on the other hand, do not require any external power signal and directly generate a signal response. The second type of classification is based on the means of detection used in the sensor. Some of the detection methods are electrical, biological, chemical, radioactive, etc. The following classification is based on the phenomenon of conversion, i.e. input and output. Some of the common conversion phenomena are photoelectric, thermoelectric, electrochemical, electromagnetic, thermooptical, etc. . Finally, sensors can be classified into analog and digital ones. Analog sensors produce an analog output, i.e. a continuous output signal. Digital sensors, unlike analog sensors, work with discrete or digital data. The data in digital sensors used for conversion and transmission are digital in nature (Lalović, 2018).
Research and development of biosensors is becoming an increasingly developed discipline, because simple, fast, cheap, highly sensitive and highly selective biosensors contribute to progress in all aspects of life. Research related to biosensors is interdisciplinary. For example, advances in surface chemistry provide new methods for designing target molecule recognition systems. In the future, advances in nanofabrication technologies promise not only the construction of new transducers, but also the miniaturization and integration of high-bandwidth biosensors. Therefore, the development of innovative biosensors requires interdisciplinary efforts outside conventional specialties. The combination of a lot of interdisciplinary knowledge will accelerate the development of biosensors and contribute to the revolution in the biomedical fields.
Biosensors are analytical devices that convert biological signals into electrical signals. Essentially, biometric sensors are highly specific, independent of physical parameters such as pH and temperature, and must be reusable.
The development of biosensors, as well as biosensor materials, transduction devices and immobilization methods, requires multidisciplinary research in chemistry, biology and engineering. The materials used in biosensors are categorized into three groups based on their mechanisms: a biocatalytic group containing enzymes, a bioaffinity group including antibodies and nucleic acids, and microorganisms containing microorganisms.

Biometric methods
Biometric devices perform data acquisition by receiving data from one of the sensory receptors in the form of a sensation that occurs in or on the human body and converts it into analog or digital signals that are used for further processing . The data thus collected can be used to identify people. Individual biometric data are unique for each person and can be used to identify persons, both in the civil sector, e.g. in health care, educational institutions, companies, as well as in military, police and state institutions in order to protect their own resources. Biometric authentication (i.e. real authentication) is used in information technologies as a form of user identification and access control to protected resources.
Verification involves performing a one-on-one biometric comparison to provide access to either physical assets, such as a room or building, or digital assets, such as a smartphone, computer application, computer network, or database. For this purpose, biometric data is increasingly used as a replacement for traditional passwords and PIN codes to Tot improve access control. By comparing a living biometric sample of an individual with one reliable stored sample, the identity of the person is determined . This saved sample can be located either in a central database, a smartphone, or as a token on a credential, such as an ID smart card (Lalović et al, 2016a).
There are different methods for biometric data acquisition and user authentication. Each of the methods of biometric identification has something specific: Face recognition -Of the various methods of biometric identification, face recognition is one of the most flexible, even when the subject is not aware of the scan. This method of identification can search masses of people who have spent only a few seconds in front of a "scanner" -that is, an ordinary digital camera. Facial recognition systems work by systematically analyzing specific features that are common to all -the distance between the eyes, the width of the nose, the position of the cheekbones, the line of the jaw, the chin and so on. These numerical quantities are then combined into one code that uniquely identifies each person (Al-Maadeed et al, 2016).
Fingerprint identification -Fingerprints remain constant throughout life. In more than 140 years of comparing fingerprints around the world, it has not been discovered that two fingerprints are similar, even in identical twins. Fingerprint scanners are installed in PDAs, mobile phones and laptops, so scanning technology is also simple. Fingerprint identification includes comparison of ridge and groove fingertip samples, as well as minutiae (ridge characteristics that occur when the ridge splits in two, or ends) with biometric fingerprint samples in the database (Bhardwaj et al, 2017), (Lalović et al, 2016b).
Palm geometry biometrics -Palm geometry readers work in more extreme environments, do not require clean conditions and form a small data set. It is a common method of authentication in industrial environments.
Retinal scan -There is no way to fake the retina in the literature. The pattern of blood vessels on the back of the eye is unique and remains the same throughout life. However, it takes about 15 seconds of careful concentration for the scan to be of good quality. Retinal scanning is standard in the military and government sectors.
Iris Scanning -Like retinal scanning, iris scanning also provides unique biometric data that is very difficult to fake and remains unchanged throughout life. There are ways to encode biometric data to scan the iris in such a way that it can be securely transmitted in the "barcode" format (Belcher & Du, 2008 Signature -A signature is another example of biometric data that is easy to collect and not physically intrusive. Digitized signatures are sometimes used, but usually do not have sufficient resolution to ensure authentication.
Voice Analysis -Like face recognition, voice biometrics provides a way to authenticate an identity without the subject's knowledge. But it has a big drawback, because it is easy to fake.
EEG authentication -uses an electrophysiological system to monitor brain activity. This technology is very popular and can be used without any side effects on the brain (Chen et al, 2016), (Tot et al, 2021), (Nakamura et al, 2017).

Conclusion
Given the significant advances in science and technology, such as basic developments in micro / nanotechnology, wireless communications, information technology and biomedical sciences over the past few years, there has been a transformation in this area of biometric systems, and models have been designed and built in a wide range of biosensors and load-bearing sensors.
The development of biometric systems and biometric sensors contributes to better protection of identity from misuse, because biometric technologies have great potential for improving the security and accuracy of system operation. The application of biometric systems improves the security of users, and such systems also provide much greater precision in establishing identity.
Due to the importance of establishing identity, it is necessary to constantly work on improving the system for precise identification, i.e. on improving their performance, either through the development of biometric sensors, or through the improvement of biometric data acquisition methods.