Aspectos técnicosBiometríaCertificación

BAPI – Biometric Application Programming Interface

Publicado el Julián Inza
EADTrust Igualdad de armas o simetría probatoria

BAPI es una especificación desarrollada en torno a 1997,  inicialmente por la empresa americana «I/O Software» secundada en el «BAPI Working Group» por las empresas y entidades Amano Cincinnati, Association for Biometrics, Biometric Sciences, DelSecur, Harris/AuthenTek, I/O Software, International Biometric Group, Kent Ridge Digital Labs, Miros, Prologex, Sagem Morpho, Siemens, Singapore Centre for Signal Processing, Sony, StarTek Engineering, TEC (Toshiba), Thomson-CSF, Veridicom, y Viisage Technology.

I/O Software fue una entidad pionera en el mundo de la biometría impulsada por dos precoces emprendedores William Saito y Tas Dienes, mientras finalizaban sus estudios de bachillerato (Secundaria).

En 1998 I/O Software se incorporó al BioAPI Consortium y su especificación BAPI pasó a formar parte de la documentación de base que dio lugar a la especificación BioAPI.

La especificación consideraba un protocolo de software y un API (application programming interface) para facilitar la comunicación entre el software de aplicación y los dispositivos biétricos.

El año 2000, Microsoft adquirió a I/O Software la tecnología BAPI con la idea de incluirla en futuras versiones de Windows. I/O Software también licenció elementos de BAPI a Intel para su inclusión en la plataforma de seguridad PC de la entidad.

En el año 2004 Microsoft adquirió la propia compañía I/O Software.

En el marco de BAPI se definió el siguiente glosario (en inglés):

  • BAPI Device Module Interface (BDMI). This is the interface between BAPI and the physical biometric device. The device manufacturer provides a BDM, which is an instance of BDMI, to support BAPI on a given operating platform for their device.
  • BAPI Device Module (BDM). This is essentially a device driver provided by the device manufacturer that maps a particular device’s capabilities into the functionality provided by BAPI and defined by BDMI.
  • Biometric Application Programming Interface (BAPI). This is an API that allows the programmer to develop applications for a broad range of virtual biometric devices (VBDs) without knowing the specific capabilities of the device. The API is comprised of three distinct levels of functionality from high device abstraction to low (device specific) abstraction.
  • Biometric device. A biometric device is a physical device that is typically attached to a microcomputer (in our paradigm) that can obtain and process distinctive human characteristic data such as fingerprint scanners, retina pattern analyzers or voice analyzers.
  • Biometric element. A biometric element is the physical portion of a biometric device that is used to actively or passively acquire biometrics data from a biometrics sampling source.
  • Biometric sample/data. The biometric sample is the information obtained from a biometric device that contains the encoded information that is the distinctive human characteristic data such as a finger print, retina pattern or voice prints.
  • Biometric sampling source. This is the target entity which the biometric device is designed to sample, scan or read.
  • Channel. A channel is the method by which a component processes data, whether that process is creation, transformation or comparison. Each component type is expected to contain one or more standard channels. In addition, any number of extended channels may be defined in order to fully enumerate the capabilities of a particular biometrics device.
  • Comparison. This is the act of matching sampled biometric data against another set of data for verifying and/or identifying an individual. Comparison is always done between comparison data and template data. Comparison returns a score that indicates the degree to which comparison data and template data match.
  • Comparison data. This is the data sampled from a biometric sampling source and is typically used for comparison to stored template data.
  • Component. A component is a logical classification of one particular step in the biometrics authentication/identification process. There are five categories of components: Samplers, Filters, Engines, Storage and OEM defined components.
  • Control. Controls can affect the way data is processed by the channels, or supply BAPI functions with important information regarding the status of a channel or device.
  • Engine component. An engine component provides the processing functionality in order to verify or identify an individual. An ENGINE component drives a particular process.
  • Event. An event is the occurrence of an incident such as a mouse click or key press.
  • Event driven. Describing something as event driven indicates that a process is controlled and/or communicates using events. These events are used as signals to inform any or all processes of thread, hardware or software status and other information that is needed by a process to continue, pause or terminate execution.
  • Filter component. This component functions to reduce or optimize raw biometric data to be later be used in comparison or verification functions.
  • Hardware Abstraction Layer (HAL). This is the logical portion of a system that separates the OS from the modules of the system that make use of any OS-provided functionality.
  • High Level BAPI (HBAPI; Level 3). High level BAPI is intended for use in writing applications that are expected to utilize an arbitrarily selected BAPI compliant physical biometric device. At this level, the applications programmer must use the standard VBD programming model.
  • Identify. This is a one-to-many comparison of sampled comparison data to the template data stored in a template database. In this case, it is not necessary for the user to identify himself to the system before beginning the identification process. Identification is often slower than verification (because of the need to search a large database), and many biometric systems cannot perform this function. This can mean the same as to verify but may often have an optimized and separate processing mechanism associated with it on a biometric device.
  • Low Level BAPI (LBAPI; Level 1). The lowest level of BAPI allows the applications programmer to utilize the special features of a biometric device from a known manufacturer. This level allows for complete control of a specific biometric device.
  • Middle Level BAPI (MBAPI; Level 2). The mid level of BAPI is used when the programmer knows the categorical type of biometric device that will be used. This level is best used when the category is known but the physical device is still arbitrary.
  • Multithreaded. Multithreaded denotes the capability to execute multiple executables or portions of an executable simultaneously. BAPI is multithreaded and supports multithreaded BAPI applications by ensuring that each application executes within its own execution context within BAPI. BAPI manages this context as well as resource and device access and contention.
  • Profile data. Profile data is general information regarding an individual that can be stored in the user’s database within VBD.
  • Raw data. This is the initial biometric data obtained from a sampling source before any reduction, processing or optimizing occurs.
  • S-Process. This is the process of sampling biometric data from a biometric sampling source so that it can be reduced into template data and then used directly for comparison functionality.
  • S-template. An s-template is functionally equivalent to «comparison data» (described above). Stands for comparison «sample – template.»
  • Sampling. Sampling is the act of acquiring biometric data from a sampling source.
  • Score. The score is the numerical result of a comparison function. It indicates to what degree the sampled biometric data matches the stored template data for an individual.
  • Sensor. A sensor is the mechanism on a biometric device for checking for the presence of a biometric sampling source ready to be sampled.
  • Status report. A status report is the means by which a biometric device can report its operational status. LEDs and LCD displays on the physical devices are examples of status indicators.
  • Storage component. Storage components provide access to nonvolatile memory areas within the VBD model.
  • Template data. This is the result of reducing or optimizing the raw data obtained during a sampling process (T–Process) for use in identifying or verifying an individual. In most cases, the idea behind a template is to reduce the size of the raw data into the smallest size possible while still retaining the data’s inherent uniqueness.
  • T-Process. This is the process of obtaining biometric data from a biometric sampling source so that it can be reduced into template data and then, typically, stored for use in future comparison functions.
  • T-template. A t-template is functionally equivalent to «template data» (described below). Stands for comparison «target – template.»
  • User Database. This is a database of USER records internally maintained by the VBD.
  • USER record. A USER is a database record containing information about an individual and their template and or profile data.
  • Verify. This is a one-to-one comparison of stored template data to sampled comparison data. This can mean the same as identify, but may often have an optimized and separate processing mechanism associated with it on a biometric device. The verification process simply certifies that the user is who he says he is.
  • Virtual Biometric Device (VBD). A VBD provides an abstraction layer between the BAPI application and a physical biometric device which contains the common core functionality and components which are shared by all biometric devices. By targeting the VBD model, a BAPI programmer can write an application that targets all BAPI compliant biometric devices.