ISO/IEC 19794-7:2014 specifies data interchange formats for signature/sign behavioural data captured in the form of a multi-dimensional time series using devices such as digitizing tablets or advanced pen systems. The data interchange formats are generic, in that they may be applied and used in a wide range of application areas where handwritten signs or signatures are involved. No application-specific requirements or features are addressed in ISO/IEC 19794-7:2014.
ISO/IEC 19794-7:2014 contains
- a description of what data may be captured,
- three data formats for containing the data:
- a full format for general use,
- a compression format capable of holding the same amount of information as the full format but in compressed form, and
- a compact format for use with smart cards and other tokens that does not require compression/decompression but conveys less information than the full format, and
- examples of data record contents and best practices in capture.
Specifying which of the format types and which options defined in ISO/IEC 19794-7:2014 are to be applied in a particular application is out of scope; this needs to be defined in application-specific requirements specifications or application profiles.
It is advisable that cryptographic techniques be used to protect the authenticity, integrity, and confidentiality of stored and transmitted biometric data; yet such provisions are beyond the scope of ISO/IEC 19794-7:2014.
ISO/IEC 19794-7:2014 also specifies elements of conformance testing methodology, test assertions, and test procedures as applicable to ISO/IEC 19794-7:2014. It establishes test assertions on the structure and internal consistency of the signature/sign time series data formats defined in ISO/IEC 19794-7:2014 (type A level 1 and 2 as defined in ISO/IEC 19794 1:2011/Amd.1), and semantic test assertions (type A level 3 as defined in ISO/IEC 19794 1:2011/Amd.1).
The conformance testing methodology specified in ISO/IEC 19794-7:2014 does not establish:
- tests of other characteristics of biometric products or other types of testing of biometric products (e.g. acceptance, performance, robustness, security),
- tests of conformance of systems that do not produce data records claimed to conform to the requirements of ISO/IEC 19794-7:2014.