You are using an older browser version. Please use a supported version for the best MSN experience.

UIDAI gives breather on new security key for Aadhaar biometric units

LiveMint logoLiveMint 01-06-2017 PTI

New Delhi: Aadhaar-issuing body Unique Identification Authority of India (UIDAI) has given four more months to manufacturers and user agencies to comply with new encryption norms for biometric authentication devices, but mooted a stiff fine for non-compliance after 31 July.

This means that manufacturers and user agencies such as banks and telcos that were staring at 1June deadline will get time till 30 September to ensure that the new encryption key is embedded in all devices used for Aadhaar authentication.

Nearly 15-16 lakh biometric devices are currently being used for Aadhaar authentication across the country. “We have decided to grant additional time as some device manufacturers and user agencies asked for more time for rolling out the new standards onto existing authentication devices,” UIDAI CEO Ajay Bhushan Pandey said .

Also Read: No cyber attack on Aadhaar biometric data: UIDAI

UIDAI has effectively given four months to the device makers and authentication user agencies to comply with the new standards, with some riders. A penalty of Re0.30 will be imposed on each transaction, if these agencies use non-conforming or ‘unregistered’ biometric devices after 31 July. Only ‘registered devices’ that incorporate the new specifications will be allowed to perform Aadhaar authentication after 30 September 2017. The additional time will ensure that the authentication process is not disrupted, Pandey said asserting that the security layers currently in place are enough to ensure that system is fortified against any breach.

Simplifying this, he said that while two “locks” exist currently—one at the level of agency and another at UIDAI—the new system will place a third lock on the biometric device itself. The addition of another security layer to the hardware assumes significance as these devices are all set to take the centrestage in biometric-based digital payments.

“Nearly two crore authentications are taking place every day, and we wanted the encryption roll-out to be non- disruptive. So we decided to take a gradual and measured approach,” he said. At the same time, the financial disincentives being put in place with effect from 1 August will ensure that the user agencies nudge the device makers to comply with the new standards at the earliest.

The financial disincentive or penalty of Rs0.30 per transaction will be applicable on manufacturers and user agencies, and consumers will not be impacted in any way, Pandey assured.

UIDAI is the nodal body responsible for rolling out Aadhaar, the 12-digit unique identification number that identifies residents based on their biometrics. While more than 115 crore Aadhaar have been generated in the country, the Aadhaar authentications have crossed 600 crore till date.

More From LiveMint

image beaconimage beaconimage beacon