Panel Discussion: Aadhaar Authentication: Moving Beyond Passwords
Moderator: Geetha Nandikotkur, Managing Editor-Asia & Middle East, ISMG
The Reserve Bank of India has mandated that all scheduled commercial banks, urban and state cooperative banks, payment banks, ATM operations and authorized card payment networks migrate to Aadhaar-based biometric authentication for electronic payment transactions by June 30. Banks have to ensure that all new card-present acceptance infrastructure, including network security, deployed to enable processing payment transactions using Aadhaar-based biometric authentication. The 12-digit Aadhaar number, which is linked to demographic and biometric information of all residents and a photograph issued by UIDAI on behalf of government of India, is used as a proof of identity and address.
Recently, government of India has officially acknowledged that personal identity of individuals, including Aadhaar number and other sensitive information, has been leaked to the public domain. Several questions have also been raised among security practitioners and customers alike on the privacy and security of the new authentication methods as they fear Aadhaar-authentication request could fail following errors, such as biometric data not matching the database or demographic details not checking out.
Given the increased vulnerability around Aadhaar based authentication, the panel will sharing insights on the best practices needed to make Aadhaar-based biometric authentication full proof.
The session will detail:
- What kind of device verification parameters need to be deployed by the banks;
- Conducting biometric vulnerability tests;
- Risk mitigation strategies
- Privacy and information security policy framework