caalley logo

The alley for Indian Chartered Accountants

Aadhaar authentication to become more secure with new system; know details

Mar 1, 2023

Synopsis
A new AI/ML-enabled security method for reliable fingerprint verification and quicker spoofing attempt detection has been successfully launched by UIDAI.

The Unique Identification Authority of India (UIDAI) has launched a new security system for Aadhaar-based fingerprint authentication and quicker detection of spoofing attempts, according to the Ministry of Electronics & IT, PIB press release.

According to the UIDAI tweet, "UIDAI has successfully rolled out a new AI/ML enabled security mechanism for robust fingerprint authentication, & faster detection of spoofing attempts."

UIDAI has successfully rolled out a new AI/ML enabled security mechanism for robust fingerprint authentication, & f… https://t.co/SxWoiwyqo4
— Aadhaar (@UIDAI) 1677569514000

How it is making Aadhaar authentication transactions more robust and secure
The in-house developed artificial intelligence and machine learning (AI/ML)-based security mechanism now checks the liveness of the obtained fingerprint utilising a combination of finger minutia and finger image, the ministry said. This strengthens and secures Aadhaar authentication transactions, it added.

How it cuts down the chances of spoofing attempts
The new two-factor/layer authentication includes additional checks to authenticate the validity (liveness) of the fingerprint, reducing the likelihood of spoofing efforts even further.

Who will be benefitted?
The change will be extremely beneficial in industries such as banking and finance, telecommunications, and government. It would also benefit the bottom of the pyramid by strengthening the Aadhaar-enabled payment system and discouraging harmful attempts by unscrupulous people, according to the release.

Authentication user agencies (AUAs)
According to the press release, “AUA is an entity engaged in providing Aadhaar-enabled services to Aadhaar number holders using the authentication as facilitated by the authentication service agency. Sub-AUAs are agencies that use Aadhaar authentication to enable their services through an existing requesting entity. UIDAI has expressed its thanks to all the AUAs/Sub AUAs for the support and cooperation.”

“The UIDAI head office and its regional offices are in touch with all entities for facilitating any user agency (that may not have migrated yet) to switch over to the new secured authentication mode at the earliest,” it added.

"By the end of December 2022, a cumulative number of Aadhaar authentication transactions had crossed 88.29 billion and clocked an average per day transactions of 70 million. A majority of them are fingerprint-based authentications, indicative of its usage and utility in daily lives," the release added.

Here are some important FAQs related to Aadhaar authentication as per the UIDAI website.

What is a biometric device?
According to the UIDAI website, “Biometric devices means the devices that are used for capturing the biometric data inputs i.e Fingerprint / Iris /both the information from Aadhaar number holders. These biometric devices fall under two categories viz. Discrete Devices, Integrated Devices.”

What is Aadhaar authentication?
As per the UIDAI website, "Aadhaar Authentication" is the process by which an individual's Aadhaar number, along with demographic information (such as name, date of birth, gender, etc.) or biometric information (Fingerprint or Iris), is submitted to UIDAI's Central Identities Data Repository (CIDR) for verification, and UIDAI verifies the correctness of the details submitted, or lack thereof, based on information available to it.

How to authenticate if my fingerprints are worn out / I have no fingers?
To address such concerns, service providers could implement alternative authentication mechanisms such as iris authentication and OTP authentication. Furthermore, service providers may have various techniques for verifying their beneficiaries.

Is there a mechanism to notify the residents when authentication occurs against their Aadhaar number?
UIDAI notifies the authentication on the registered email of the resident. Every time UIDAI receives a biometric or OTP-based authentication request against an Aadhaar number, a notification is sent to the registered email address.

[The Economic Times]

Don't miss an update!
Subscribe to our newsletter