Aadhaar Authentication Enrolment Aadhaar Generation Update Secure Aadhaar Authentication Framework Aadhaar Authentication Implementation Model Aadhaar authentication - process wherein Aadhaar number, along with other attributes (demographic/biometrics/OTP) is submitted to UIDAI's Central Identities Data Repository (CIDR) for verification CIDR responds with a “Yes/No”. No personal identity information is returned as part of the response Authentication works on a Authentication Service Agency (ASA) –Authentication User Agency (AUA) Framework. ASA provides a secure channel for sending the authentication requests to the CIDR. AUA is User Department which intends to use Aadhaar Authentication to verify its beneficiaries and deploys POS devices Benefits Online real-time authentication from a secure system Biometrics not stored in the card or local machine/server – therefore, more reliable Required only a GPRS connectivity – size of authentication packet is < 1 KB Scalable ASA-AUA Model Economical – when compared to life cycle costs of issuing cards
Dos & Don’t of Aadhaar Authentication What Aadhaar Authentication Will DoWhat Aadhaar Authentication Will Not Do Authenticate against resident’s data in UIDAI’s CIDR Authenticate against data stored on a smart card Return response to requesting agencies as Yes/No Return personal identity information of residents Initiate request over mobile network, Landline network and broadband network Remain restricted to broadband network Require Aadhaar for every authentication request reducing transaction to1:1match Search for Aadhaar based on details provided requiring 1:Nmatch
Aadhaar Holder Authentication Devices AUA ASA UIDAI’s Data Centre Response About 1 KB About 100 bytes (Yes/no, auth code, err code) Response About 1 KB 700 bytes Encrypted PID block 3-4 KB Auth packet Including digital signature 3-4 KB with ASA license key added Till Date, over 70 lakh Aadhaar Transactions are performed. During the authentication, match is 1:1 i.e. biometrics captured during authentication are compared with biometrics of that particular AADHAAR as existing in CIDR. Best Finger Detection helps in identifying the fingers which result in great chances of match during authentication process. BFD also helps to identify beneficiaries who may need to update their biometrics. Authentication Service Delivery Model
Best Finger Detection BFD is against enrollment data Enrollment quality impacts BFD selection
2 Finger Authentication During multiple attempts, simplified two finger scheme can be implemented which is detailed below. By retaining the last captured fingerprint minutiae in memory, application can only request one best finger and form two finger authentication requests. Sample capture flow process is indicated below. Capture 1 – 1st best finger – single finger auth transaction If fail, Capture 2 – 2nd best finger – two finger auth transaction ( using capture 1 and 2) If fail, Capture 3 – 1st best finger – two finger auth transaction ( using capture 2 and 3)
Aadhaar Authentication initiatives in Andhra Pradesh Food & Civil Supplies Dept- Dept currently is disbursing commodities to beneficiaries in 145 Fair Price Shops through Aadhaar Authentication ( 100 FPS in East Godavari and 45 FPS in Hyderabad). Till date, over 11 lakh Aadhaar authentication transactions are performed. Multiple Seeding options are used by Dept which include Inorganic Seeding through KYR+ Data Organic Seeding – Mobile Field staff to collect UID from beneficiary/ POS based seeding Issues Addressed: - Connectivity: POS Devices are modified to support for multiple mode of connectivity GPRS/BroadBand/PSTN ( Shadow areas in Urban Regions) - Acceptability by Operators: Incentive Mechanism - Training and Capacity Building - Fraud Monitoring
Aadhaar Authentication initiatives in Andhra Pradesh S.No.District % Ben Auth %Inspect or Auth %OTP 1 East Godavari Hyderabad
Aadhaar Authentication initiatives in Andhra Pradesh S.No.District Ration Drawn Cards No of Transactio ns Total Rice Sold (In Kgs.) Total Koil Sold (In Ltrs.) Total Dal Sold (In Kgs.) Total Palmoil Sold (In Ltrs.) Total Sugar Sold (In Kgs.) Total Wheat Sold (In Kgs.) Total WholeMeal Atta Sold (In Kgs.) 1 East Godavari1, , , , Hyderabad , Total 1, , , , S.No.Commodity Percentage Savings 1 Rice20% 2 Sugar15% 3 K. Oil25% 4 P.Oil14% Savings Analysis in East Godavari for 100 Fair Price Shops (FPS).
Aadhaar Authentication initiatives in Andhra Pradesh Social Welfare Dept- Govt of AP has an online application system for scholarships called Electronic Payment and Application System of Scholarships- EPASS. Aadhaar Authentication is integrated into existing workflow because of which need for verification by Field officer to confirm the scholarship beneficiary is removed. It is proposed that scholarship amount will be disbursed to successfully authenticated beneficiaries. Dept is requesting the scholarship beneficiary to upload the scanned copy of Aadhaar Letter and Bank Pass Book during the application for scholarship. Departmental officers are using these scanned copies to verify the seeding details and pass the verified information to LDM for Bank Seeding Dept is also proposed to avail RASF Services for seeding..
Aadhaar Authentication initiatives in Andhra Pradesh Rural Development Dept – Dept in partnership with ICICI, Axis Banks and Department of Post is currently disbursing NREGA wages and Social Security Pensions in districts of Chittoor, East Godavari and Anantapur through Aadhaar Authentication. Till date, over Rupees 100 Crores amount is disbursed through around 21 lakh Aadhaar authentications. Dept of Post leverages the services of Branch Post Master ( BPM) to organically seed data for pensioners. Dept of Post also made a provision for POS based seeding. State Resident Data Hub( SRDH) services are availed by RD Dept to aid in seeding efforts. UIDAI complaint MicroATMs are deployed by Banks & DoP for disbursing Payments.
12 AEPS Payments AUADistrict AEPS Transacti ons Amt Disbursed (Rs.) ICICI Bank East Godavari Hyderabad Mahabubnaga r Karimnagar Medak Kadapa Axis Bank Chittoor 1,07, Anantapur 70, Ranga Reddy 14, Warangal Krishna 3, Kurnool AUADistrict AEPS Transaction s Amt Disbursed (Rs.) Dept of Post Chittoor East Godavari Srikakula m Adilabad Guntur Nalgonda Mahabubn agar Medak Warangal Grand Total AUAs 21,59, ,68,960
Aadhaar Authentication initiatives in Andhra Pradesh Rajiv Yuva Kiranalu – Dept is in process of integrating Aadhaar Authentication to conduct daily attendance monitoring of trainees of RYK Program. Issues observed in existing project include Enrolment of Fake Candidates by Training Center Recording of Fake Biometrics by Training Center Training Center registers candidates with Ration Card, for which there is no de-duplication. Device level manipulation by Training Center 90% of Training Centers are not claiming 3 rd installment It is proposed that Aadhaar Authentication can be integrated into existing Business Flow to conduct attendance monitoring of students. Pilot is launched in 4 training centers of East Godavari District
Authentication – Best Practices BFD and Two Finger Authentications- Improves the success rate for authentication. This needs to be planned at device UI level and proper operator training needs to be ensured. BFD is must do before any authentication attempt Mechanism for Aadhaar Seeding verification - Authentication could be rejected because of Aadhaar seeding issues. It is highly recommended to have a mechanism to verify/correct Aadhaar in database when resident comes for availing service for the first time. Operator training and Audits - There should be regular audit and training of operators to ensure that they improve constantly Appropriate Error Code handling at all levels -Clear and actionable messages should be configured at client level Fraud Monitoring and Analysis - Fraud monitoring mechanism required to ensure there is no misuse of exception handling mechanisms Issue reporting, tracking and resolution