Tuesday, November 7, 2017

All you need to know about Aadhaar Data Vault



Recently there have been numerous instances of Aadhaar data being exposed online by various agencies. Over 130 millions aadhaar data and bank account details leaked from the government website. According to aadhaar regulations sharing, circulating or publishing of aadhaar number is restricted. To enhance the security of Aadhaar numbers, UIDAI has introduced the “Aadhaar Data Vault". Aadhaar Data Vault is a centralized storage for all the Aadhaar numbers collected by the AUAs/KUAs/Sub-AUAs/ or any other agency for specific purposes. It is a secure system accessible only on a need to know basis. The Aadhaar data vault consists of reference key, which is a unique token to represent the Aadhaar number in the entire internal ecosystem of the agency. Mapping of reference key and Aadhaar number is to be maintained in the Aadhaar Data Vault. The primary objectives of aadhaar data vault are reducing the footprinting of aadhaar number, preventing 360 profiling of residents, ceasing the usage of aadhaar number as the domain-specific identifier. The course of action for implementation of aadhaar data vault is given below.

Wednesday, October 11, 2017

As an AUA/KUA, which Aadhaar regulations can get you into trouble?



Recently UIDAI introduced a list of aadhaar regulations and agreement that a KUA/AUA should not violate. Violating these regulations and agreements will make a fine of 1 lakh per day. If you violate the first warning then after the 15 days of the first contravention it will increase to 2 lakh and then to 3 lakh per day.

The major regulations that company registered as AUA/KUA should take care of is as follows. A requesting entity should obtain the permission of the aadhaar holder for the authentication by means of physical or preferably in electronic form and should maintain logs or records. A requesting entity should capture the biometric information of the Aadhaar number holder and necessarily encrypt and secure the biometric data at the time of capture. All devices and equipment used for authentication should be certified and the client applications software used by requesting entity for the purpose of authentication should conform to the standard APIs and specifications laid down by the Authority from time to time for this purpose.

So here we give the detailed list of regulations and agreements. Click here
For more information contact us.
We, Finahub, are experts in Aadhaar related products and services like eSign, eKYC, Authentication etc. If you want to know how your enterprise can start using it, please give us a call  @ 0484 2388285 or email us at info@finahub.com

Wednesday, August 16, 2017

Updated UIDAI regulations for appointment of Sub-AUA by AUA


Recently UIDAI made a notification that all AUAs should take permission before the appointment of an entity as Sub-AUA. AUAs which have already appointed SUB-AUA are also required to submit their request for appointment of an entity as SUB-AUA. An application form should be filled by both AUA and SUB-AUA. All the details should be verified and declared by AUA and SUB-AUA. AUA and Sub AUA would be liable for non-compliance with the Aadhaar Act, 2016 and for penalties as per the schedule of disincentives of AUA agreement.

AUA and SUB-AUA should affirm, declare and undertake the following conditions,

Wednesday, July 12, 2017

Aadhaar helps reunite 3 children with family





Aadhaar a 12 digit number is an individual identification number issued by the Unique Identification Authority of India (UIDAI). It serves as a unique identification number for Indian citizens and residents with the intentions of making subsidy and benefit deliverance more effective and eliminate leakages in the process. The Aadhaar number will act as an identity proof and address anywhere in India.

Friday, June 30, 2017

Benefits of linking Aadhaar with Phone number





Aadhaar has been made mandatory for PAN card application and for filing income tax returns. The Government of India is now taking this a step ahead to ensure security and better management. In an announcement, they have unveiled that Aadhaar card will be mandatory for mobile phone connections now. Since the first day of introduction, the government has emphasised the necessity of having an Aadhaar card, and now, by announcing aadhaar based e-KYC (Know your customer) compulsory to procure new mobile phone connections, they have proved that; ‘Aadhaar cards are the Aadhaar (Base) for development and security’.

Monday, June 19, 2017

Benefits of linking Aadhaar with PAN



Recently, the Indian Government introduced Section 139AA in the Income Tax (IT) Act by the course of the latest yearly budget and the Finance Act 2017. Under this act, quoting the Aadhaar number in the PAN application form or income tax return (ITR) form after July 1, 2017, has been made mandatory for everyone.
All existing PAN holders are expected to notify the IT department their Aadhaar number before the stipulated date.
All PANs that are not linked with Aadhaar number will be rendered invalid after July 1, 2017.
While there have been petitions against this move in the Apex Court calling it ‘totalitarian’ and an ‘electronic leash’ on the Indian citizens, the merits of linking Aadhaar number with the PAN cannot be ignored altogether.

Tuesday, June 6, 2017

The changing dynamics of Aadhaar ecosystem


The recent introduction of Authentication and eKYC User Agency (AUA/KUA) licensing fee by UIDAI had shaken up the whole community. The licensing fee was increased from Rupees Five Thousand to Rupees Twenty Lakhs for two years AUA/KUA access, a whopping 39900% increase. If this is news to you, you can find more details of the AUA/KUA licensing fee on our blog.The increase in licensing fee is clearly aimed at reducing the number of firms registering AUA/KUAs. With such huge licensing fees, only companies with large Aadhaar Authentication/ eKYC transaction volumes find it viable to register as a KUA or an AUA. So does it mean Aadhaar authentication and eKYC is not available to the majority of Indian companies?

Friday, June 2, 2017

UIDAI introduces License fees and Bank gurantee for becoming AUA / KUA


UIDAI introduces License fees and Bank guarantee for becoming AUA / KUA as per latest circular which got released on May 31, 2017.  There are many AUA / KUA in production as well as in pre-production who uses EKYC and Authentication features from UIDAI. In addition to that, there are hundreds of applications from entities which are pending to be approved by UIDAI. So what it really means to them, we are trying to bring out the key points of this circular.

  1. Enterprises existing or new ones who need EKYC production access should pay a license fee of 20 lakhs for a period of 2 years with effect from June 1, 2017.
  2. Pre-production access will cost 5 Lakhs for a validity period of 3 months.
  3. In addition to that, a Bank Guarantee of 25 Lakhs should also be provided for all KUA's
  4. Enterprises whose application is pending with UIDAI needs to apply again in the new format.
  5. Existing as well as new AUA / KUA needs to sign a new AUA agreement 4.0
  6. Last date for deposit of license fee and Bank guarantees are by 30th June 2017
The original circular is available here

If you are an existing KUA who is in doubt on whether to proceed or not, we have a solution for you. We think it's positive news for existing KUA's as well as enterprises who are trying to become one. Please reach us @ 9562162111 or email us at info@finahub.com.

Wednesday, May 31, 2017

Aadhaar Taking to the Indian Skies



Ever since the demonetization fever hit the nation, technological advancements have radically altered the status quo of things. Aadhar is one such technology that has stepped up to cater to the evolving tech ecosystem in India.
Issued by the Unique Identification Authority of India (UIDAI), Aadhaar is a unique 12 digit identity number issued to all residents of India based on their biometric and demographic data. In short, it is your unique National ID. And this is where the endless possibilities begin; from getting your rations to being the exclusive identification agency at airports. Speaking of airports, how exactly would this play out?

Monday, May 22, 2017

How common API for registered biometric devices is game changer?



UIDAI is coming up with new Authentication API ver 2.0 which is going to support registered devices. UIDAI is planning to remove the support for public devices and will support only registered devices in near future.

Before understanding registered devices and the need for it, it is important to understand how public devices work.

Public devices are raw biometric capture devices that provide Aadhaar compliant biometric data to the application, which, in turn encrypts the data before using for authentication purposes. Currently AUA/Sub-AUA applications manage the biometric capture feedback user experience, any validation, and encryption of PID block. With public devices, providers may or may not provide an easy to use libraries to application developers. Several security measures are taken to ensure strong transaction security and end to end traceability even in public devices. These security measures fall into prevention and traceability. These include deploying signed applications, host and operator authentication by AUA, usage of multi-factor authentication, resident SMS/Email alerts on authentication, biometric locking, encryption/signing of sensitive data, and so on. In the case of public devices, although above security measures are in place, there is still a technical possibility of having the biometric data captured in between sensor device and host machine if the device or host machine of AUA is compromised. 

Tuesday, March 14, 2017

How Aadhaar Pay (biometric based payment system) works?




Recently IDFC bank has launched a new mobile application called Aadhaar Pay. It is the first Aadhaar linked cashless merchant solution. This solution will eliminate the fees charged by private companies such as "Visa" and "Master Card".  Similar Aadhaar Pay apps is going to change the way India emerging as a cashless economy.

How Aadhaar Pay apps work?

Merchant downloads and registers for Aadhaar Pay mobile app. The merchant will also procure an STQC certified biometric fingerprint scanner and will be connected with the mobile app.
For the customer, you just need to link your account with your Aadhaar number.
During the payment process, the customer enters his/her Aadhaar number in the mobile app, chooses his bank and places his / her finger on the biometric scanner for authentication. Once authentication is a success, the amount is debited from customer's account to the merchant's account.

Advantages of Aadhaar Pay

  • No need for the customer to carry smartphone or plastic cards
  • No extra transaction fees need to be paid to Visa or Master Card.
  • POS machine costs RS 5000 plus while Aadhaar Pay along with the biometric scanner costs starts for just RS 2000
  • No annual charges for customers like in Debit / Credit cards
  • No need to remember PINS / MPINS passwords etc

Tuesday, January 10, 2017

How RBI's new eKYC norms is a big boost to Indian Fintech startups


The RBI's KYC norms required the physical presence of the customer when they open a bank account.  This meant customers had to do biometric fingerprint scanning based authentication for opening an account even when they use Aadhaar eKYC. This was a huge bottleneck for Fintech startups that are trying to provide innovative banking services through mobile and online channels.

Recently RBI came out with an amendment to the KYC norms for bank account opening allowing the use of OTP based Aadhaar authentication for doing eKYC to opening a bank account which is going to be a real shot in the arm for Fintech startups.