UIDAI has mandated the use of tokenization – replacing sensitive data with a token that can be securely stored, processed and transmitted.
Aadhaar vault solution that will help AUAs/KUAs/Sub-AUAs/ or any other agency for specific purposes under Aadhaar Act to easily implement an encrypted Aadhaar Data Vault to securely store Aadhaar number and eKYC data. SigningAPI’sexposes REST API to store Aadhaar Number and associated eKYC Data.
Aadhar Data Vault
As specified in the UIDAI Circular No. K-11020/205/2017, Aadhaar Data Vault is a secure encrypted centralized storage for all the Aadhaar numbers and related data collected by the AUAs/KUAs/Sub-AUAs/ or any other agency for specific purposes under Aadhaar Act and Regulations, 2016. It should be inside the respective agency’s infrastructure accessible only on a need to know basis. The Aadhaar data vault should provide a reference key, which is a unique token to represent the Aadhaar number in the entire internal ecosystem of the agency. The mapping of reference key and Aadhaar number should only be maintained in the Aadhaar Data Vault.
All business use-cases of entities shall use this Reference Key instead of Aadhaar number in all systems where such reference key need to be stored/mapped, i.e. all tables/systems requiring storage of Aadhaar numbers for their business transactions should from now onwards maintain only the reference key. Actual Aadhaar number should not be stored in any business databases other than Aadhaar Data Vault.
SigningAPI’s Aadhaar Data Vault
SigningAPI’s Aadhaar Data Vault solution is the complete software package that is needed to implement Aadhaar Data Vault within your organization. The software exposes REST APIs that can be used to easily integrate with existing software services. The package supports database encryption for data protection with HSM integration.
Below is the process flow diagram for Tokenization and de-tokenization of Aadhaar number
Figure 1: Tokenization
Figure 2: De-Tokenization
Secure REST APIs
SigningAPI’s Aadhaar Data Vault exposes simple and secure REST API that enables easy integration of Aadhaar Data Vault with the existing applications
Secure And Encrypted Solution
SigningAPI’s Aadhaar Data Vault supports database encryption to ensure data security even if the database as a whole is compromised.
SigningAPI’s Aadhaar Data Vault provides integration with leading HSM models to enable encryption using HSM as mandated by UIDAI.
UUID Based Reference Keys
Reference keys to map Aadhaar number are generated using UUID (Universally Unique Identifier represented via hex string) scheme in order to ensure that the recovery of the original Aadhaar number from the reference key is computationally infeasible.
SigningAPI’s Aadhaar Data Vault comes with an administration console with role-based user access to allow viewing of Aadhaar number reference key mapping and access logs.
SigningAPI’s Aadhaar Data Vault logs all API access activities. The log can be viewed via web user interface that supports search functionality as well
SigningAPI’s Aadhaar Data Vault Authenticates each transaction and alerts unauthorized Transaction