All about Securing Aadhaar Data – Aadhaar Data Vault
An Aadhaar number is a random 12-digit number issued by the Unique Identification Authority of India (UIDAI) to the residents of India after they have passed the verification process set by the agency. Aadhaar number is a proof of identity and does not confer any citizenship or residency. Aadhaar has now become very important as this number has been made mandatory by the government for many financial transactions as well as for a multitude of social programs. However, the involvement of third-party agencies in data collection for Aadhaar also raises many concerns about the security and protection of their personal information and biometric data.
Considering the sensitivity of Aadhar numbers and the potential for Aadhar numbers to be compromised, UIDAI issued a notice in July 2018 requiring that all data related to Aadhaar be encrypted and separately stored. all Aadhaar and Aadhaar related data to be encrypted and stored separately in a secure, access-controlled data repository known as “Aadhaar Data Vault”.
Who should implement Aadhaar Data Vault?
All agencies that can be AUA/KUA/SubAUA having an Aadhaar number which is required to create the Aadhaar Data Vault. Authorities that store Aadhaar and perform Aadhaar-based authentication, eKYC, etc. cannot store the Aadhar number directly in the system / database / logs, etc. and must make appropriate changes to the system. Also, all existing Aadhaar numbers stored on various systems. Core banking systems, eKYC-systems, etc. should be replaced with the appropriate reference keys.
Any non-compliance will be dealt with under section 42 of Aadhaar Law 2016 and will also be an economic impediment.
- To meet UIDAI’s Strict compliance to store and manage Aadhaar data
- To manage encryption keys in a hardware security module that complies with FIPS 140-2 authentication standards
- To overall key management for organization
- To ensure authenticated authorization for Aadhaar numbers through access control and policy management
- To perform data masking knowing where the Aadhaar number should be stored in the system
CryptoBind Aadhaar Data Vault Solution:
CryptoBind Aadhaar Data Vault is the complete software package required to deploy Aadhaar Data Vault in an organization. To meet the challenges and considering the security regulations addressed by UIDAI, JISA has developed the Aadhaar Data Vault solution that will help AUA/KUA/Sub AUA or any other authority for specific purposes under the Aadhaar Act to easily implement an encrypted Aadhaar Data Vault for safe storage of Aadhaar number and eKYC data. It shows a SOAP/REST API to securely and directly store Aadhaar numbers and connected Aadhaar data in Aadhaar Data Vault using UIDAI managed encryption. The package supports database encryption to protect data with HSM integration.
Advantages of CryptoBind Aadhaar Data Vault:
- Secure and centralize storage for Aadhaar Numbers
- Secure REST API allows easy integration of Aadhaar Data Vault with existing applications
- Auditable with strong access controls and necessary alerts
- Accessible only need to know basis
- Supports database encryption to ensure data security even if the entire database is compromised.
About Us:
JISA Softech is a cryptography-focused information technology company based in India. We offer cryptographic solutions to financial institutions, manufacturers, enterprises and government agencies. Our primary product lines have included industry-compliant Hardware Security Modules, Key Management Solutions, Tokenisation, Encryption, Aadhaar Data Vault, and Authentication solutions. All our Cryptographic solutions are sold under the brand name CryptoBind. Our innovative solutions have been adopted by businesses across the country to handle mission-critical data security and data protection needs.
To implement Aadhaar Data Vault solution contact us at:
Phone: +91-9619222553
Email: sales@jisasoftech.com
