×

Aadhaar - Face Authentication, not Face Recognition!

Sanjay Swamy

Nov. 26, 2019, 3:58 p.m.

Aadhaar - Face Authentication, not Face Recognition!

Just read about the Aadhaar-based face authentication (i.e. VERIFICATION) and saw several Tweets already on the topic. After reading all the posts and reading between the lines, here is the gist.

Face Authentication is a means of augmenting existing authentication methods, not a standalone method of authentication.
Secondly it is important to understand that it is about Authentication of a face with a photo that was previously securely captured registered during Aadhaar enrollment.
This is NOT a case of taking my photo and looking-up my face out of a database of 1.2Billion Indians.

To understand this in more detail, here is some background information.

Curently Aadhaar has three forms of authentication

  1. Demographic-only - where Aadhaar Number (or VID) plus one or ore demographic fields (Name, Address, DOB, Gender, Phone/Mobile Number, Email Address) can be authenticated. This does not require the resident to be present for the transaction.
  2. OTP-based authentication - where Aadhaar Number (Or VID) is entered and UIDAI sends a One Time PIN to the Registered Mobile Number. That OTP is then validated and the authentication is successful. This does not require any biometrics.
  3. Biometric authentication - where Aadhaar Number (or VID) and one or more fingerprints and/or one or more IRIS can be captured in an Aadhaar approved secure biometric sensor and compared with the corresponding biometric used during the Aadhaar enrollment process and based on a successful match, the authentication is completed.

Note that in all of the above cases the UIDAI only returns a YES or NO. In the case of eKYC, in cases 2 and 3 above, with resident consent and successful authentication, the KYC details may also be returned - this ONLY includes Name, Address, DOB, Gender and Photograph.

Before I get into Face Authentication, it is important to understand how biometrics work.

In the case of a biometric, an image of a fingerprint is digitized - i.e. a certain number of data points that represent the image of a fingerprint are being compared to the original. As such one isn't looking for an absolute match - rather a probabilistic match. If the level of confidence is higher than a certain threshold, one may deem a fingerprint as matching or not. One would typically want the threshold to be high so that you have a good degree of confidence.

However as we have heard from time to time, people's biometric authentication may fail because of poor quality sensors and because sometimes depending on one's field of work the fingerprints may be worn out over time. As such the Fingerprint matching algorithm may not be able to get a strong enough confidence of a match and may reject the fingerprint.

Introducing Face Authentication

UIDAI has introduced Face Authentication as a means of augmenting existing OTP or Biometric Authentication. As of now this means that one may do the following:

1. Enter Aadhaar Number

2. Do an Authentication with Fingerprint or IRIS

AND

3. FACE with a mobile camera - typically front-facing

The combination of these factors (Aadhaar Number, Fingerprint/IRIS and FACE) is collectively authenticated against the database and a higher confidence score should result - and this is believed will substantially improve the Biometric Authentication conversion rates. Since the photo was already captured during the enrollment, there is no further requirement on the resident's part - only the verifying application needs to integrate a secure SDK provided by UIDAI.

Its also cool that in the case of Mobile OTP based authentication, one could now add a remote biometric factor (used in conjunction with the mobile) to do a self authentication or an agent could do an OTP + Face authentication without any fingerprint or IRIS sensor.

While the benefits are likely to be huge in both cases, a few things this will not do:

  • This is not a reverse lookup - it is NOT possible to take your photo alone and then reverse match it with the UID database.
  • It cannot be used standalone - it is ONLY offered in FUSION mode.

It is important to understand that this is NOT the same as what Apple introduced in the iPhone X - in that case the phone ONLY matches one face and hence does the authentication locally - it also uses Infra-Red technology and can work at night. In UIDAI's case it uses a regular camera and the face would need to be well lit for this to work at night.

While one's imagination might run wild, the use cases are quite simply to improve authentication success rates and help those currently concerned about this. In my opinion anything that can be done to make authentication success rates higher will play a big role in the usefulness of Aadhaar, so this is a welcome step.

Comments & questions welcome!

About the Author - 

sanjay swamy prime venture partners

Sanjay Swamy is an Entrepreneur & Early-Stage Fintech Investor! #DigitalPayments & #Financial Services Fanatic! #IndiaStack_Evangelist!

This article was originally published on Linkedin

Recommended articles

View All
Let's enable the RIGHT use of Aadhaar!!
Let's enable the RIGHT use of Aadhaar!!

This afternoon I sold a used mobile phone to a second-hand site. The site had a really sophisticated user experience …

Read More
Aadhaar-SIM linkage - WHY NOT?
Aadhaar-SIM linkage - WHY NOT?

In the past few months, all of us have received SMS and emails on the need to link Aadhaar to …

Read More

If you believe you are building the next big thing, let’s make it happen.