This document is a profile that specifies requirements for testing biometric presentation attack detection (PAD) mechanisms on mobile devices with local biometric recognition and on biometric modules integrated into mobile devices.

The profile lists requirements from ISO/IEC 30107‑3 that are specific to mobile devices. It also establishes requirements that are not present in ISO/IEC 30107‑3. For each requirement, the profile defines an “Approach in PAD Tests for Mobile Devices”. For some requirements, numerical values or ranges are provided in the form of best practices.

This profile is applicable to mobile devices that operate as closed systems with no access to internal results, including mobile devices with local biometric recognition as well as biometric modules for mobile devices.

This document is not applicable to mobile devices with solely remote biometric recognition.

The attacks considered in this document take place at the capture device during the presentation and collection of biometric characteristics. Any other attacks are outside the scope of this document.