Biometric SDK

Overview

The BioSDK diagram illustrates how MOSIP integrates biometric devices for registration and authentication. It shows the flow of biometric data from capture devices through the Secure Biometric Interface (SBI) to the BioSDK, which performs quality checks, deduplication, and operator authentication.

For registration, signed biometrics are sent to the MOSIP backend, where the BioSDK ensures data quality, ABIS handles deduplication, and ID Auth manages 1:1 matching. During authentication, encrypted biometrics are verified via the authentication app. Device management, including registration, deregistration, and key rotation, is handled by the Device Management Server.

Applications

• Registration Client.

• Backend quality check.

• Biometric authentication during onboarding (internal auth).

• ID Authentications.

Biometric SDK library

The library is used by the Registration Client to perform 1:N match, segmentation, extraction, etc. For more information on integration with Registration Client, refer to the Registration Client Biometric SDK Integration Guide.

A simulation of this library is available as Mock BioSDK. The same is installed in the MOSIP sandbox.

Biometric SDK service

For 1:1 match and quality check of biometrics at the MOSIP backend, the BioSDK must be running as a service that can be accessed by Registration Processor and IDA Internal Services. The service exposes REST APIs specified here.

A simulation (mock) service has been provided. The mock service loads mock BioSDK internally on the startup and exposes the endpoints to perform 1:N match, segmentation, and extraction as per IBioAPI.

The service may be packaged as a docker running inside the MOSIP Kubernetes cluster or running separately on a server. The scalability of this service must be taken care of depending on the load on the system, i.e., the rate of enrolment and ID authentication.

API

1. BioSDK library: IBioAPIV2

2. BioSDK service: TBD.

Testing kit

BioSDK server request/response may be tested using the BioSDK testing kit.

Configuration

The following properties in application-default.properties needs to be updated to integrate the BioSDK library and service with MOSIP.

mosip.fingerprint.provider=io.mosip.kernel.bioapi.impl.BioApiImpl
mosip.face.provider=io.mosip.kernel.bioapi.impl.BioApiImpl
mosip.iris.provider=io.mosip.kernel.bioapi.impl.BioApiImpl
mosip.ida.biosdk-service.url=http://mock-biosdk-service.default:80
mosip.regproc.biosdk-service.url=http://mock-biosdk-service.default:80
mosip.idrepo.biosdk-service.url=http://mock-biosdk-service.default:80