SEP7US MatchOnCard Auxiliary
During the years 2013 to 2018, in my early programming journey, I worked on projects related to smart cards based on ISO/IEC 7816-4 smart card chips. Below, I present SEP7US, a library I implemented that was used for biometric match-on-card verification, following NIST’s MINEX guidelines.
Author
Project Repository
You can find the full project here: GitHub - SEP7US
I consider it very important to briefly explain how this library works, since there is very little public documentation available about biometric standards.
Disclaimer
SEP7US Match on Card 0x7E3
Any modification made without proper supervision or consent is at your own risk. Changing the code will drastically alter verification results on any PIV Smart Card application.
Languages and Tools
- C++
- Java Native Interface (JNI)
Purpose
SEP7US provides an auxiliary library for converting biometric minutiae templates:
- ISO/IEC 19794-2:2005
- ANSI INCITS 378-2004
into the ISOCC format required for biometric match-on-card verification of chips based on ISO/IEC 7816-4 standards.
Internal Process
- Minutiae Counting
- Spatial Requantization
- Angular Requantization
- Minutiae Sorting
Template Identification
It is important to define the starting position of minutiae data depending on the template type:
ISO/IEC 19794-2:2005
posDataTemplate = 0x12; // DEC=18
ANSI INCITS 378-2004
posDataTemplate = 0x14; // DEC=20
Minutiae Counting
short numMinutiae = (short) fTemplate[posDataTemplate+9] & 0xFF;
The array size for the ISOCC template will be determined by:
// numMinutiae
short sizeISOCC = numMinutiae * 3; // (X, Y, T|A)
Spatial Requantization
This process expresses minutiae coordinates in terms of 0.1mm.
Base Formula:
CoordMM = 10 * Coord / RES
CoordUNITS = CoordMM / 0.1
CoordCC = 0.5 + CoordUNITS
Template Resolution Calculation:
short xres = (short) (fTemplate[posDataTemplate+0] << 8 | fTemplate[posDataTemplate+1]) & 0xFF;
short yres = (short) (fTemplate[posDataTemplate+2] << 8 | fTemplate[posDataTemplate+3]) & 0xFF;
X Coordinate:
*pcoordmmX = 10.0 * (double) *ptmpx / xres;
*pcoordunitsX = *pcoordmmX / 0.1;
*pcoordccX = (short)(.5 + *pcoordunitsX);
Y Coordinate:
*pcoordmmY = 10.0 * (double) *ptmpy / yres;
*pcoordunitsY = *pcoordmmY / 0.1;
*pcoordccY = (short)(.5 + *pcoordunitsY);
Angular Requantization
The angular requantization represents minutiae angles in 6 bits (0–63), considering that the maximum value is 360°.
ISOCC angle resolution:
360/64 = 5.625°
float ISOCC_ANGLE_RESOLUTION = 5.625f;
For ISO/IEC 19794-2:2005:
360/256 = 1.40625°
ANGLE_RESOLUTION = 1.40625f;
For ANSI INCITS 378-2004:
360/180 = 2°
ANGLE_RESOLUTION = 2;
Final Computation:
tmpCAngle = ANGLE_RESOLUTION * (*ptmpa);
tmpFAngle = tmpCAngle / ISOCC_ANGLE_RESOLUTION;
short t = (*ptmpt | tmpFAngle) & 0xFF;
Minutiae Sorting
Although some smart cards do not require sorting, SEP7US provides four main sorting functions:
void XYAsc(unsigned char *a, short n); // X ascending
void XYDsc(unsigned char *a, short n); // X descending
void YXAsc(unsigned char *a, short n); // Y ascending
void YXDsc(unsigned char *a, short n); // Y descending
External Methods
ISOCC
Generates an ISO Compact Card template.
__declspec(dllexport) unsigned char *ISOCC(
unsigned char templateFormat,
unsigned char *fTemplate,
unsigned char sorting
);
Parameters:
-
templateFormat:0xFFfor ISO/IEC 19794-2:2005,0x7Ffor ANSI INCITS 378-2004 -
fTemplate: Pointer to the original template -
sorting: Sorting option (0x00,0x0F,0x10,0x1F)
Verify
Generates an ISOCC template with ISO/IEC 7816-4 APDU headers for PIV verification.
__declspec(dllexport) unsigned char *Verify(
unsigned char CLA,
unsigned char INS,
unsigned char P1,
unsigned char P2,
unsigned char templateFormat,
unsigned char *fTemplate,
unsigned char sorting
);
Default APDU Command: 0x00 0x21
Headers added:
7F2E : "Biometric Data Template"
License
MIT
Top comments (0)