Comment on page
Compliance Tool Kit (CTK) is an online portal that can be used by MOSIP partners to test the compliance of their product developed as per specifications (specs) published/adopted by MOSIP.
Currently, CTK supports testing of compliance with the below specifications:
- 1.SBI: Secure Biometric Interface (SBI) is used to interface with biometric devices. Device partners are required to build a software layer that provides a unified communication protocol for all biometric capture use cases. The specifications that should be followed are defined as Secure Biometrics Interface (SBI) specs. The compliance tool kit ensures that the interface built by the device provider follows the specs, and a certain level of security and integrity is defined in the SBI spec. The device hardware security features are not tested as part of this toolkit.CTK also supports the testing with Android SBI specifications.
- 2.SDK: Biometric Service Providers (BSPs) provide SDK implementation which supports quality check, match, extraction, and conversion of biometrics. MOSIP defines an iBioAPI as the specification for this SDK implementation. Biometric SDK providers are also required to integrate this HTTP service into their solution. This allows running the SDK as an independent HTTP service. The compliance tool kit would make sure that these interfaces are as per the MOSIP-defined specifications for smooth interaction.
- 3.ABIS: To provide a unique identity for a resident, MOSIP has to ensure that the uniqueness of the resident's biometrics is maintained. To achieve this, MOSIP interfaces with an Automated Biometric Identification System (ABIS) to perform the de-duplication of a resident's biometric data. ABIS is used for 1:N deduplication. MOSIP interacts with ABIS only via message queues. The JSON format is used for all control messages in the queue. ABIS must comply with the interface defined in ABIS API Specifications.
- To support compliance with the specifications, CTK has predefined test cases for each of the above specs.
- Each test case is run on a given method of the specs. Each test case defines the attributes required to create the request to be sent to the method.
- Each test case also defines the response expected from the method. In this response, various validators are run. Each validator will perform a predefined check on the response. If all validations are successful, the test case is passed otherwise it is a failed test case.
- Partners can use CTK to run these test cases to check if their implementation adheres to the MOSIP’s specs or not.
The diagram below illustrates the architecture of Compliance Tool Kit.
To access the build and read through the deployment instructions, refer to the below-mentioned READMEs:
To access the source code for Compliance Tool Kit, refer,