A Test Standard for Biometrics in access control managed by the Center for the Protection of National Infrastructure (CPNI) has been completely rewritten by Ingenium Biometrics in a new release.
Ingenium Co-founder and Director Chris Allgrove tells Biometric Update in an email that the new version marks a fresh start for the standard, rather than a simple update.
“The previous version of the CPNI test standard was quite old (at least ten years old, plus a few edits over the years) and is not really fit for purpose any more,” Allgrove explains. “Also, CPNI has changed their approach to testing — in the past they funded it but now it is vendor-funded and the test methodology needs to be updated to reflect this.
“The definition of presentation attack species and required performance levels have also been updated to reflect current best practices.”
CPNI’s mandate is to protect UK national security by reducing the vulnerability of critical infrastructure to threats like terrorism, espionage and sabotage.
The new standard is part of a revamped and relaunched biometric test program, and is intended to reflect the current state of the art in biometric-enabled access control and allow vendors to gain better value for money from the CPNI program.
The ‘Biometric Authentication in Automatic Access Control Systems’ document from CPNI sets out the operational requirements, strengths and weaknesses, and threats related to biometric systems, as well as system performance measurements. The document describes system design and building, how to choose a biometric modality, and installation and maintenance concerns. Tests should be commissioned after installation but prior to acceptance, according to the CPNI.
The standard is written for the biometric access control vendor community, both on the access control and biometric capability sides, according to Allgrove.
“CPNI maintains a product catalogue (the Catalogue of Security Equipment) that is used by organizations forming the Critical National Infrastructure community — Government, wider public sector, services (water, gas, electricity etc.), telecoms and other similar organizations — who must use products from the catalogue for their physical infrastructure,” Allgrove says. “It includes all sorts of things (bulletproof glass, bollards, security doors etc.) as well as biometric access control systems. Vendors submit their systems to us as the CPNI-approved test lab to evaluate against the test standard and if they pass, they get included in the catalogue.”
