- Product Name :
- Palm Vein Authentication Software Android OS Version
- Version of TOE :
- Product Type :
- Biometric verification product
- Certification No. :
- Date :
- Version of Common Criteria:
- 3.1 Release4
- Conformance Claim :
- EAL2 Augmented by ALC_FLR.1
- PP Identifier :
- Protection Profile for Biometric Verification Product Version 1.2 (Certification Identification: JISEC-C0501)
- Vendor :
- NORMEE Limited.
- POC :
- IWATA Eizaburo
- Division :
- Phone :
- E-mail :
- Evaluation Facility :
- Mizuho Information & Research Institute, Inc.
Information Security Evaluation Officer
Description of TOE
TOE is a biometric verification product for mobile devices with Android OS and embedded rear camera, such as smartphones and tablet PCs. TOE is a software library, incorporated into application programs by application developers.
TOE security functionality
TOE provides biometric verification function with sufficiently low False Accept Rate and False Reject Rate, and presentation attack detection.
TOE provides the following functions.
|-||Extraction: Biometric features are extracted from captured raw data.|
|-||PAD Feature Extraction: PAD feature data is extracted from raw data to determine whether it is a presentation attack or not.|
|-||Quality Check: This function checks whether raw data have sufficient quality.|
|-||Enrol: This function outputs extracted biometric features extracted from the Extraction function as a biometric template.|
|-||GetRef：This function is responsible for getting the enrolled and stored biometric template corresponding to a user's ID.|
|-||Comparator: This function compares the biometric features against the biometric template and calculates a similarity score.|
|-||Decision: This function determines whether the verification succeeds or not based on the output from the Quality Check, the PAD Extraction and Comparator.|
|-||Clear Memory: This function clears the content of memory which includes biometric templates, biometric features and raw data after use.|
Security functional requirements
This TOE implements the following security functional requirements.
|Security audit||Non-repudiation of origin/receipt||Cryptographic functionality||Access control|
|Data authentication||Export data protection||Information flow control||Import data protection|
|Internal transfer data protection||Residual information protection||Rollback||Stored data integrity|
|Transfer data confidentiality||Transfer data integrity||Identification and authentication||Security management|
|Privacy Control||Security functionality protection||Resource utilisation management||TOE access control|
|Trusted path/channels||Random number generation|
- Enrolment of biometric template
- Biometric verification