The standard
It defines possible attacks when capturing biometric data for identity verification. These attacks are called "Presentation attacks", and the mechanisms for detecting them are called "Presentation Attacks Detection" or PAD. For this reason, it covers both the security measures to be implemented, and the tests to be carried out to assess their security.
Certification


The certification scheme for this standard is made possible by a partnership between CLR Labs and LSTI.
All testing and evaluation work is carried out by CLR Labs, including presentation attacks (type 1 attacks) and biometric data injection tests (type 2 attacks).
LSTI then assesses the conformity of these evaluations and issues the ISO/IEC 30107 certificate for the evaluated product or service.
To date, this certification scheme is the only one of its kind in Europe. Until the creation of this initiative, audits, tests and conformity assessments were the norm in Europe. A certification option existed, but the offer in question was American.
A made-in-Europe certification offer is now on the market to certify and guarantee remote identity verification services.
- 1 - Project definition
1 - Project definition
- 2 - Laboratory tests
2 - Laboratory tests
- 3 - Conformity assessment
3 - Conformity assessment
- 4 - Adjustments
4 - Adjustments
- 5 - Issuing the certificate
5 - Issuing the certificate
- 1 - Project definition
1 - Project definition
- 2 - Laboratory tests
2 - Laboratory tests
- 3 - Conformity assessment
3 - Conformity assessment
- 4 - Adjustments
4 - Adjustments
- 5 - Issuing the certificate
5 - Issuing the certificate
- 1 - Project definition
1 - Project definition
- 2 - Laboratory tests
2 - Laboratory tests
- 3 - Conformity assessment
3 - Conformity assessment
- 4 - Adjustments
4 - Adjustments
- 5 - Issuing the certificate
5 - Issuing the certificate
Products and services concerned
This certification scheme can be applied tò many products and services such as:
- Identity enrolment stations and booths,
- Automatic border crossing gates,
- Biometric readers,
- entry-exit systems,
- Digital Wallets,
- Trusted service providers,
- And all other products incorporating biometric technologies.
It is therefore aimed at all companies in the remote identity verification sector who wish to offer an additional guarantee of the security of their products and services.

