2.10.1 Biometric On-Card Comparison

You can configure MyID to allow you to store fingerprint biometrics on your card that are available for biometric on-card comparison. To do this, edit a credential profile to have the following configuration:

• In Device Profiles, set the Card Format to PIVDataModelMOC.xml – this allows MyID to write the fingerprint data to the device.

  Note: If you use customized the card data models, or want to use biometric on-card comparison with other data models, contact Intercede quoting SUP-400.

• In PIN Settings, enable the Biometric On-Card Comparison option – this allows you to use the saved fingerprint data as a PIN replacement for authentication.

The cards can store only up to two fingerprints. The fingerprints are chosen based on availability and priority order; the first two fingers in the priority order for which fingerprints are available are chosen.

The priority order is:

1. Preferred index finger.

2. Other index finger.

3. Preferred middle finger.

4. Other middle finger.

5. Preferred thumb.

6. Other thumb.

7. Preferred ring finger.

8. Other ring finger.

9. Preferred little finger.

10. Other little finger.

The fingerprint data is written to the card when the card is personalized or is re-personalized. You can enable selective device updates to biometric data with additional configuration of your system; for more information, contact Intercede quoting SUP-398.

Note: Currently only IDEMIA ID-One PIV v82 cards are supported. Additionally, while MyID CMS writes the Biometric On-Card Comparison data to the card, the data is not used for authentication to any MyID CMS self-service or card management processes. Using the Biometric On-Card Comparison features of the card with other systems may require additional third-party software.