Biometric Target
Documentation related to the Biometric Target and its behavior. This functionality is available only from GBDS version 5.
Behavior
On any enroll/update
If a transaction does not have "origin", which means there is no label referring to a source organization, the transaction will have, for exception purposes, origin of higher-level organizations.
Example: A transaction registered in an environment with organization ori_griaule as a higher-level organization (without a parent organization), will have ori_griaule as origin
In exception generation
CSI means Simplified Nonconformity Cycle. It is a system used to evaluate biometric data, determining whether a biometric candidate is HIT, NO_HIT or UNCERTAIN based on specific thresholds during enrollment or updates. A candidate is marked as HIT if its match is above the CSI threshold, NO_HIT if it is not, and UNCERTAIN if its match is below the threshold.
Finger hit: all matches for fingers reach minimum biometric count
Finger No Hit: all finger non-matches reach minimum biometric count
Face hit: all matches for face
Face No Hit: all face non-matches reach minimum biometric count
Each candidate will be marked as HIT, NO_HIT, or UNCERTAIN
If the biometric candidate is not a match, it will be a NO_HIT
If the biometric candidate is a match with a value below the CSI threshold it will be UNCERTAIN, according to enroll/update and finger/face settings
If the biometric candidate matches with a value above the CSI threshold, it will be a HIT, according to enroll/update and finger/face settings
Exceptions will be marked as target BIOMETRIC, BIOMETRIC_INCONCLUSIVE, BIOMETRIC_MISMATCH or BIOGRAPHIC:
Enrollment
HIT
HIT
BIOGRAPHIC
HIT
NO HIT
BIOMETRIC_MISMATCH
NO HIT
HIT
BIOMETRIC_MISMATCH
No finger or face hit and no finger or face no-hit:
with biometric uncertainty, generates an exception
BIOMETRICwith biometric certainty, generates an exception
BIOMETRIC_INCONCLUSIVE
Update
NO HIT
NO HIT
BIOGRAPHIC
HIT
NO HIT
BIOMETRIC_MISMATCH
NO HIT
HIT
BIOMETRIC_MISMATCH
If no finger or face is considered HIT nor NO_HIT:
with biometric uncertainty, generates a BIOMETRIC exception
with biometric certainty, generates a BIOMETRIC_INCONCLUSIVE exception
Next biometric
The next biometric to be evaluated will be:
Belonging to a candidate with an exception in ANALYSIS
With an overall decision of UNCERTAIN
Not allocated to anyone
From an exception where the incoming transaction or the incoming and reference transaction contain a label with at least one of the organizations from the user's permission labels
Can be configured from the endpoint with the parameter
originENTRANT, will be filtered only by the incoming transactionBOTH, will be filtered by both transactions
The list of organizations provided is hierarchical, which means that if an organization has children, all children will be considered to find exceptions. With security enabled, this list of organizations is retrieved from the user's permissions, being all permissions that start with the configured organization prefix, default "ori_".
Finger and/or face will be returned according to the user's configured permission, default "tpca" for fingerprints and "fca" for face, or according to the request for finger or face
If the "double blind" setting is enabled, the user allocated to the biometric cannot have previously decided on the biometric
The order for next biometric is decided by priority and the order provided in the endpoint. If none is provided, by default the order is from the oldest.
GET next biometric will return the number of biometrics available to be processed, which are
All UNCERTAIN of target BIOMETRIC with status ANALYSIS not decided by the user making the next biometric request, available to the organization the user belongs to and, if requested for finger or face, will be counted from the chosen selection
With a selected biometric, it will be allocated to the user for 5 minutes.
Manual Unlock
Can be done using the endpoint Unlock biometric
For each biometric treatment
The validations to be performed are:
User must be provided, unless security is enabled, in which case the user is provided by the token
Timeout is zero by default, when the treatment is final and the exception is treated as APPROVE, this value is used
Required parameters:
enroll TGUID, exception PGUID, decisionandindexException must exist and be in ANALYSIS and target BIOMETRIC (other types are not handled at this stage)
The exception candidate must have an index and be classified as UNCERTAIN
The biometric candidate must be allocated to the user or not allocated to any other user
The user cannot have made a decision for this candidate previously
The biometric must be allocated to the user
If everything passes, the decision is marked on the candidate and the candidate is released (deallocated)
Double Blind
On
The decision is final when there are enough equal decisions (configured in gbds.csi.doubleBlind.threshold)
Off
Final
Final decision
If the decision is not final, the exception status is NOT_FINAL
If the decision is final and all necessary treatments are completed:
Enrollment
APPROVE - No hit of dfinger and face reach the minimum count amount for enrollment, being considered a false positive
BIOGRAPHIC - Finger and face hit reach the minimum count for enrollment
BIOMETRIC_MISMATCH - If finger hits and face non-hits/finger non-hits and face hits reach the minimum count for enrollment
BIOMETRIC_INCONCLUSIVE - If all decisions are made but no conclusion is reached
Update
APPROVE - If finger and face hits reach the minimum count value for update, being considered a false negative
BIOGRAPHIC - Finger and face no-hits reach the minimum count for update
BIOMETRIC_MISMATCH - If finger hits and face non-hits/finger non-hits and face hits reach the minimum count for update
BIOMETRIC_INCONCLUSIVE - If all decisions are made but no conclusion is reached (all HIT, NO_HIT or UNCERTAIN_EXPERT, but without a defined minimum value)
Priority
When an exception is prioritized or deprioritized, all exceptions for the same entrant are affected.
Last updated
Was this helpful?