E-Praman Login| E Praman Certificate Download

E-Praman: A National Authentication Service with Aadhaar

Requirement of e-certificate:-

In the current digital world more and more applications/services are offered online at the doorstep of citizens. The proliferation of web and mobile services has certainly made the lives of citizens simpler; However, this has also made it unsafe. The wall of protection that existed because of someone’s physical presence has now been removed. The possibility of fraudsters stealing one’s valuable data is a threat if proper security measures are not taken.

Some online services are attempting to secure data and communications by authenticating the user through a login-password mechanism. However, this approach has several limitations such as:

Not standards-based – Implementation may not be standards-based and may contain security flaws.

One-way authentication – The authentication mechanism provides only one-way authentication. Only the service user is authenticated to the service, however, the authenticity of the service cannot be guaranteed to the user. The user may be accessing a phishing site and be unaware of it.

Multiple logins – Users have to remember multiple logins and passwords to access different services which becomes a daunting task and users start maintaining login-password lists which defeats the entire purpose.

Changes in authentication mechanisms – Sometimes online services realize that the data they are sharing is more sensitive and will require stronger authentication to improve security. If authentication is implemented at every service level, it has time, cost, and effort implications.

A centralized authentication mechanism like e-Praman can help resolve these issues.

NCMC Ecosystem Development:-

When we identify a person, we use some characteristics like appearance, voice etc. For a computer to recognize a person, the factors given below can be used.

Something the user knows (e.g. password, answer to a security question):- This is the most common type of authentication used in online services. We use passwords every day to access our systems. Unfortunately, this is very insecure as a user may forget or share or misplace something that someone else can guess or use.

Something the user has in their possession (e.g. a smart card, digital certificate, software token, GRID):- This form of human authentication removes the problem of forgetting something you know you have, but it doesn’t work when using it for authentication. You must have it. And such an item can be stolen.

Something the user has (e.g. biometrics like fingerprint, IRIS, voice, face):- It is much harder to lose a fingerprint than a wallet. Such authentication may require special equipment such as fingerprint scanners, IV cameras.

As seen above, each authentication method has its own pros and cons. None of the above methods can be chosen as foolproof identification and authentication of an individual. The most useful form of authentication would be a combination of these, commonly known as multifactor authentication.

Envisioning these issues with the growth of Digital India, the Ministry of Electronics and Information Technology (MeitY) took the initiative to create a standards based uniform authentication framework/service called “e-Praman”.

E-certificate authentication level:-

e-Praman is a standards-based national e-authentication framework that facilitates authentication and security of users accessing various services on mobile and fixed platforms. It is a unique mechanism to provide unified log-in facility through SAML 2.0 based Single Sign-On (SSO) for integrated services. Single Sign-On feature provides registered users with single window access to all services integrated with e-Praman.

It provides multi-factor authentication using (password, OTP, digital certificate and biometrics), with additional features including a configurable range of authentication factors, web-site authentication, Aadhaar-based user identity verification and driving license- based identity verification. This identity-based verification helps to link the virtual identity with the real identity.

E-Praman has been designed to work in conjunction with projects like Aadhaar. It aims to consolidate different identity documents across government departments, including driving license, PAN, etc., under a single digital profile.

Text Password:- This is the most commonly used authentication. In e-Praman, the password data is stored in a secure manner to maintain confidentiality and hence cannot be retrieved.

Image Password:- Image password was introduced in e-Praman as a language-neutral option which is also independent of the competencies of the individuals.

Strong>One Time Password (OTP):- OTP helps in overcoming replay attacks. E-Praman can send OTP to the registered and verified mobile or email ID of the user. E-Praman also offers a mobile app that can generate an OTP on the registered and verified smartphone of the user. The app is available at https://apps.mgov.gov.in/descp.do?appid=1120

Digital Signature Certificate (DSC):- e-Certificate accepts the DSC of an authorized Indian CA as a secondary form of authentication. This, although more expensive than other options, is safer.

Biometric:- Biometric authentication is supported if the user has validated the Aadhaar number. Currently, fingerprint and IRIS based authentication are supported by e-certification through Aadhaar.

Benefits for Integrated Services:-

Apart from benefits like cost, time and effort effectiveness, services integrated with e-Praman receive the benefits mentioned below.

Security – Information shared with services by e-Praman is encrypted using a symmetric key that is unique to each integrated service of e-Praman. Additionally, e-Praman uses SSL to secure the communication channel between the user and e-Praman.

Easy upgrade of authentication schemes:- A service gets the flexibility to choose authentication chains. In an authentication chain, a service can choose different combinations of authentication types.

Multi-Technology Support:- The adapter for e-certification integration is available for various technologies such as Java, .NET, PHP, etc.
First level authorization: Services have a provision to map users to roles using the service portal.

Benefits for users:-

As discussed earlier, the user gets a single window to access multiple services and hence does not have to remember a large number of logins and passwords. The user also gets the assurance that the website he is accessing is not phishing and that user data is safe at rest and in transit.

E-Praman is also available as a mobile app at https://apps.mgov.gov.in/descp.do?param=0&appid=1265&fb=true.

As discussed earlier, e-Praman provides biometrics-based authentication using Aadhaar services. E-Praman also uses Aadhaar services to link the virtual identity of the user with the real identity. An entire Aadhaar ecosystem has been created which also provides Aadhaar based services freely.

Aadhaar Based Authentication and e-KYC Services (ASA-AUA)

C-DAC is empaneled with UIDAI as Authentication Service Agency (ASA), e-KYC Service Agency (KSA) and Authentication User Agency (AUA) to provide Aadhaar based authentication and e-KYC services.C-DAC is linked to the Central Identity Data Repository (CIDR) of UIDAI through dedicated network lines to provide secure and prompt authentication service. C-DAC’s ASA and AUA services are available to government departments as well as registered private organizations.

Services provided by C-DAC ASA AUA are

Authentication Service:- Provides instant verification and identification of the resident based on the data available in CIDR. This includes demographic, biometric and OTP based authentication.

One Time Password (OTP) Service:- An OTP is sent to the registered mobile.

e-KYC Service:- UIDAI provides demographic and photographic information of the Aadhaar holder for the desired service, provided the user has given his consent.

Best Finger Detection (BFD) Service:- Identifying the best finger for better authentication accuracy.
Thus, the authentication services provided by e-Praman will truly go a long way in realizing the dream of Digital India.

• Umang Login Registration | Umang App Download

• HKRN Reg. Online | HKRNL Updates

• HKRN REGISTRATION 2024 START | HKRN PORTAL

• E-Shram Card Latest Update | E-Shram Portal