Thursday, March 26, 2015

How to find the right type of authenticaion device for your Aadhaar Auth or E-KYC solution?


For making use of the Aadhaar ecosystem, be it Authentication or E-KYC, business houses should enable the users of the system to authenticate and establish their identity.  This usually requires the installation of biometric devices such as fingerprint scanner or iris scanners. In this blog, we look at the various authentication methods and devices that can be used to enable Aadhaar based authentication in your application.

UIDAI prescribes the use of following authentication methods for establishing the identity of the users.
  • OTP (One Time Password) based authentication
  • Iris scanner based authentication
  • Fingerprint scanner based authentication

OTP (One Time Password) Based Authentication

One Time Password is a system generated number sent to users via SMS or email. Once the same number is entered into the system back, the user is successfully authenticated. The main drawback of OTP is that majority of the aadhaar cardholders have not linked their mobile numbers with UIDAI. So if the business house (Banks or NBFC) created a system that uses only OTP will not be able to service the majority of the customers.  One notable advantage is that business house doesn't need to install any special hardware device to support this.

OTP based authentication is ideally suited for a web application that requires the use of Aadhaar based authentication. It can also be used as a fall back method in cases where fingerprint-based authentication fails.

Iris Scanner Based Authentication

Iris scanner based authentication use a device that scans the iris of the user and the record is matched against the iris data of that particular user available with UIDAI. Iris scanner based authentication is highly accurate authentication method and unlike a fingerprint, iris patterns do not wear off with time.
The main disadvantage in using iris scanner based authentication is that it is inconvenient for the user. It requires the user to bring the Iris sensor so close to his / her eyes which may be uncomfortable for users and may be time-consuming. Apart from that people are not generally used with Iris authentication. The cost of the device is also very high compared to the Fingerprint scanners.

Fingerprint Scanner Based Authentication

Fingerprint scanner based authentication is the most commonly used authentication method. In this method, the fingerprints of the user are captured and compared with the data of that particular user available with UIDAI.  Capturing any one of the fingers of the user is enough for the authentication. The advantages of choosing biometric are below
  • High accuracy.
  • Most economical biometric PC user authentication technique.
  • Most developed biometrics
  • Easy to use.
  • Standardized.
There are various types of biometric devices available which can work with desktops, laptops, mobile devices , tablets etc. For choosing a particular type of device one need to consider the type usage of the device, like whether it is used along with a mobile device or a laptop or PC.  The form actor comes into play if the scanner is going to be used with tablets by agents working outside office. In such cases one should be careful to choose those devices that has small form factor.

One thing that goes without saying is that all devices deployed for Aadhaar authentication should have STQC certification. STQC have provided a list of certified devices which can be used for Aadhaar authentication.

To summarise, it is the type of application or usage that determines what type of device or authentication method to be used with your E-KYC or aadhaar Authentication applications.  If you need any more information feel free to contact us.  Do check our our ready to deploy E-KYC solution.