Wednesday, March 21, 2018

How to implement Aadhaar Data Vault without using HSM based tokenization?


In accordance with the UIDAI circular 11020/205/2017, any organisation that stores Aadhaar number in their database should implement Aadhaar Data Vault and replace the Aadhaar numbers using the reference tokens created by the Aadhaar Data Vault. The Aadhaar number and the XML returned by UIDAI as part of Aadhaar authentication/eKYC call will have to be stored in the encrypted format and the access to the Aadhaar Data Vault will have to be strictly controlled. The encryption keys should be stored in a Hardware Security Module.   This is the crux of the reference id circular published by UIDAI, for more details please follow the link given above.

Now the question is how do you implement Aadhaar Data Vault in an organisation that is storing Aadhaar numbers without using HSM based tokenization solution which can be very costly?

Tuesday, February 20, 2018

Aadhaar Verification Through Face Recognition


As a move intended to offer major relief to older people whose fingerprints and irises are unclear, aadhaar will now allow face recognition along with biometrics. The decision comes after the Unique Identification Authority of India's attempt to address privacy concerns by offering the option of creating virtual IDs that cover the actual unique identification number of a user during an UID-authenticated transaction. 

Wednesday, January 17, 2018

How to fetch your Aadhaar Authentication details?


As Aadhaar contains critical information, account holders are worried about the safety of their data as any misuse of details can prove a danger for the lifetime. Hence, it is vital to check the authentication of any website before submitting the Aadhaar details. The online tool, called 'Aadhaar Authentication History', enables Aadhaar holders to view their authentication details and access their Aadhaar Authentication History (Notifications) data. Using this tool, a user can access a variety of information such as Auth Type (Method of Aadhaar Authentication), Transaction ID ( Unique Aadhaar transaction ID at the time of request) and Error Code (Aadhaar authentication failure code), Authentication Response ("Y" - Success. "N" - Failure), Time and Date of Authentication, and Response Code.