Telecom operators have urged the Unique Identification Authority of India (UIDAI) for more time to comply with its directive on using face recognition for Aadhaar authentication, as device manufacturers are not yet ready with the upgradation and certification process. “We wish to bring to your notice that the first step towards implementation of face authentication is required to be done by device vendors. All the biometric device vendors are required to upgrade their devices and obtain delta certification from STQC. Most of these vendors have conveyed to telecom operators that they are not ready with this certification,” COAI director general Rajan S Mathews said in a letter to UIDAI CEO Ajay Bhushan Pandey.
Such a situation will lead to delay in the implementation of face authentication process, Mathews said, adding that the UIDAI will appreciate that in absence of device vendors obtaining the certification, operators would not be able to comply with the its instructions within the defined timelines. In a directive last month, the UIDAI directed the telecom operators to implement two-factor authentication in their systems using face authentication to enhance security of the overall authentication system.
In case a resident provides Aadhaar number, authentication shall be performed using two factors – fingerprint or iris and face. If the resident provides virtual ID, authentication may be performed using single factor – fingerprint or iris. However to make the system more inclusive, those residents who are not able to authenticate using fingerprint or iris should also be asked for face authentication and fingerprint or iris in case of virtual ID too. Mathews also drew Pandey’s attention to the fact that once device vendors are ready with the face recognition system, devices need to be tested and personnel trained about the technology.
Considering the work required to implement the face recognition system, Mathews urged that the date of implementation should be extended by two months from the date on which vendors give their devices for testing to operators. “Hence, there should be no provision of penalty as the industry is working mutually with the UIDAI to enhance security features in e-KYC and making the system more robust,” Mathews said.
Source: Financial Express