Key Participants of UIDAI Aadhaar Authentications

Introduction :

The Unique Identification Authority of India (UIDAI) has providing a unique identity (Aadhaar) number to all citizens of India.It also has a benefits for delivery of various services. For Aadhaar-enabling delivery of various services, UIDAI proposes to provide online authentication using demographic and biometric data like fingerprint,IRIS etc.


Key Participants of UIDAI Aadhaar Authentications :

See Below listed points to know about the key participants of UIDAI Aadhaar Authentications.

  • Unique Identification Authority of India (UIDAI): UIDAI is the overall regulator and overseer of the Aadhaar authentication system. It also owns and manages, either by itself or through an agency, the Central Identities Data Repository (CIDR) that contains the personal identity information / data of all Aadhaar-holders. Presently UIDAI will manage the CIDR through a Managed Service Provider (MSP).
  • Authentication Service Provider (AuSP): AuSP is the entity that offers Aadhaar based authentication services on behalf of UIDAI. To start with, the role of AuSP will be played by the entity that is the MSP.(HCL) In the future, as authentication volumes go up, it is possible that more AuSPs are added to the authentication ecosystem.
  • Authentication Service Agency (ASA): ASAs are agencies that have established secure leased line connectivity with the CIDR compliant with UIDAI’s standards and specifications. ASAs offer their UIDAI-compliant network connectivity as a service to Authentication User Agencies (see below for description of AUA) and transmit AUAs’ authentication requests to CIDR. Only agencies contracted with UIDAI as ASAs shall send authentication requests to the CIDR; no other entity can directly communicate with CIDR. An ASA could serve several AUAs; and may also offer value added services such as multi-party authentication, authorization and MIS reports to AUAs. Such value added services (over and beyond the basic Aadhaar authentication service) are not covered in this operating model. An ASA is bound to UIDAI through a formal contract.
  • Authentication User Agency (AUA): AUAs are agencies that uses Aadhaar authentication to enable its services and connects to the CIDR by itself (as an ASA) or through an existing third party ASA. AUA can have more ASA. In order to directly connect to the CIDR, an AUA needs UIDAI’s approval to become an ASA. An AUA could also transmit authentication requests from other entities that are “Sub AUAs” under it (see details on Sub AUA below). AUAs can also act as an aggregator offering authentication services to Sub-AUAs below them and may also offer value added services such as multi-party authentication, MIS reports and authorization to their Sub AUAs. An AUA enters into a formal contract with UIDAI in order to access Aadhaar authentication.
  • Sub AUA: An agency / entity (any legal entity registered in India) desiring to use Aadhaar authentication to enable its services could become an AUA or it could access Aadhaar authentication services through an existing AUA. In the latter case, it becomes a Sub AUA of the existing AUA which it engages. The following are some possible examples:
  • I.Government of any State/Union Territory could become an AUA and several ministries/departments in the State could access Aadhaar authentication services through the State government as its Sub AUAs.
  • II.A small entity or business (e.g. a small scale bank) which does not want to directly engage in a formal contract with UIDAI but still wants to use Aadhaar Authentication, may choose to access Aadhaar services as a Sub AUA of an existing AUA (e.g. a large bank or any aggregator AUA offering AUA services).
  • III.Several entities could combine under a single AUA for business reasons. Ex. Several hotels could access Aadhaar authentication as Sub AUAs of an Hoteliers Association that becomes an AUA. In all such cases UIDAI has no direct contractual relationship with the Sub AUA. Only the AUA is contracted to UIDAI and shall be responsible for all authentication requests flowing through it, including those originating from its Sub AUAs.
  • Authentication Devices: These are electronic actors that form a critical link in the Aadhaar authentication service. These are the devices that collect personal identity data (PID) from Aadhaar holders, prepare the information for transmission, transmit the authentication packets for authentication and receive the authentication results. They could be operator-assisted devices or self-operated devices. Examples of authentication devices include desktop PCs, laptops, kiosks, handheld mobile devices, etc. They could be operated by the AUA (or the Sub AUA) or agents of AUA / Sub AUA.
  • Aadhaar holders: These are holders of valid Aadhaar numbers who seek to authenticate their identity towards gaining access to the services offered by the AUA or their Sub-AUAs.

Possible Services through Aadhaar Authentication :

  • Aadhaar Enabled Payments (including microATM)
  • Gas Cylinder distribution / Refund of subsidy benefits, directly to the account holder
  • KYC – Bank Account opening
  • KYC – Telephone / Mobile connection
  • KYC – RTO License Issuing / Land registrations / Affidavits / Police Verifications / BORDER security
  • Payments thru Social Schemes ( like MG-NREGA, Pension schemes , scholarship schemes etc)
  • KYC – Insurance verifications
  • KYC – Employee Verifications by Employers