NIST Defines Standards for Biometric Federal
ID Cards
By Stacy Lawrence
In October, the government
will start issuing Personal Identity Verification cards to all federal employees and contractors. This week, the National
Institute of Standards and Technology issued the final guidelines defining how biometrics should be stored on these identity
cards.
In August 2004, the President issued Homeland Security Presidential Directive
12 calling for a mandatory, governmentwide personal identification card that all federal departments and agencies will issue
to their employees and any contractors requiring access to federal facilities and systems.
The NIST publication contains specifications for acquiring, formatting
and storing fingerprint images and templates; for collecting and formatting facial images; and for the biometric devices used
to collect and read fingerprint images.
Specifically, the guidelines state that two fingerprints must be stored
on the card as "minutia templates," mathematical representations of fingerprint images.
These standards are intended to ensure interoperability and standardization
across a number of federal departments and agencies issuing the cards and vendors providing the biometric technology.
Guidelines require that all biometric data to be embedded in the CBEFF
(Common Biometric Exchange Formats Framework) structure. This ensures that all biometric data will be digitally signed and
uniformly encapsulated. This format will apply not only to PIV cards, but also to any other biometric records kept by federal
government agencies.