Thursday, March 26, 2015

How to find the right type of authenticaion device for your Aadhaar Auth or E-KYC solution?




For making use of the Aadhaar eco system , be it Authentication or E-KYC, business houses should enable the users of the system to authenticate and establish their identity.  This usually requires installation of  biometric devices such fingerprint scanner or iris scanners. In this blog we look at the various authentication methods and devices that can be used to enable Aadhaar based authentication in your application.

UIDAI prescribes the use following authentication methods for establishing the identity of  the users.

  • OTP (One Time Password) based authentication
  • Iris scanner based authentication
  • Fingerprint scanner based authentication

OTP (One Time Password) Based Authentication

One Time Password is a system generated number sent to users via SMS or email. Once the same number is entered in to the system back , the user is successfully authenticated. The main draw back of OTP is that, majority of the aadhaar card holders have not linked their mobile numbers with UIDAI. So if the business house (Banks or NBFC) created a system that uses only OTP will not be able to service majority of the customers.  One notable advantage is that business house don't need to install any special hardware device to support this.

OTP based authentication is ideally suited for web application that requires the use of Aadhaar based authentication. It can also be used as a fall back method in cases where fingerprint based authentication fails.

Iris Scanner Based Authentication

Iris scanner based authentication use a device that scans the iris of the user and the record is matched against the iris data of that particular user available with UIDAI. Iris scanner based authentication is highly accurate authentication method and unlike finger print iris patterns does not wear off with time.
The main disadvantage in using iris scanner based authentication is that it is inconvenient for the user. It requires the user to bring the Iris sensor so close to his / her eyes which may be uncomfortable for users and may be time consuming. Apart from that people are not generally used with Iris authentication. The cost of the device is also very high compared to the Fingerprint scanners.

Fingerprint Scanner Based Authentication

Fingerprint scanner based authentication is the most commonly used authentication method. In this method the finger prints of the user is captured and compared with the data of that particular user available with UIDAI.  Capturing  any one of the fingers of the user is enough for the authentication. The advantages of choosing biometric are below
  • High accuracy.
  • Most economical biometric PC user authentication technique.
  • Most developed biometrics
  • Easy to use.
  • Standardized.
There are various types of biometric devices available which can work with desktops, laptops, mobile devices , tablets etc. For choosing a particular type of device one need to consider the type usage of the device, like whether it is used along with a mobile device or a laptop or PC.  The form actor comes into play if the scanner is going to be used with tablets by agents working outside office. In such cases one should be careful to choose those devices that has small form factor.

One thing that goes without saying is that all devices deployed for Aadhaar authentication should have STQC certification. STQC have provided a list of certified devices which can be used for Aadhaar authentication.

To summarise, it is the type of application or usage that determines what type of device or authentication method to be used with your E-KYC or aadhaar Authentication applications.  If you need any more information feel free to contact us.  Do check our our ready to deploy E-KYC solution.