As Aadhaar authentication solutions are soon to hold the center stage in biometric-based digital payments, the Unique Identification Authority of India (UIDAI) has today announced its new encryption standards to be adhered by firms from June 1. With the release of new standards, the authorities want to ensure that all the security concerns of customers are addressed.
The manufacturers and vendors have been asked to apply for STQC certification as per the new standards. They are further advised to get devices based on new specifications by June 1. It adds that existing devices should be upgraded to the new norms as well. UIDAI is the apex body responsible for issuing out Aadhaar, a 12-digit unique identification number that identifies residents based on their biometrics.
Speaking of the introduction of new norms, Ajay Bhushan Pandey, CEO of UIDAI told ET,
We are continuously trying to tighten the security. We felt that while the system is secure, we want to further improve the security by building one more layer. So, if the device itself can be encrypted it will be harder to break into the system.
The new security norms only apply to firms who desire to employ Aadhaar authentication solutions in their systems. The standards recently released have no link with other payment arrangements practiced in the country. Moreover, the registration of devices and incorporation of new specifications are the two pre-requisites to perform Aadhaar authentication.
Currently, more than 112 crore Aadhaar have been generated in the country. For Aadhaar authentications, the figure has already crossed 500 crores with 100 crore e-KYC being done on the platform. Two locks already exist in the system. Out of these two, one offers cross-authentication at UIDAI, while other transfers information at the agency level.
The fresh standards introduce a third lock on the device, hence, protecting the data at the base level itself. For the past 1.5 years, the UIDAI authorities have been in talks with device manufacturers to implement the security measure. With an increase in a number of enrollment and authentication for Aadhaar, these new specifications have now been channelized. Addressing the similar concern, Ajay added,
Unless they see demand, no manufacturer will manufacture as per your specification. Now manufacturers too are showing interest…They know when they make specially designed biometric fingerprint scanner for Aadhaar and put another lock as per UIDAI’s requirement, it will sell in the market. Hence, they are open to the idea.