• Home
  • Internet
  • Internet News
  • Aadhaar to Get Face Recognition as an Additional Factor of Authentication, to Use With Fingerprint, Iris, or OTP: UIDAI

Aadhaar to Get Face Recognition as an Additional Factor of Authentication, to Use With Fingerprint, Iris, or OTP: UIDAI

Share on Facebook Tweet Share Reddit Comment
Aadhaar to Get Face Recognition as an Additional Factor of Authentication, to Use With Fingerprint, Iris, or OTP: UIDAI
Highlights
  • Aadhaar is getting Face Authentication by July 1
  • The UIDAI will hold workshops and training sessions from March 1
  • It's only to be used in addition to fingerprints, iris, or OTP

The Aadhaar authentication has been carried out with biometrics like fingerprints and iris scans, apart from OTP based authentication, and now, it's getting a new way of using biometrics - face authentication. In a circular dated January 15, the Unique Identification Authority of India (UIDAI) sent out information about the implementation of face authentication, and UIDAI CEO Dr. Ajay Bhushan Pandey also tweeted about it. The reasoning for this is explained as making the Aadhaar more accessible for people who can't, for any reason, use fingerprints or iris authentication. "Some residents face difficulty in successfully using biometric authentication using one of the modalities," the circular reads. "While residents can use either fingerprint or iris authentication when both devices are available, many AUAs [Authentication User Agencies] have not yet deployed both types of devices for their use."

In many places, the Aadhaar authentication is being carried out with fingerprint readers, which has caused problems in a number of cases, for example with the elderly and manual labourers finding their fingerprints not properly readable. To get around this, the UIDAI says it can use the photo captured at the time of enrolment for identity verification. "While Aadhaar Authentication API had the technical provision for sending photo of the face, this option is currently not enabled within CIDR [Central Identities Database Repository]," the circular states. "Since face photo is already available in UIDAI database, there is no need to capture any new reference data at UIDAI CIDR." This means that the data already captured serves the purpose, and the checks are also going to pose no problem, the UIDAI circular states, because "Camera is now pervasively available on laptops and mobiles making the face capture easily feasible for AUAs without needing any additional hardware." According to the circular, Face Authentication as an additional modality to be used in fusion mode will be available by July 1.

"Face authentication with liveness detection can be used as an additional factor to increase security," it adds. In other words, face recognition is not being considered secure enough by itself - "Face Authentication shall be allowed ONLY in fusion mode, along with one more authentication factor. This means Face Authentication must be combined with either fingerprint, or iris, or OTP to be able to successfully authenticate an Aadhaar number holder."

The circular doesn't talk about whether the UIDAI is developing the photo authentication technology in-house or sourcing it from anywhere. It states: "UIDAI will provide Software Development Kits (SDKs) / Registered Device (RD) services in various operating systems which will have the ability to capture face image, check liveness, and create digital signed and encrypted authentication input as required."

The UIDAI will start sharing these kids, and holding workshops and training sessions, starting with the sharing of "necessary details" from March 1 - and as mentioned above, the actual deployment is supposed to start by July 1.

Some experts are already expressing concerns with the decision to use face recognition, saying it has been circumvented through fairly simple tricks including just using a photograph of the person.

"Although adding an extra layer of security for Aadhar card holders seems to be a good initiative, adding facial recognition might not do much good as not only it isn’t too difficult to replicate as compared to other biometrics," says Ankush Johar, Director, Infosec Ventures, a company that provides infrastructure security solutions for commercial and government clients. “But also the major problem lies in the source of the images used as the authentication mechanism. The photographs captured nearly half a decade back with an extremely low resolution camera stands hardly any chance given that hackers were able to bypass even the 3D face model recognition developed by one of the biggest tech pioneers."

A tender by the Madhya Pradesh government shows that Aadhaar photos were taken using webcams of "2-megapixels or better", or tablets of "5-megapixels or better". These low resolution images, which would also be very outdated by now, make for a poor choice, adds Johar.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Further reading: UIDAI, Aadhaar, Fingerprint, Iris Scans
Gadgets 360 Staff The resident bot. If you email me, a human will respond. More
Amazon Says Created Over 6,500 Temporary Jobs Ahead of Great Indian Sale
Karbonn Titanium Frames S7 With 13-Megapixel Selfie Camera Launched in India: Price, Specifications
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.