Embed Size (px)
Citation preview
Authentication On-Boarding
Aadhaar Authentication
Enrolment
Aadhaar Generation
Update Secure
Aadhaar Authentication Framework
Aadhaar Authentication Implementation Model
• Aadhaar authentication - process wherein Aadhaar number, along with other attributes
(demographic/biometrics/OTP) is submitted to UIDAI's Central Identities Data
Repository (CIDR) for verification
• CIDR responds with a “Yes/No”. No personal identity information is returned as part of
the response
• Authentication works on a Authentication Service Agency (ASA) –Authentication User
Agency (AUA) Framework. ASA provides a secure channel for sending the authentication
requests to the CIDR. AUA is User Department which intends to use Aadhaar
Authentication to verify its beneficiaries and deploys POS devices
Benefits
•Online real-time authentication from a secure system
•Biometrics not stored in the card or local machine/server – therefore, more reliable
•Required only a GPRS connectivity – size of authentication packet is < 1 KB
•Scalable ASA-AUA Model
•Economical – when compared to life cycle costs of issuing cards
Dos & Don’t of Aadhaar Authentication
What Aadhaar Authentication Will Do What Aadhaar Authentication Will Not Do
Authenticate against resident’s data in UIDAI’s CIDR
Authenticate against data stored on a smart card
Return response to requesting agencies as Yes/No
Return personal identity information of residents
Initiate request over mobile network, Landline network and broadband network
Remain restricted to broadband network
Require Aadhaar for every authentication request reducing transaction to1:1match
Search for Aadhaar based on details provided requiring 1:Nmatch
Aadhaar Holder Authentication Devices AUA ASAUIDAI’s
Data Centre
Response About 1 KB
About 100 bytes(Yes/no, auth code, err code)
567
1 2 3
4
Response About 1 KB
700 bytes Encrypted PID block
3-4 KB Auth packetIncluding digital signature
3-4 KB with ASA license key added
• Till Date, over 70 lakh Aadhaar Transactions are performed.• During the authentication, match is 1:1 i.e. biometrics captured during authentication are
compared with biometrics of that particular AADHAAR as existing in CIDR.• Best Finger Detection helps in identifying the fingers which result in great chances of match
during authentication process. BFD also helps to identify beneficiaries who may need to update their biometrics.
Authentication Service Delivery Model
Best Finger Detection
• BFD is against enrollment data• Enrollment quality impacts BFD selection
2 Finger Authentication
• During multiple attempts, simplified two finger scheme can be implemented which is detailed below. By retaining the last captured fingerprint minutiae in memory, application can only request one best finger and form two finger authentication requests. Sample capture flow process is indicated below.
Capture 1 – 1st best finger – single finger auth transactionIf fail, Capture 2 – 2nd best finger – two finger auth transaction ( using
capture 1 and 2)If fail, Capture 3 – 1st best finger – two finger auth transaction ( using
capture 2 and 3)
TwoFingerAuth
Aadhaar Authentication initiativesin Andhra PradeshFood & Civil Supplies Dept- Dept currently is disbursing
commodities to beneficiaries in 145 Fair Price Shops through Aadhaar
Authentication ( 100 FPS in East Godavari and 45 FPS in Hyderabad). Till date,
over 11 lakh Aadhaar authentication transactions are performed.
Multiple Seeding options are used by Dept which include • Inorganic Seeding through KYR+ Data• Organic Seeding – Mobile Field staff to collect UID from
beneficiary/ POS based seeding
Issues Addressed: - Connectivity: POS Devices are modified to support for
multiple mode of connectivity GPRS/BroadBand/PSTN ( Shadow areas in Urban Regions)
- Acceptability by Operators: Incentive Mechanism- Training and Capacity Building- Fraud Monitoring
Aadhaar Authentication initiativesin Andhra Pradesh
S.No. District% Ben Auth
%Inspector Auth
%OTP
1 East Godavari 87.483 0.047 12.470
2 Hyderabad 86.142 1.109 12.749
Aadhaar Authentication initiativesin Andhra Pradesh
S.No. DistrictRation Drawn Cards
No of Transactions
Total Rice Sold (In Kgs.)
Total Koil Sold (In Ltrs.)
Total Dal Sold (In Kgs.)
Total Palmoil Sold (In Ltrs.)
Total Sugar Sold (In Kgs.)
Total Wheat Sold (In Kgs.)
Total WholeMeal Atta Sold (In Kgs.)
1 East Godavari 1,157.000 1,159.000 2,510.000 1,891.000 20.500 252.000 81.000 78.000 39.000
2 Hyderabad 148.000 148.000 2,187.000 356.000 2.000 147.000 65.000 30.000 31.000
Total1,305.000 1,307.000 4,697.000 2,247.000 22.500 399.000 146.000 108.000 70.000
S.No. Commodity Percentage Savings
1 Rice 20%2 Sugar 15%3 K. Oil 25%4 P.Oil 14%
Savings Analysis in East Godavari for 100 Fair Price Shops (FPS).
Aadhaar Authentication initiativesin Andhra Pradesh
Social Welfare Dept- Govt of AP has an online application system for
scholarships called Electronic Payment and Application System of Scholarships-
EPASS. Aadhaar Authentication is integrated into existing workflow because of
which need for verification by Field officer to confirm the scholarship beneficiary
is removed.
It is proposed that scholarship amount will be disbursed to successfully
authenticated beneficiaries.
Dept is requesting the scholarship beneficiary to upload the scanned copy of
Aadhaar Letter and Bank Pass Book during the application for scholarship.
Departmental officers are using these scanned copies to verify the seeding
details and pass the verified information to LDM for Bank Seeding
Dept is also proposed to avail RASF Services for seeding.
.
Aadhaar Authentication initiativesin Andhra PradeshRural Development Dept – Dept in partnership with ICICI, Axis
Banks and Department of Post is currently disbursing NREGA wages and
Social Security Pensions in districts of Chittoor, East Godavari and
Anantapur through Aadhaar Authentication. Till date, over Rupees 100
Crores amount is disbursed through around 21 lakh Aadhaar authentications.
Dept of Post leverages the services of Branch Post Master ( BPM) to
organically seed data for pensioners. Dept of Post also made a provision
for POS based seeding.
State Resident Data Hub( SRDH) services are availed by RD Dept to aid in
seeding efforts.
UIDAI complaint MicroATMs are deployed by Banks & DoP for disbursing
Payments.
12
AEPS Payments
AUA District AEPS
Transactions
Amt Disbursed (Rs.)
ICICI Bank
East Godavari 59231 17681854Hyderabad 121484 35410700
Mahabubnagar 272 70900
Karimnagar 17554 5161300Medak 637 164400Kadapa 63301 16561500
Axis Bank
Chittoor 1,07,867 28116883Anantapur 70,388 18221327
Ranga Reddy 14,914 4008000Warangal 813 228000Krishna 3,701 933000Kurnool 647 167000
AUA District AEPS
Transactions
Amt Disbursed
(Rs.)
Dept of
Post
Chittoor 1352093 751786669
East Godavari
194844 84722686
Srikakulam
112223 45924976
Adilabad 32422 8939500
Guntur 52462 14947800
Nalgonda 1428 1132960
Mahabubnagar
91 64835
Medak 220 236750Warangal 578 579920
Grand Total AUAs
21,59,341 10226,68,960
Aadhaar Authentication initiativesin Andhra PradeshRajiv Yuva Kiranalu – Dept is in process of integrating Aadhaar Authentication to conduct daily attendance monitoring of
trainees of RYK Program.
Issues observed in existing project include• Enrolment of Fake Candidates by Training Center• Recording of Fake Biometrics by Training Center• Training Center registers candidates with Ration Card,
for which there is no de-duplication.• Device level manipulation by Training Center• 90% of Training Centers are not claiming 3rd
installment
It is proposed that Aadhaar Authentication can be integrated into
existing Business Flow to conduct attendance monitoring of
students. Pilot
is launched in 4 training centers of East Godavari District
Authentication – Best Practices
• BFD and Two Finger Authentications- Improves the success rate for authentication. This needs to be planned at device UI level and proper operator training needs to be ensured. BFD is must do before any authentication attempt
• Mechanism for Aadhaar Seeding verification - Authentication could be rejected because of Aadhaar seeding issues. It is highly recommended to have a mechanism to verify/correct Aadhaar in database when resident comes for availing service for the first time.
• Operator training and Audits - There should be regular audit and training of operators to ensure that they improve constantly
• Appropriate Error Code handling at all levels -Clear and actionable messages should be configured at client level
• Fraud Monitoring and Analysis - Fraud monitoring mechanism required to ensure there is no misuse of exception handling mechanisms
• Issue reporting, tracking and resolution
THANK YOU
