What is Aadhaar Data Vault: : Implementation and Solution Explained
With the growing usage of the Aadhaar number due to business transactions, the Unique Identification Authority of India made a compulsion to develop a depository Aadhaar Data Vault. Under the Aadhaar Act and Regulation, 2016, the concerned authority proposed the idea of creating such a vault to safeguard the privacy of the information. Keep reading to learn all about this data vault and its importance.
What Is an Aadhaar Data Vault?
Aadhaar Data Vault (ADV) is a centralised encrypted storage or separate repository of all Aadhaar-based eKYC of authentic entities. This vault will contain one unique Aadhaar number or a reference key which will act as an identification number of all residents of India collectively. Hence, this number or card will not serve the purpose of a citizenship document. This database maintains high security and is preferable for the encryption of an Aadhaar number.
Who Needs an Aadhaar Data Vault?
All organisations of AUAs/KUAs/Sub-AUA or dealing with Aadhaar numbers must create an Aadhaar Data Vault. These agencies may be the one that needs to deal with an Aadhaar number for identification or inspection purposes. Hence, these agencies must have an Aadhaar Data Vault to keep a number in a structured and secure format.
What Is the Objective of an Aadhaar Data Vault?
The Aadhaar Data Vault solution offered by the Unique Identification Authority of India is to reduce the unauthorised access of Aadhaar numbers within this system in an organisation. It provides a secure and safe depository of Aadhaar details for agencies dealing with these important aspects.
What Are the Approaches for Aadhaar Enrolment?
You can fill up the Aadhaar card form using three approaches.
On the Basis of Documents
In this approach, you submit all the required documents, mainly identity and address proof.
Using Relationship Proof
A head of the family can introduce family members through documents supporting their relationship, establishing proof of the Relationship.
Introducer’s Assistance
An introducer is a person who the Registrar appoints and they have a valid Aadhaar number. If an applicant does not have Proof of Identity or Proof of Address, they may use an introducer's service.
As its name implies, an Aadhaar enrolment form is used when one applies for their Aadhaar card. When one needs to update their existing card, they can use this same form. The process is simple and does not require much effort. O This form is also available at the centre, and individuals may collect them one day before to arrange every document.
How Does Aadhaar Data Vault Work?
As per the provisions set by the UIDAI, the Aadhaar Data Vault stores all encrypted Aadhaar details with the help of a Reference Key. This vault functions in a way to keep all Aadhaar-related data safe and secure and keep it protected from cyber hacking.
Generally, C-DAC develops this vault which has its base as a REST API-based solution or service. There are keys to encrypt and decrypt present in HSM, which has its mandates from UIDAI. ADV is built to generate service-wise reference numbers for individual Aadhaar numbers.
What Are the Benefits of an Aadhaar Data Vault?
Some major benefits of Aadhaar Data Vault implementation are:
Secure REST APIs
The secured REST APIs incorporated in Aadhaar Data Vault ensure seamless integration with other applications.
Safe and Encrypted Solution
The availability of a secured encrypted database provides optimum data security even during an information breach.
Versatile Access Logs
The logs in Aadhaar Data Vault enable all API access activities. Moreover, it enables seamless integration and encryption by HSM as a mandate by UIDAI.
What Are the Reference Keys for Aadhaar Data Vault?
A reference key is an additional key that refers to every Aadhaar number and maps the same in a vault. Sometimes, it needs to create multiple reference keys for a business inside the internal ecosystem of an organisation when the business refers to one Aadhaar number by one reference key.
These reference keys are present in HSM devices for encryption purposes. To store these reference keys, the Unique Identification Authority of India has not specified any recommendation for HSM. Hence, this allows organisations to use the industry's best practices.
Inside an organisation, reference keys act as a replacement for the Aadhaar number in the database. This is because, in the near future, only the use of reference keys will be prevalent in the logs. Only in case of transactions being dealt with outside an organisation, the authority will use an Aadhaar number.
What Are the Things to Keep in Mind About Aadhaar Data Vault?
To ensure the safety and security of the information, here are a few important factors that one must consider when dealing with the Aadhaar Data Vault solution:
- One must access the vault only through the internal ecosystem of an organisation.
- HSM devices must be used to store the reference keys and should be shared with the UIDAI server or NPCI.
- Only Aadhaar Data Vault must be used to store the Aadhaar number as the solution offers a robust mechanism for securely updating and deleting the Aadhaar number.
- The UIDAI specifies that an implementation of an Aadhaar Data Vault must be made at a highly restricted interface that stays isolated from the rest of the department.
- The implementation of this vault must be powerful as it uses devices that allow encryption and strong access control to work as a barrier to unwanted usage of a vault.
Aadhaar Data Vault is a new-age solution that ensures optimum data protection through strong database encryption and HSM integration. Hence, an organisation dealing with an Aadhaar number for transaction purposes must create this vault in the internal ecosystem to keep any breach of information at bay.
FAQs About Aadhar Data Vault
What should one do in the implementation of the Aadhaar Data Vault?
While implementing an Aadhaar Data Vault, it is pivotal to change or rotate the HSM keys to lower the chances of unauthorised data pilferage. Moreover, it is important to take note the organisation implementing ADV has received a separate Compliance certificate for this purpose.
What are the main features of the Aadhaar Data Vault?
Some of the main features of an Aadhaar Data Vault are it creates encryption of reference keys for all Aadhaar numbers in the system. It also serves as a secured database for storing encrypted Aadhaar numbers, Hash values, and other details.
Is there any possibility of creating multiple reference keys for a single Aadhaar number?
Yes, however, it is only possible if an organisation refers to one Aadhaar number with the help of different reference keys in an internal ecosystem of an agency.