/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW DELHI, INDIA: The Unique Identification Authority of India (UIDAI), which has been set by the government to provide unique identity number to the Indian citizens, has published the Aadhaar Authentication Application Programming Interface (API) specification.
The specification, targeting software professionals, contains details including API data format, protocol, and security specifications.
The UIDAI had also recently released the draft National Identification Authority of India Bill, which proposed hefty fine for misuse of ID data.
Aadhaar Authentication is the process wherein Aadhaar number, along with other attributes, including biometrics, are submitted online to the Central Identities Data Repository (CIDR) for its verification on the basis of the information or data or documents available with it, the document said.
The authentication will provide a convenient mechanism for all residents to establish their identity using just the Aadhaar number and biometrics and optionally other additional demographics, said UIDAI. It provides a national platform for identity verification and can be used to deliver services effectively to residents across the country.
AADHAAR “authentication” means the process wherein AADHAAR number, along with other attributes, including biometrics, are submitted to the Central Identities Data Repository (CIDR) for its verification on the basis of information or data or documents available with it.
UIDAI will provide an online service to support this process. AADHAAR authentication service only responds with a “yes/no” and no personal identity information is returned as part of the response.
The Unique Identification (AADHAAR) Number, which identifies a resident, will give individuals the means to clearly establish their identity to public and private agencies across the country, said UIDAI.
AADHAAR number is provided during the initiation process called enrollment where a resident’s demographic and biometric information are collected and uniqueness of the provided data is established through a process called de-duplication. Post de-duplication, an AADHAAR number is issued and a letter is sent to resident informing the details.
Authentication flow
The transaction flow in an authentication scenario is like this:
Resident provides AADHAAR number, necessary demographic and biometric details to terminal devices belonging to the AUA to obtain a service offered by the user agency.
AUA specific application software that is installed on the device packages these input parameters, encrypts, and sends it to AUA server.
AUA server, after validating and adding necessary headers, passes on the request to AADHAAR authentication server for authenticating the resident.
AADHAAR authentication server returns a “yes/no” based on the match of the input parameters. Based on the response from the AADHAAR authentication server, AUA conducts the transaction.