Secure Biometric Interface (SBI)
THIS DOCUMENT IS BEING UPDATED. FOR THE PUBLISHED VERSION PLEASE FOLLOW THIS LINK.
Revision history
Overview
Secure Biometric Interface (SBI), previously called MOSIP Device Service (MDS) specification establishes standards/protocols that are necessary for a biometric device to be used in MOSIP. The SBI specification is primarly intented for biometric device manufactures, developers and designers to build MOSIP compliant devices. All devices that collect biometric data should operate within the specification of this document.
SBI service
SBI service is a software module running on a host that exposes the SBI interface to the host application like a registration client or authentication app. The service must run on any of the ports in the range 4501-4600. The host system could be any operating system - Windows, Android or IOS.
Communication interfaces
The following communication intefaces are defined:
Device Discovery
Device Info
Auth Capture
Registration Capture
Stream
The JSON objects of the interface are defined here.
Important temininologies referred in the SBI are given below.
Device certification levels
SBI CL 1.0
The biometric capture, processing and signing is done at the host machine level (for example laptop/mobile).
Used in controlled environments like registration.
SBI CL 2.0
The biometric capture, processing, encryption and signing is done within FTM.
Used in uncontrolled environments like authentication
SBI CL 1.0 and SBI CL 2.0 were previously referred to as L0 and L1 respectively.
Device physical ID
An identification mark that shows MOSIP compliance and a readable unique device serial number (minimum of 12 digits), make and model. The same information has to be available over a 2D QR Code or Barcode. This is to help field support and validation.
Device subtype
deviceSubType
:
For
Finger
:Slap
,Single
orTouchless
For
Iris
:Single
orDouble
For
Face
:Full face
Signed digital ID
For registered devices The Digital ID is signed with DKL0 in SBI CL 1.0 devices and DKL1 in SBI CL 2.0 devices. The signature is represented as JSON Web Signature RFC 7515:
Unsigned digital ID
Just base64 encoded:
Biometric subtype
The bioSubType
have following values:
For Finger:
Left IndexFinger
Left MiddleFinger
Left RingFinger
Left LittleFinger
Left Thumb
Right IndexFinger
Right MiddleFinger
Right RingFinger
Right LittleFinger
Right Thumb
UNKNOWN
For Iris
Left
Right
UNKNOWN
For Face: No subtype
Device subID
deviceSubId
is used to enable a specific sensor in the device. It can have following values:
0: Unknown device
1: Left iris/slap
2: Right iris/slap
3: Two thumbs/irises
4(onwards): Any other sensors
Live stream
Before start
On start of stream
Second Frame
Error codes
Last updated