Tag Archives: biometric

Pension Payments Authentication system goes hitec in Argentina

The Argentine pension system, re-nationalized in 2008, now covers more than 90 percent of people of retirement age, the highest coverage in Latin America.

Founded in 1887, Banco Supervielle Argentina’s sixth largest locally owned bank had a peculiar issue with pension payments. It was noticed that the relatives of deceased pensioners were claiming the pension benefits. A lot of trained man-power had to be deployed to reduce such fraudulent claims.

To minimize such fraudlent claims, the bank decided to go the hitec way. It has adopted Albuquerque-based Lumidigm’s Biometric authentication kit. The kit which uses multispectral technology is being installed in 77 out of its 125+ branches.

Banco Supervielle has a customer base of one million plus retirees. In the first phase, the retirees would be enrolled with Lumidigm’s V-Series readers. On the success of the first phase, the biometric authentication would be rolled out to all its banks customers especially for sensitive banking services.

The current authentication tool is the yearly Life Certificate which confirms the physical existence of the individual.

The life certificate is issued at the request of the interested party so as to be submitted to the pension and retirement plan administrators in Argentina, in order to receive the corresponding benefit.

With the adoption of the ‘biometric authentication tool’, the bank expects to redeploy its staff to other desks.

Advertisements

Aadhaar Based Biometric authentication for financial transactions – The debate has begun

 

As per Press reports, in the near future, all new credit card swipe machines and automated teller machines (ATMs) will be required to have a mechanism for Aadhaar authentication using biometrics. There is nothing official about this, and Reserve Bank of India (RBI) is understood to be preparing such a directive to improve security and promote financial inclusion.         However, as on date, i.e 28/09/2013, there is no public document.

Rajeev Chandrasekhar, the founder of BPL Mobile and currently a Rajya Sabha, has raised the first public awareness initiative on the costs of Aadhaar Based Biometric Authentication, that India has to bear.

He has written a letter to Dr.Manmohan Singh, Prime Minister of India.

The letter amongst issues, lays emphasis on the high cost associated with building a new Digital infrastructure from scratch.

This letter should spur more debate in the coming months on the Pros and Cons of Aadhaar Based Biometric authentication for pure financial transactions.

Biometric values that are captured for authentication and transmitted to remote locations for verification must be protected in transit. Yes, otherwise they are vulnerable to being intercepted and replayed just like your normal static passwords.

UIDAI-Aadhaar: Aadhaar Number is the new User Name for Authentication of an Indian individual

To reduce leakages or to increase security levels, be it in physical buildings or computer networks, Authentication is the preferred mode. Authentication is the process wherein the individual conforms who she/he claims to be.

The ‘Authentication’, process is not a modern process but was prevalent even in ancient times. Only the methods of ‘Authentication’ have changed.

The latest ‘Authentication’, tool is the Aadhaar based mode. In modern world, ‘Authentication’, revolves around a UserName and Password.

In the UIDAI-Aadhaar Authentication model, the USERNAME is the ‘Aadhaar Number’, and the PASSWORD is either the OTP (One Time Password) or Iris or fingerprint.

At present, UIDAI-Aadhaar Authentication offers the following 5 types:

Type 1 Authentication: Through this offering, service delivery agencies can use Aadhaar Authentication system for matching Aadhaar number and the demographic attributes (name, address, date of birth, etc) of a resident.

Type 2 Authentication: This offering allows service delivery agencies to authenticate residents through One-Time-Password (OTP) delivered to resident’s mobile number and/or email address present in CIDR.

Type 3 Authentication: Through this offering, service delivery agencies can authenticate residents using one of the biometric modalities, either iris or fingerprint.

Type 4 Authentication: This is a 2-factor authentication offering with OTP as one factor and biometrics (either iris or fingerprint) as the second factor for authenticating residents.

Type 5 Authentication: This offering allows service delivery agencies to use OTP, fingerprint & iris together for authenticating residents.

To reduce load on the Aadhaar Servers, the Aadhaar Number is part of all forms of the above 5 authentication models i.e the operation is reduced to 1:1 match.

This means as mentioned above, the Aadhaar Number is the Username only, and not the Password.

 

UIDAI holds Half Day eKYC Workshop. No additional investment of Aadhaar online authentication.

Read my earlier Post 1 and Post 2 on eKYC here.

To familiarize eKYC process flow amongst Bankers, Insurance Companies, Securities Market and Telecom Sector, UIDAI held a workshop on August 19, 2013.

The workshop was followed by a media brief, and UIDAI Chairman Shri Nandan Nilekani was taking questions from the media personnel, on doubts on eKYC implementation and the legal backing for eKYC.

The highlight of the Media brief was:

“If a certain authority feels that the beneficiaries of a particular scheme need to possess Aadhar cards, they can make it mandatory for them for that particular scheme,” said Nandan Nilekani, Chairman, Unique Identification Authority of India, on Monday here.

The workshop was done to demonstrate the practical implementations and to specify some of the salient features and the benefits of its implementation.

Residents have to authorize UIDAI to release the information available in the CIDR.

Authorization can be done via two channels:

01) In person (through  biometric authentication),

02)Online (through OTP authentication).

Upon successful authentication and consent of the resident, the UIDAI will provide the resident’s name, address, date of birth, gender, photograph, mobile number (if available), and email address (if available) to the service provider electronically.

One of the foremost advantages of Online Authentication is that the latest details of the resident can be viewed by the service provider and stored as proof of KYC being done.

Online authentication also costs less as compared to biometric authentication. No additional investment needs to be done for Online Authentication.