ADV CaseStudy

JISA Helps One of the India’s Largest Government Infrastructure Provider to setup Centralized ‘Aadhaar Data Vault’ service for e-governance applications

The Organisation

The organisation is an attached office under the Ministry of Electronics and Information Technology (MeitY) in the Indian government.

It had an annual budget of ₹11.5 billion (US$160 million) for the year 2018–19. A large number of Government initiatives such as Swachh Bharat Mission, My-Gov, e-Hospital, fertilizer distribution, e-Courts, e-Transport etc. have been completely managed using digital platforms developed by this organisation

The Business Challenge

UIDAI has directed regulations for all Government departments to mandatorily store Aadhaar Numbers and any connected Aadhaar data (e.g. eKYC XML containing Aadhaar number and data) on a separate secure database/vault/system. In line with these regulations, organisation wanted to setup ‘Aadhaar Data Vault’ (ADV) service for e-governance applications. The organization wanted the ADV solution to handle 450 Cr records over a project tenure. In case of any change in the guidelines throughout the contract period, the organization wanted solution to comply with the same without any extra cost. 

ADV shall ensure security of Aadhaar data. Access to database system that stores the encrypted Aadhaar information shall be strictly controlled and only authorized persons shall be allowed to access it. Keys used to encrypt Aadhaar number/data shall be stored only in the HSM to ensure tamper proof security. 

Since Aadhaar number is basis of multiple business transactions which happen in real time, ADV system shall respond fast enough to allow other systems to complete real time transactions without any noticeable time lag/delay.

The Solution

JISA’s CryptoBind SecureVault (Aadhaar Data Vault) is the complete software package that is needed to implement Aadhaar Data Vault within the organisation. In order to address business challenge and considering the security regulations addressed by UIDAI, JISA has developed the Aadhaar Data Vault solution that will help AUAs/KUAs/Sub-AUAs or any other agency for specific purposes under Aadhaar Act to easily implement an encrypted Aadhaar Data Vault to securely store Aadhaar number and e-KYC data. 

It exposes SOAP/ REST API to directly and securely store the Aadhaar number and connected Aadhaar data into Aadhaar Data Vault using the Tokenization method as governed by UIDAI. The package supports database encryption for data protection with HSM integration.

CryptoBind SecureVault (J-Vault Aadhaar Data Vault) has been deployed to tokenize and store Aadhaar numbers and connected Aadhaar data securely in the Vault. The solution also gives an option to upload documents and store it in secured format. Each client application communicates with JISA’s ADV services through API gateway.

CryptoBind HSM (Network Security Module by JISA Powered by LiquidSecurity) is  a high performance hardware based transaction security solution for cloud data centers, Enterprise, government organisation and ecommerce applications. HSM family provides a FIPS 140-2 level 3 certified solution that provides elastic and centralized key management and key operation functionality. As required by organization, encryption and decryption of Aadhaar and related data is done by unique key which is stored in CryptoBind HSM.

ADV Admin Portal is hosted on client location which works in sync with HMS & tokenization engine services. It facilitate various operation like User Access Control and Management, Application Onboarding, Key Management, Token Management, Policy Management, ADV Instance Configuration for Tokenization or De-Tokenization. 

The JISA Remote Administration Client (JClient), which resides on local Windows computer, enables user to manage most of the functions of the HSM like backup-restore, CSR management, Cloning configuration

The Result

Compliance with Aadhaar Regulation
With the help of this solution client product is complying with the Aadhaar guidelines issued by UIDAI

Secure Storage in Vault
Aadhaar number and aadhaar related data is securely stored on single instance i.e. Aadhaar vault

Swift Integration
Due to RESTful APIs, the solution can be swiftly integrated with existing products

FIPS Compliant Protection
Encryption/ decryption keys are protected by FIPS compliant device and restricting direct access to the keys.

Audit Trails
Audit trails are securely stored for non-repudiation. Full auditing of all user access and client application operations

Alerts
Unauthorized Access Alerts

Handling 450 Cr Records
The solution is capable of handling approximately 450 Cr records over project tenure of 5 years for all/multiple applications shared by client

About JISA

JISA is a young Information Technology company providing various Authentication products and Solutions. 

All our Public Key Infrastructure(PKI) & Cryptographic solutions are sold under brand name  CryptoBind®. With strong core competencies in Cryptography and PKI, JISA offers solutions built around Public Key Infrastructure (PKI), the framework that brings confidentiality, authentication, privacy, and non-repudiation.

“JISA has an entire range of software applications based on cryptographic algorithms and protocols”