Frequently Asked Questions

This page lists answers to often-asked questions about BixeLab testing and other services. For more details, please refer to contact us at info@bixelab.com.

About BixeLab

BixeLab is an internationally recognised biometric testing lab providing testing, compliance and certification for identity and biometric solutions.

We are the first laboratory of its kind in the southern hemisphere with NIST/NVLAP accreditation [NIST/NVLAP Lab code: 600301-0] for biometric performance testing and reporting, as well as Presentation Attack Detection (PAD) / Liveness detection testing.

We are also a FIDO Alliance accredited biometric laboratory under the biometric component certification program and can certify biometric subcomponents to all FIDO BioLevels.

Additionally, BixeLab has a range of other certifications, such as ISO 27001 for information security management systems, which ensure trust in the services we provide to our clients.

BixeLab has worked with many large government and private sector clients in Australia and abroad to provide testing and certification services as well as bespoke independent evaluations across all leading biometric products, modalities, and vendors.

Our expertise and experience with a range of technologies and use cases provides assurance that the biometric and digital identity solutions tested by our lab are delivering optimal performance, balanced security and usability outcomes, and high return on investment.

What are BixeLab’s Core Services?

BixeLab offers a range of core services to meet your biometric needs. Our services adhere to industry standards, ensuring quality and reliability.

• ISO 19795 Compliant Technology Evaluation: Comprehensive assessments of biometric technologies against suitable and demographically diverse test datasets for ISO 19795 compliance.

• ISO 19795 Compliant Scenario Evaluation: Evaluations of biometric technologies in close to real-world scenarios, to measure both usability and accuracy aspects.

• ISO 30107-3 Compliant PAD Level 1 Testing: Rigorous testing with presentation attacks at Level 1.

• ISO 30107-3 Compliant PAD Level 2 Testing: Comprehensive testing to more presentation attacks at Level 2.

• FIDO Biometric Component Certification: Certification of biometric components compliant with applicable FIDO biometric requirements.

Contact BixeLab to learn more about our core services.

What are some other Services BixeLab provides?

BixeLab offers a comprehensive suite of biometric testing and reporting services that go beyond ISO/FIDO certifications.

Our extensive experience allows us to deliver specialised testing solutions tailored to your specific needs. These include:

• automated document fraud detection testing
• biometric bias testing
• biometric usability testing
• injection attack detection testing
• biometric red teaming testing
• end-to-end testing and evaluation assurance services for electronic digital identity solutions

Our diverse range of services ensures that we can address a wide range of requirements and provide you with the most accurate and relevant results.

BixeLab also administers a professional training service, BixeAcademy, which offers courses designed to upskill professionals in biometrics, digital identity, and risk management. The training is delivered through a user-friendly learning platform with a dedicated support team making it a convenient and accessible way to enhance knowledge and expertise.

What is NIST/NVLAP Compliance Testing?

BixeLab is accredited by the NIST (National Institute of Standards and Technology) under the National Voluntary Laboratory Accreditation Program (NVLAP Testing Lab Code 600301-0).

This accreditation conforms to the outlined requirements of ISO/IEC 17025:2017 (General Requirements for Competence of Testing and Calibration Laboratories) listed in the NIST Handbook 150-25.

BixeLab provides international test capabilities and evaluation services to the biometric market. This includes providing a formalised and standardised setting for biometric and identity software application testing; additionally, BixeLab offers certification services that are compliant with best practice in laboratory and biometric testing ISO/IEC standards as well as consistent with the NIST accreditation standards.

Visit here for BixeLab’s scope of accreditation.

Are there the pre-requisites for NIST/NVLAP compliance testing?

There are several key requirements before undertaking a NIST/NVLAP compliant PAD evaluation to any level. These include:

The biometric system must:

• Be configured at the threshold to be tested.

• Have the ability to indicate a Failure to Acquire, Accept, Reject, liveness pass, liveness fail, liveness score.

• Be accessible in an offline secure test environment accessible only to the BixeLab during testing.

• Be accompanied by a dashboard with viewable logs including but not limited to match pass/fail, match scores, liveness pass/fail, liveness scores, any additional metadata which the system can output.

• Must be demolished in entirety after the testing is completed.

 

There are several key requirements that are necessary before undertaking a NIST/NVLAP compliant technology evaluation to any level.

The verification subsystem must:

• Be configured at the threshold to be tested

• Have the ability to indicate a Failure to Acquire, Accept, Reject, liveness pass, liveness fail decision

• Be accessible in a secure test environment accessible only to the test lab during testing

• Be accompanied by a dashboard with viewable logs including but not limited to liveness pass/fail, scores, any additional metadata which the system can output.

What is FIDO Biometric Component Certification?

FIDO Biometric Component Certification involves a series of PAD and biometric recognition performance tests conducted by accredited labs like BixeLab. The tests evaluate a biometric system’s compliance to the certification pass/fail requirements comprising of:

• False Accept Rate (FAR)

• False Reject Rate (FRR)

• Impostor Attack Presentation Accept Rate (IAPAR)

A summary of the FIDO certification criteria is provided below:

Visit here for BixeLab’s scope of accreditation.

Criteria BioLevel 1BioLevel 1+BioLevel 2BioLevel 2+
Minimum number of live subjects for FAR/FRR2524525245
Minimum number of live subjects for PAD15151515
Lab tested FAR1%0.01%1%0.01%
Lab tested FRR7%5%7%5%
Lab tested IAPAR15%15%7%5%
Number of attack types6 Level A and 8 Level B attack types (species)6 Level A and 8 Level B attack types (species)6 Level A and 8 Level B attack types (species)6 Level A and 8 Level B attack types (species)

What are the pre-requisites for FIDO Biometric Component Certification?

There are several key requirements before undertaking a FIDO certification to any level. These include:

The enrol subsystem must:

• Be configured at the threshold to be tested

• Allow the tester to clear enrolments

• Have ability to store enrolment template for later use during offline matching accuracy testing for FAR

• Have the ability to indicate failure to enrol

 

The verification subsystem must:

• Be configured at the threshold to be tested

• Have the componentry expected in a complete biometric system. This includes but may not be limited to data capture sensors, matcher, decision subsystems

• Have ability to store verification template for later use during offline matching accuracy testing for FAR

• Must have the ability to indicate a Failure to Acquire, Accept, or a Reject decision

 

The biometric system must:

• Offer data logging capabilities for the purposes of logging the results in real-time for analysis. This can be provided with the help of an accompanying dashboard.

• Be in complete control of the laboratory for the duration of the testing (no vendor access). For cloud-based solutions, this may be through a VM hosted in a secure cloud and administrative access to the accompanying dashboard. Only Laboratory must have access (subject to FIDO approval).

What are the outcomes of BixeLab Testing?

BixeLab can perform testing of your biometric solution to the applicable ISO standards such as ISO/IEC 19795 and ISO/IEC 30107.

As an outcome of BixeLab testing, you will receive several types of reports or results depending on the nature of the testing and your specific requirements. Here are some examples of what you might receive:

Global Universal Certification and Detailed Report:

• A detailed test report that includes information on the testing process, methodology, results, limitations, and findings. These reports typically include but are not limited to:

– Performance metrics such as FAR and FRR are provided to evaluate the accuracy and reliability of the system.
– Performance metrics such as IAPAR, APCER and BPCER are provided to evaluate the biometric system for PAD.
– Analysis and interpretation of the test results related to the biometric system or device tested.

• A Letter of Confirmation that your solution meets the applicable requirements of the relevant ISO standards.

Why should I undertake BixeLab testing?

Testing is a vital means of quality assurance for any biometric system as it provides:

Compliance: Assurance that the biometric solution is compliant with applicable international standards and regulations, making it easier to meet national regulatory requirements.

Enhanced Trust: Independent and qualified verification, enabling increased trust in the system and promoting wider adoption.

Competitive Advantage: A competitive advantage in the market as a biometric solution that has undergone NIST/NVLAP testing.

Why should I choose BixeLab?

Knowledge and Expertise: BixeLab has delivered a range of services including quality assurance, testing, data analysis, and other expertise for a range of private and public sector clients in the biometrics and identity domain.

Reliable and Trustworthy: BixeLab delivers services consistently and has a penchant for exceeding customer expectations. Honesty, transparency, and integrity are crucial to how we conduct our business.

Customer Service: BixeLab goes above and beyond to ensure your satisfaction. Our friendly and knowledgeable team is always ready to assist you and will go the extra mile to provide solutions.

Competitive Pricing: BixeLab offers its clients a fair price that aligns with the services provided. The pricing structure is clear, transparent, and offers customers just return on their investment.

Which biometric modalities can BixeLab test?

BixeLab is equipped with extensive experience in testing a wide range of biometric modalities. We are proud to offer our expertise in assessing the accuracy, reliability, and security of biometric and identity solutions. Our testing services are modality-agnostic, meaning that we can evaluate and provide insights on multiple biometric modalities including but not limited to face, fingerprint, and voice recognition. We provide accurate and reliable evaluations of biometric and identity solutions for various applications, including government, banking, and other industries. Our testing services include assessments of accuracy,security, and reliability to ensure that biometric solutions meet the highest standards.

How long does a standard evaluation take?

A standard evaluation typically requires 4 weeks. However, BixeLab takes pride in being able to adapt to clients’ specific needs to ensure good business outcomes.

A standard evaluation involves the following steps:

  • Planning and scoping: We work with the client to understand their specific needs and goals for the evaluation. We then develop a customised test plan.
  • Data collection and preparation: We collect and prepare the necessary data for the evaluation, including biometric samples and any relevant background information.
  • Testing and analysis: We conduct rigorous testing and analysis of the biometric solution using our state-of-the-art testing infrastructure and methodologies.
  • Reporting: We provide a comprehensive report detailing the results of the evaluation, including insights and recommendations for improvement.

For more information on our evaluation process or to customise your test plan, please contact us at info@bixelab.com.