New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Inventory: Require Appendix F Certified Scanner #30
Comments
@gfiumara my only concern with saying that the scanner MUST come from that list is that say an EU scheme could say they want to use something that is tested by them, and not the US FBI. I'm not arguing that there is anything wrong with the FBI list by any means, just that we have to be careful of requiring things like that. I certainly think we could list that as a place to find commercial products though, in the table (instead of putting in a specific product maybe, I'm not sure). |
This is to close #30 by using the FBI list (and pointing to the website) as a commercial example list
Fair, but I don't know of other testing programs. |
@gfiumara This is why my edit has these listed as part of the commercial scanners list, but not as a mandated list. |
Essentially, I want to avoid folks using cheap sensors that claim 500 PPI but whose acquition methods do not provide a robust image. For example, a sweep-style sensor can image at 500 PPI, but relies on image stitching which will introduce artifacts and not be able to image the entire finger. This might be acceptable for the verification image on the TOE, but not for creating a PAI. |
FYI: Learned of BSI (Germany) fingerprint scanner qualifications, which may be useful (Section 5.1.2). The qualifications mimic EBTS Appendix F, with the exception of minimum physical capture size. |
Ok, so how about specifying in the requirements that the scanner must meet either the BSI or the FBI requirements. If I can point to multiple that agree, I think we are OK. Then under the examples we cam point to the FBI website since it is nicely searchable, but it is just a place to look for them, not mandated. |
I would be good with requiring the linked BSI qualifications or FBI qualifications. Could we say something like "meets EBTS Appendix F or equivalent national body image quality specifications?" I also noticed ISO/IEC 19794-4 has an appendix with image quality specifications for scanners. Looking very quickly between meetings, this appears to be equivalent to EBTS Appendix F, which could remove the "international" problem. |
Related to #2, but split out for discussion. FBI EBTS Appendix F is the de facto fingerprint sensor certification guidelines and procedure. Requiring a certified scanner will help ensure the captured print is of a sufficient enough quality to create a mold without requiring a specific scanner manufacturer.
I suggest we explicitly require EBTS Appendix F scanner, regardless of what resolution is determined in #2.
The text was updated successfully, but these errors were encountered: