BioEnable-Mobile Identity Management & NFC Document

Introduction

Simplicity, Ease of Use, Convenience, Massive Costs Savings, while having a full-fledged RFID reader and Inspection System in your pocket are only a few of the motivations that characterize the development of the BioEanble NFC Document Inspection & Identity Management Platform.BioID is deployed on smartphones, tablets & other Android devices and peripherals supported by Android.
To establish a persons´ true identity utilizing Machine Readable Travel Documents and / or Biometrics is a crucial task for police, immigration and other law enforcement agencies around the world, while at the same time safeguarding the principles of data privacy and its possible infringements has highest priority.

BioID aims to be in line with the Common Criteria laid out by the EU commission for Mobile devices to establish a best practice sample according to international standards.

In a time with rapid changing technology and the risk of not being able to keep up in hardware product developments with the technology, Avalon decided to invest in the Android platform as a future proof mobile platform that is well respected and promoted by governments and militaries around the globe to leverage “common” mobile devices for advanced use cases in end-to-end integrated secure turnkey solutions, such as BioID. Initiatives like the Security Enhanced version of Android ( SEAndroid) released by NSA for government use underline such trends. Advantages like the seamless upgrade from one OS version to another and the compatibility with various devices, while being able to utilize the latest technology by keeping introperability are unmatched by older Windows Mobile & Windows CE systems.

Benefits of Mobile Identity Management 

• Use of existing infrastructure and devices and maximizing the use cases and therefore the ROI
• Mobile Handsets are in possession of almost all immigration and police officers and the majority of people in 1st and 2nd world countries already in general
• Mobile Handsets have a high acceptance, user friendliness, are not discriminating or intrusive and are not subject of making someone feel uncomfortable or like a criminal to be checked with.
• Built-in technology in smartphones & seamless upgrade from one to another unit make it very future proof

Additionally BioID features the first Identity Management Platform with biometric capabilities on the Android Device, including Photo Capture and the words first Photo QA according to ISO & ICAO recommendations, fingerprint Capture & QA, Signature Capture, Demographics capture & has built-in support for ANSI / NIST ITL 2007 / 2008 file generation as default output format of every transaction. This document shall provide an overview of the BioID platform and the components that are being integrated and made available to our customers & partners.

BioID Mobile NFC Document Inspection & Identity Management Platform

Below are the key features & functionalities listed of the growing BioID platform.

BioID Key Features

Architecture

• Modular & Service based
• Flexible & Scalable
• Android (Java) & J2EE robust backend
• Device & Peripheral Independent
• ANSI/ NIST ITL 2007 support

Available Modules & Functionality

Service Selection

• Services are simply an arrangement of modules in a certain workflow and with a certain specific business logic.
• Current services implemented on BioID are for enrolment / registration, immigration, police and for pure document inspection.
• Due to the flexibility of the BioID platform there is no restriction as to what service can be created and we are looking forward receiving you project specific inquiryand extend the available module base to accustom user specific needs.

Travel & ID Document (ISO/IEC 14443 A/B)

• Document Selection
• Document Capture (Photo)
• Document MRZ Cropping
• Document Photo Cropping
• Document BAC Details Entry
• Document Reading (All DGs)

Document Verification & Authentication

• MRZ Checks
• BAC, AA, PA & EAC (CA + TA)
• Certificate storage & handling
• Certificate Revocation Lists (CRL) storage & handling

BioID – Mobile NFC Document Inspection & Identity Management Platform

BioID Key Features

Photo Capture & QA

• Cropped to ICAO standards
• Guides for correct “Full Frontal” positioning or “Token”
• Built-in QA from the QFace solution
• Stored as bitmap, JPEG orJPEG2000

Fingerprint Capture & QA

• 1-10 fingers configurable
• Support for Anomalies
• Built-in QA with Minutiae count, core count and NFIQ value
• Uniqueness check (built-in matcher)

Signature

• On-screen capture (finger or capacitive stylus)
• Stored as RAW or CCITT4 according to ANSI / NIST ITL 2007 /2008
• Optional Cropping, Resizing Demographics
• Auto-Filled if Document is present
• First Name, Last Name
• Date of Birth & Gender
• Address & GPS Location
• Date and Time Stamp

Demographics

• Auto-Filled if Document is present
• First Name, Last Name
• Date of Birth & Gender
• Address & GPS Location
• Date and Time Stamp

 

Summary Module

Document Data

• Extracted Data & Images from Document

RFID Data

• RAW Data Groups

Biometrics

• Biometrics acquired Live
• Biometrics from RFID chip

Verifications

• MRZ Checks
• BAC, AA,, PA & EAC (CA + TA)

Control List Checks

• Textual Control & Watchlist Queries
• Biometrics Control & Watch List Queries

Biometric Matching

• Face Match (Live vs. RFID)
• Fingerprint Match (Live vs. RFID)

Demographics

Document Archive

• Title for document
• Unlimited documents
• Unlimited Pages
• Popular image formats supported

Document Issuing

• Fingerprint verification (1:1 or 1:N)
• Records the issuing in central register

ANSI / NIST ITL 2007 file support

• Generates an ANSI / NIST ITL 2007 file that encodes all data captured during thetransaction
• JPEG2000 support for facial images
• FBI certified WSQ encoder for fingerprint

Embedded MBIS (Fingerprint & Face)

• Embedded AFIS System for Fingerprint Verification (1:1) & Identification / Duplicate Check (1:N)
• Embedded System for Facial Recognition (1:1) & Identification/Duplicate Check (1:N)
• Embedded System for Multi-Modal Fusion of Face & Fingerprint
• On-Demand connection to Remote Identification Systems for Face & Finger (1:N) via webservice integration

Web Service (WS) Interface

All communication in Avalon systems is based on secure web services, so naturally BioID has the capability to communicate with web services via WS layer Avalon added for Android. This WS layer allows the easy interfacing to existing web services used for:

• Textual Control & Watch List queries
• Biometric Control & Watch List queries
• Enrolment Record Storage
• Transaction Record Storage
• PKI Certificate Renewal

Central Register / System Interface

• BioID seamlessly integrates with Avalon’s webserver and web service for receiving NIST files and therefore providing a turnkey solution for enrolment
• From the central webserver running the web service system can easily interface within a secure environment with the target system for a 1 or 2 way data exchange.

Public Key Encryption Support

• For advanced security Avalon applied the same best practice for the Ultra-mobile BioID platform as for their desktop applications with which Avalon is serving customers around the world.
• As part of the enrolment Avalon can wrap every ANSI / NIST file with a custom encryption utilizing the public key the authorities provide to secure their data records

Control / Watch-List Interface via CLMS

• Like all Avalon solution the BioID platform can be connected via web-services to Avalons web-based Control List Management System (CLMS)
• The CLMS can interface unlimited amount of Control Lists either directly or via an ESB and can be used to start own control list or import and synchronize existing control lists or legacy systems.
• CLMS features 5 alarm levels to also support hidden alarms from field officers to intelligence services with dedicated secure watch & control lists alerts in realtime