Authentication On-Boarding. Aadhaar Authentication Enrolment Aadhaar Generation Update Secure...

Click here to load reader

download Authentication On-Boarding. Aadhaar Authentication Enrolment Aadhaar Generation Update Secure Aadhaar Authentication Framework Aadhaar Authentication

of 15

  • date post

  • Category


  • view

  • download


Embed Size (px)

Transcript of Authentication On-Boarding. Aadhaar Authentication Enrolment Aadhaar Generation Update Secure...

  • Slide 1

Authentication On-Boarding Slide 2 Aadhaar Authentication Enrolment Aadhaar Generation Update Secure Aadhaar Authentication Framework Aadhaar Authentication Implementation Model Aadhaar authentication - process wherein Aadhaar number, along with other attributes (demographic/biometrics/OTP) is submitted to UIDAI's Central Identities Data Repository (CIDR) for verification CIDR responds with a Yes/No. No personal identity information is returned as part of the response Authentication works on a Authentication Service Agency (ASA) Authentication User Agency (AUA) Framework. ASA provides a secure channel for sending the authentication requests to the CIDR. AUA is User Department which intends to use Aadhaar Authentication to verify its beneficiaries and deploys POS devices Benefits Online real-time authentication from a secure system Biometrics not stored in the card or local machine/server therefore, more reliable Required only a GPRS connectivity size of authentication packet is < 1 KB Scalable ASA-AUA Model Economical when compared to life cycle costs of issuing cards Slide 3 Dos & Dont of Aadhaar Authentication What Aadhaar Authentication Will DoWhat Aadhaar Authentication Will Not Do Authenticate against residents data in UIDAIs CIDR Authenticate against data stored on a smart card Return response to requesting agencies as Yes/No Return personal identity information of residents Initiate request over mobile network, Landline network and broadband network Remain restricted to broadband network Require Aadhaar for every authentication request reducing transaction to1:1match Search for Aadhaar based on details provided requiring 1:Nmatch Slide 4 Aadhaar Holder Authentication Devices AUA ASA UIDAIs Data Centre Response About 1 KB About 100 bytes (Yes/no, auth code, err code) 567 123 4 Response About 1 KB 700 bytes Encrypted PID block 3-4 KB Auth packet Including digital signature 3-4 KB with ASA license key added Till Date, over 70 lakh Aadhaar Transactions are performed. During the authentication, match is 1:1 i.e. biometrics captured during authentication are compared with biometrics of that particular AADHAAR as existing in CIDR. Best Finger Detection helps in identifying the fingers which result in great chances of match during authentication process. BFD also helps to identify beneficiaries who may need to update their biometrics. Authentication Service Delivery Model Slide 5 Best Finger Detection BFD is against enrollment data Enrollment quality impacts BFD selection Slide 6 2 Finger Authentication During multiple attempts, simplified two finger scheme can be implemented which is detailed below. By retaining the last captured fingerprint minutiae in memory, application can only request one best finger and form two finger authentication requests. Sample capture flow process is indicated below. Capture 1 1st best finger single finger auth transaction If fail, Capture 2 2nd best finger two finger auth transaction ( using capture 1 and 2) If fail, Capture 3 1st best finger two finger auth transaction ( using capture 2 and 3) Slide 7 Aadhaar Authentication initiatives in Andhra Pradesh Food & Civil Supplies Dept- Dept currently is disbursing commodities to beneficiaries in 145 Fair Price Shops through Aadhaar Authentication ( 100 FPS in East Godavari and 45 FPS in Hyderabad). Till date, over 11 lakh Aadhaar authentication transactions are performed. Multiple Seeding options are used by Dept which include Inorganic Seeding through KYR+ Data Organic Seeding Mobile Field staff to collect UID from beneficiary/ POS based seeding Issues Addressed: - Connectivity: POS Devices are modified to support for multiple mode of connectivity GPRS/BroadBand/PSTN ( Shadow areas in Urban Regions) - Acceptability by Operators: Incentive Mechanism - Training and Capacity Building - Fraud Monitoring Slide 8 Aadhaar Authentication initiatives in Andhra Pradesh S.No.District % Ben Auth %Inspect or Auth %OTP 1 East Godavari87.4830.04712.470 2 Hyderabad86.1421.10912.749 Slide 9 Aadhaar Authentication initiatives in Andhra Pradesh S.No.District Ration Drawn Cards No of Transactio ns Total Rice Sold (In Kgs.) Total Koil Sold (In Ltrs.) Total Dal Sold (In Kgs.) Total Palmoil Sold (In Ltrs.) Total Sugar Sold (In Kgs.) Total Wheat Sold (In Kgs.) Total WholeMeal Atta Sold (In Kgs.) 1 East Godavari1,157.0001,159.0002,510.0001,891.00020.500252.00081.00078.00039.000 2 Hyderabad148.000 2,187.000356.0002.000147.00065.00030.00031.000 Total 1,305.0001,307.0004,697.0002,247.00022.500399.000146.000108.00070.000 S.No.Commodity Percentage Savings 1 Rice20% 2 Sugar15% 3 K. Oil25% 4 P.Oil14% Savings Analysis in East Godavari for 100 Fair Price Shops (FPS). Slide 10 Aadhaar Authentication initiatives in Andhra Pradesh Social Welfare Dept- Govt of AP has an online application system for scholarships called Electronic Payment and Application System of Scholarships- EPASS. Aadhaar Authentication is integrated into existing workflow because of which need for verification by Field officer to confirm the scholarship beneficiary is removed. It is proposed that scholarship amount will be disbursed to successfully authenticated beneficiaries. Dept is requesting the scholarship beneficiary to upload the scanned copy of Aadhaar Letter and Bank Pass Book during the application for scholarship. Departmental officers are using these scanned copies to verify the seeding details and pass the verified information to LDM for Bank Seeding Dept is also proposed to avail RASF Services for seeding.. Slide 11 Aadhaar Authentication initiatives in Andhra Pradesh Rural Development Dept Dept in partnership with ICICI, Axis Banks and Department of Post is currently disbursing NREGA wages and Social Security Pensions in districts of Chittoor, East Godavari and Anantapur through Aadhaar Authentication. Till date, over Rupees 100 Crores amount is disbursed through around 21 lakh Aadhaar authentications. Dept of Post leverages the services of Branch Post Master ( BPM) to organically seed data for pensioners. Dept of Post also made a provision for POS based seeding. State Resident Data Hub( SRDH) services are availed by RD Dept to aid in seeding efforts. UIDAI complaint MicroATMs are deployed by Banks & DoP for disbursing Payments. Slide 12 12 AEPS Payments AUADistrict AEPS Transacti ons Amt Disbursed (Rs.) ICICI Bank East Godavari 5923117681854 Hyderabad 12148435410700 Mahabubnaga r 27270900 Karimnagar 175545161300 Medak 637164400 Kadapa 6330116561500 Axis Bank Chittoor 1,07,86728116883 Anantapur 70,38818221327 Ranga Reddy 14,9144008000 Warangal 813228000 Krishna 3,701933000 Kurnool 647167000 AUADistrict AEPS Transaction s Amt Disbursed (Rs.) Dept of Post Chittoor1352093751786669 East Godavari 19484484722686 Srikakula m 11222345924976 Adilabad324228939500 Guntur5246214947800 Nalgonda14281132960 Mahabubn agar 9164835 Medak220236750 Warangal578579920 Grand Total AUAs 21,59,34110226,68,960 Slide 13 Aadhaar Authentication initiatives in Andhra Pradesh Rajiv Yuva Kiranalu Dept is in process of integrating Aadhaar Authentication to conduct daily attendance monitoring of trainees of RYK Program. Issues observed in existing project include Enrolment of Fake Candidates by Training Center Recording of Fake Biometrics by Training Center Training Center registers candidates with Ration Card, for which there is no de-duplication. Device level manipulation by Training Center 90% of Training Centers are not claiming 3 rd installment It is proposed that Aadhaar Authentication can be integrated into existing Business Flow to conduct attendance monitoring of students. Pilot is launched in 4 training centers of East Godavari District Slide 14 Authentication Best Practices BFD and Two Finger Authentications- Improves the success rate for authentication. This needs to be planned at device UI level and proper operator training needs to be ensured. BFD is must do before any authentication attempt Mechanism for Aadhaar Seeding verification - Authentication could be rejected because of Aadhaar seeding issues. It is highly recommended to have a mechanism to verify/correct Aadhaar in database when resident comes for availing service for the first time. Operator training and Audits - There should be regular audit and training of operators to ensure that they improve constantly Appropriate Error Code handling at all levels -Clear and actionable messages should be configured at client level Fraud Monitoring and Analysis - Fraud monitoring mechanism required to ensure there is no misuse of exception handling mechanisms Issue reporting, tracking and resolution Slide 15 THANK YOU