Presentation on AADHAAR - AUTHENTICATION

Report
Authentication On-Boarding
Aadhaar Authentication
•
Aadhaar authentication - process wherein Aadhaar number, along with other attributes
(demographic/biometrics/OTP) is submitted to UIDAI's Central Identities Data
Repository (CIDR) for verification
Aadhaar Authentication
•
Framework
Aadhaar Authentication
Implementation Model
CIDR responds with a “Yes/No”. No personal identity information is returned as part of
the response
•
Secure
Authentication works on a Authentication Service Agency (ASA) –Authentication User
Update
Agency (AUA) Framework. ASA provides a secure channel for sending the authentication
requests to the CIDR. AUA is User Department which intends to use Aadhaar
Authentication to verify its beneficiaries and deploys POS devices
Benefits
Aadhaar Generation
•Online real-time authentication from a secure system
Enrolment
•Biometrics not stored in the card or local machine/server – therefore, more reliable
•Required only a GPRS connectivity – size of authentication packet is < 1 KB
•Scalable ASA-AUA Model
•Economical – when compared to life cycle costs of issuing cards
Dos & Don’t of Aadhaar Authentication
What Aadhaar Authentication Will Do
What Aadhaar Authentication Will Not Do
 Authenticate against resident’s data in  Authenticate against data stored on a
UIDAI’s CIDR
smart card
 Return response to requesting agencies  Return personal identity information of
as Yes/No
residents
 Initiate request over mobile network,  Remain restricted
Landline network and broadband
network
network
to
broadband
 Require
Aadhaar
for
every  Search for Aadhaar based on details
authentication
request
reducing
provided requiring 1:Nmatch
transaction to1:1match
Authentication Service Delivery Model
700 bytes
Encrypted PID block
1
3-4 KB Auth packet
Including digital signature
2
3
3-4 KB with ASA
license key added
4
Authentication Devices
Aadhaar Holder
7
6
About 100 bytes
(Yes/no, auth code, err code)
•
•
•
ASA
AUA
5
Response
About 1 KB
UIDAI’s
Data Centre
Response
About 1 KB
Till Date, over 70 lakh Aadhaar Transactions are performed.
During the authentication, match is 1:1 i.e. biometrics captured during authentication are
compared with biometrics of that particular AADHAAR as existing in CIDR.
Best Finger Detection helps in identifying the fingers which result in great chances of match
during authentication process. BFD also helps to identify beneficiaries who may need to update
their biometrics.
Best Finger Detection
• BFD is against enrollment data
• Enrollment quality impacts BFD selection
2 Finger Authentication
• During multiple attempts, simplified two finger scheme can be implemented
which is detailed below. By retaining the last captured fingerprint minutiae
in memory, application can only request one best finger and form two finger
authentication requests. Sample capture flow process is indicated below.
 Capture 1 – 1st best finger – single finger auth transaction
 If fail, Capture 2 – 2nd best finger – two finger auth transaction ( using
capture 1 and 2)
 If fail, Capture 3 – 1st best finger – two finger auth transaction ( using
capture 2 and 3)
Aadhaar Authentication initiatives
in Andhra Pradesh
Food & Civil Supplies Dept- Dept currently is disbursing commodities to
beneficiaries in 145 Fair Price Shops through Aadhaar Authentication (
100 FPS in East Godavari and 45 FPS in Hyderabad). Till date, over 11
lakh Aadhaar authentication transactions are performed.
Multiple Seeding options are used by Dept which include
•
•
Inorganic Seeding through KYR+ Data
Organic Seeding – Mobile Field staff to collect UID from beneficiary/ POS
based seeding
Issues Addressed:
- Connectivity: POS Devices are modified to support for multiple mode of
connectivity GPRS/BroadBand/PSTN ( Shadow areas in Urban Regions)
- Acceptability by Operators: Incentive Mechanism
- Training and Capacity Building
- Fraud Monitoring
Aadhaar Authentication initiatives
in Andhra Pradesh
S.No.
District
1
East
Godavari
2
% Ben %Inspect
%OTP
Auth or Auth
87.483
0.047
12.470
Hyderabad 86.142
1.109
12.749
Aadhaar Authentication initiatives
in Andhra Pradesh
S.No.
District
1
East
Godavari
2
Ration
Drawn
Cards
1,157.000 1,159.000 2,510.000 1,891.000 20.500
Hyderabad 148.000
Total
No of
Total Rice Total Koil Total Dal
Transactio Sold (In
Sold (In
Sold (In
ns
Kgs.)
Ltrs.)
Kgs.)
1,305.000
Total
Palmoil
Sold (In
Ltrs.)
Total
Sugar
Sold (In
Kgs.)
Total
Wheat
Sold (In
Kgs.)
Total
WholeMeal
Atta Sold
(In Kgs.)
252.000
81.000
78.000
39.000
148.000
2,187.000 356.000
2.000
147.000
65.000
30.000
31.000
1,307.000
4,697.000
22.500
399.000
146.000
108.000
70.000
2,247.000
Savings Analysis in East Godavari for 100 Fair Price Shops (FPS).
S.No.
Commodity
Percentage
Savings
1
Rice
20%
2
Sugar
15%
3
K. Oil
25%
4
P.Oil
14%
Aadhaar Authentication initiatives
in Andhra Pradesh
Social Welfare Dept- Govt of AP has an online application system for
scholarships called Electronic Payment and Application System of ScholarshipsEPASS. Aadhaar Authentication is integrated into existing workflow because of
which need for verification by Field officer to confirm the scholarship beneficiary
is removed.
It is proposed that scholarship amount will be disbursed to successfully
authenticated beneficiaries.
Dept is requesting the scholarship beneficiary to upload the scanned copy of
Aadhaar Letter and Bank Pass Book during the application for scholarship.
Departmental officers are using these scanned copies to verify the seeding
details and pass the verified information to LDM for Bank Seeding
Dept is also proposed to avail RASF Services for seeding.
Aadhaar Authentication initiatives
in Andhra Pradesh
Rural Development Dept – Dept in partnership with ICICI, Axis Banks and
Department of Post is currently disbursing NREGA wages and Social
Security Pensions in districts of Chittoor, East Godavari and Anantapur
through Aadhaar Authentication. Till date, over Rupees 100 Crores amount
is disbursed through around 21 lakh Aadhaar authentications.
Dept of Post leverages the services of Branch Post Master ( BPM) to
organically seed data for pensioners. Dept of Post also made a provision
for POS based seeding.
State Resident Data Hub( SRDH) services are availed by RD Dept to aid in
seeding efforts.
UIDAI complaint MicroATMs are deployed by Banks & DoP for disbursing
Payments.
AEPS Payments
AUA
District
East Godavari
AEPS
Amt Disbursed
Transacti
(Rs.)
ons
AUA
AEPS
District Transaction
s
Amt
Disbursed
(Rs.)
1352093
751786669
194844
84722686
112223
45924976
32422
8939500
52462
14947800
1428
1132960
91
64835
59231
17681854
Chittoor
Hyderabad
121484
Mahabubnaga
ICICI
r
272
Bank
Karimnagar
17554
Medak
637
35410700
East
Godavari
Srikakula
m
Axis
Bank
70900
5161300
Kadapa
63301
16561500
Dept Adilabad
of
Post Guntur
Chittoor
1,07,867
28116883
Nalgonda
Anantapur
70,388
18221327
Ranga Reddy
14,914
4008000
Warangal
813
228000
Krishna
3,701
933000
Mahabubn
agar
Medak
Warangal
Kurnool
647
167000
164400
Grand
Total
AUAs
220
236750
578
579920
21,59,341 10226,68,960
12
Aadhaar Authentication initiatives
in Andhra Pradesh
Rajiv Yuva Kiranalu – Dept is in process of integrating Aadhaar
Authentication to conduct daily attendance monitoring of trainees of
RYK Program.
Issues observed in existing project include
• Enrolment of Fake Candidates by Training Center
• Recording of Fake Biometrics by Training Center
• Training Center registers candidates with Ration Card, for which
there is no de-duplication.
• Device level manipulation by Training Center
• 90% of Training Centers are not claiming 3rd installment
It is proposed that Aadhaar Authentication can be integrated into
existing Business Flow to conduct attendance monitoring of students. Pilot
is launched in 4 training centers of East Godavari District
Authentication – Best Practices
•
BFD and Two Finger Authentications- Improves the success rate for authentication. This needs to
be planned at device UI level and proper operator training needs to be ensured. BFD is must do
before any authentication attempt
•
Mechanism for Aadhaar Seeding verification - Authentication could be rejected because of Aadhaar
seeding issues. It is highly recommended to have a mechanism to verify/correct Aadhaar in
database when resident comes for availing service for the first time.
•
Operator training and Audits - There should be regular audit and training of operators to ensure
that they improve constantly
•
Appropriate Error Code handling at all levels -Clear and actionable messages should be configured
at client level
•
Fraud Monitoring and Analysis - Fraud monitoring mechanism required to ensure there is no
misuse of exception handling mechanisms
•
Issue reporting, tracking and resolution
THANK YOU

similar documents