Friday, July 20, 2018

Electronic Signatures in legal department.

Corporate legal departments once viewed technology as an obstacle that only made their day-to-day operations more difficult. Today, they’re realizing that it can help them to work efficiently and gain a competitive edge. We know how difficult it is to execute a legal document. Each party will have to sign on all the paper in the document for it to be legally binding. Now let's take an example of two parties signing a legal document that consists of ten papers. Each party will have to sign ten times in the document, bringing the total signature count to twenty. By using electronic signatures, the signing can be done in one authentication by each party. As you can see a legal document execution process that uses electronic signatures or eSign is an order of magnitude efficient than the paper and ink process.

Monday, July 16, 2018

About Global AUA, Local AUA, Vitual IDs, UID Token and their impact on your business

In the Aadhaar ecosystem, the companies that use authentication alone get registered as an Authentication User Agency (AUA) and those companies that need to use electronic KYC or eKYC go on to become KYC User Agency (KUA).  Those were the only two differentiation for user agencies in the Aadhaar ecosystem but this changed very recently with the introduction of Global AUA and Local AUA.

Recently, UIDAI had introduced several measures that allowed the Aadhaar holder to get the benefits of Aadhaar services without having to share their Aadhaar Number.  It also limited the KYC data set that gets shared with the parties in the Aadhaar ecosystem. As part of these measures, existing AUAs are classified into Global AUA and  Local AUA. UIDAI has also introduced concepts such as Virtual IDs and UID tokens as part of the Aadhaar API version 2.5. All existing AUAs and KUAs will have to implement the latest API by August 31st 2018. That is a lot happening in a short time frame which many businesses are finding it to be confusing. This post intends to give you a better understanding of the changes happening and help you understand its impact on your business.

Wednesday, July 11, 2018

The Difference Between Electronic Signatures and Digital Signatures.

The terms Electronic Signatures and Digital Signatures are frequently misused and often thrown around loosely. Let's have a look at the differences between both electronic signature and digital signature.

Digital Signatures
A digital signature is not the same as an electronic signature even though many use the two terms interchangeably. A digital signature is intended to provide an exact and accurate identification method for the signatory to provide a seamless transaction. Definitions of digital signatures vary depending on the application of legal power. A Digital Signature is equal to your handwritten signature which is digitized and can be used to authorize content within a document or the terms of a particular document.

Wednesday, June 20, 2018

Benefits Of Using Electronic Signatures At All Levels Of Government.

For some years now, the government has been trying to move most of its operations online. Government agencies have recognized eSign as a secure, enforceable, compliant, and economical way to achieve digital transformation. And since electronic signatures can be set up either on the cloud or on-premise, governments can take advantage of the high degree of customizability, scalability, functionality, and control realized in an enterprise solution, without worrying about limited IT and financial resources. Most notably, the need for speed and efficiency and the public’s high use of the internet makes now the right time for governments to embrace this foundational technology.

Wednesday, March 21, 2018

How to implement Aadhaar Data Vault without using HSM based tokenization?

In accordance with the UIDAI circular 11020/205/2017, any organisation that stores Aadhaar number in their database should implement Aadhaar Data Vault and replace the Aadhaar numbers using the reference tokens created by the Aadhaar Data Vault. The Aadhaar number and the XML returned by UIDAI as part of Aadhaar authentication/eKYC call will have to be stored in the encrypted format and the access to the Aadhaar Data Vault will have to be strictly controlled. The encryption keys should be stored in a Hardware Security Module.   This is the crux of the reference id circular published by UIDAI, for more details please follow the link given above.

Now the question is how do you implement Aadhaar Data Vault in an organisation that is storing Aadhaar numbers without using HSM based tokenization solution which can be very costly?

Tuesday, February 20, 2018

Aadhaar Verification Through Face Recognition

As a move intended to offer major relief to older people whose fingerprints and irises are unclear, aadhaar will now allow face recognition along with biometrics. The decision comes after the Unique Identification Authority of India's attempt to address privacy concerns by offering the option of creating virtual IDs that cover the actual unique identification number of a user during an UID-authenticated transaction. 

Wednesday, January 17, 2018

How to fetch your Aadhaar Authentication details?

As Aadhaar contains critical information, account holders are worried about the safety of their data as any misuse of details can prove a danger for the lifetime. Hence, it is vital to check the authentication of any website before submitting the Aadhaar details. The online tool, called 'Aadhaar Authentication History', enables Aadhaar holders to view their authentication details and access their Aadhaar Authentication History (Notifications) data. Using this tool, a user can access a variety of information such as Auth Type (Method of Aadhaar Authentication), Transaction ID ( Unique Aadhaar transaction ID at the time of request) and Error Code (Aadhaar authentication failure code), Authentication Response ("Y" - Success. "N" - Failure), Time and Date of Authentication, and Response Code.