Aadhaar data vault
It is the complete software package that is needed to implement Aadhaar Data Vault within your organization.

Overview (Aadhaar Data Vault)

UIDAI has mandated the use of tokenization – replacing sensitive data with a token that can be securely stored, processed and transmitted.

Aadhaar vault solution that will help AUAs/KUAs/Sub-AUAs/ or any other agency for specific purposes under Aadhaar Act to easily implement an encrypted Aadhaar Data Vault to securely store Aadhaar number and eKYC data. JISA’s exposes REST API to store Aadhaar Number and associated eKYC Data.

Aadhar Data Vault Solution

What is Aadhaar Data Vault?

As specified in the UIDAI Circular No. K-11020/205/2017 ,Aadhaar Data Vault is a secure encrypted centralized storage for all the Aadhaar numbers and related data collected by the AUAs/KUAs/Sub-AUAs/ or any other agency for specific purposes under Aadhaar Act and Regulations, 2016. It should be inside the respective agency’s infrastructure accessible only on a need to know basis. The Aadhaar data vault should provide a reference key, which is a unique token to represent the Aadhaar number in the entire internal ecosystem of the agency. The mapping of reference key and Aadhaar number should only be maintained in the Aadhaar Data Vault.

All business use-cases of entities shall use this Reference Key instead of Aadhaar number in all systems where such reference key need to be stored/mapped, i.e. all tables/systems requiring storage of Aadhaar numbers for their business transactions should from now onwards maintain only the reference key. Actual Aadhaar number should not be stored in any business databases other than Aadhaar Data Vault.

JISA’s Aadhaar Data Vault

JISA’s Aadhaar Data Vault solution is the complete software package that is needed to implement Aadhaar Data Vault within your organization. The software exposes REST APIs that can be used to easily integrate with existing software services. The package supports database encryption for data protection with HSM integration.

  • Allow applications to tokenise and replace sensitive data with token values
  • Encrypts the Aadhaar number and connected data in a Secure Vault
  • Keys for encryption are stored in HSM
  • Flexible policies allow tokens to preserve the format of the input data
  • Application integration using either a SOAP or RESTfulwebservice
  • Allows System users to create policies, set client access and allowed operations, view audit data and configure other parts of the system
  • All operations can be single or bulk requests
  • Full auditing of all user access and client application operations
  • Unauthorized Access alerts

Aadhaar Data Vault Advantages

Secure REST APIs

JISA’s Aadhaar Data Vault exposes simple and secure REST API that enables easy integration of Aadhaar Data Vault with the existing applications

Access Logs

JISA’s Aadhaar Data Vault logs all API access activities. The log can be viewed via web user interface that supports search functionality as well.

Secure And Encrypted Solution

JISA’s Aadhaar Data Vault supports database encryption to ensure data security even if the database as a whole is compromised.

Access Logs

JISA’s Aadhaar Data Vault provides integration with leading HSM models to enable encryption using HSM as mandated by UIDAI.

UUID Based Reference Keys

Reference keys to map Aadhaar number are generated using UUID scheme in order to ensure that the recovery of the original Aadhaar number from the reference key is computationally infeasible.

Access Logs

JISA’s Aadhaar Data Vault comes with an administration console with role-based user access to allow viewing of Aadhaar number reference key mapping and access logs.

Alerts

JISA’s Aadhaar Data Vault Authenticates each transaction and alerts unauthorized Transaction.

FAQ

Frequently Asked Questions

Aadhaar Data Vault is a secure encrypted centralized storage for all Aadhaar numbers collected for specific purposes under the Aadhaar Act by AUAs/KUAs/Sub-AUAs/or any other agency.

All individuals who store Aadhaar Numbers must do so in a separate and secure database (“Aadhaar Data Vault”), where the Aadhaar Numbers are masked using reference keys. The Aadhaar Data Vault is a secure system within the infrastructure of the person collecting the Aadhaar Numbers that provides centralized storage for all Aadhaar Numbers.

In order to regulate the storage of Aadhaar numbers in databases, the UIDAI divided AUAs (and KUAs, when it’s applicable) into two categories: Global AUAs and Local AUAs.

All banks were classified as global AUAs, including commercial banks, payment banks, regional banks, rural banks, cooperative banks, and small finance banks, as well as life insurance firms and India’s National Payments Corporation. PPIs, NBFCs, telcos and non-life insurance companies were among those classified as local AUAs.

All agencies with an Aadhaar Number, whether they are global AUAs/KUAs/Sub-AUAs, are required to use an Aadhaar Data Vault. However, these agencies could be organizations that have Aadhaar Numbers for internal identification purposes, such as the attendance management system or linking with the PF Account, and so on. Agencies that have stored Aadhaar Numbers in structured and electronic form, such as a database, must have an Aadhaar Data Vault.

The Aadhaar Data Vault (ADV) is a secure storage service that utilizes REST APIs to securely store encrypted Aadhaar numbers linked to their respective reference numbers. The encryption keys are securely stored in a Hardware Security Module (HSM), as required by the Unique Identification Authority of India (UIDAI).

According to the UIDAI circular, the integration of a Hardware Security Module (HSM) with the Aadhaar Data Vault is mandatory.

  • Aadhaar Data Vault enables users to easily comply with UIDAI’s dynamic guidelines without fear of future changes.
  • The solution’s automatic key management, access control, and policy management
  • API-based solutions assist organizations in integrating with other lines of business for easy and seamless integration
  • Secure and centralize storage for Aadhaar Data.
  • The Aadhaar Data Vault utilizes secure REST APIs to enable seamless integration with other applications while ensuring data security.
  • The provision of a secure and encrypted database in the Aadhaar Data Vault ensures optimal data protection even in the event of a security breach.
  • Strong access controls and necessary alerts make it auditable.
  • The Aadhaar Data Vault’s access logs offer versatile monitoring of all API activities. Additionally, it facilitates smooth integration and encryption through HSM, as mandated by UIDAI.
  • Accessible on a need-to-know basis only
  • Supports database encryption to protect data even if the database as a whole is compromised.

The Aadhaar Data Vault aims to mitigate unauthorized access to Aadhaar numbers within an organization by offering a secure and protected repository of Aadhaar details. This solution provides a safe and reliable means for agencies that handle such critical information.

Each Aadhaar number will be referred to by an additional key called the Reference Key in order to minimize the footprint of Aadhaar numbers in the ecosystem. In the organization’s ecosystem, these keys will replace Aadhaar numbers, and a mapping of reference key and Aadhaar number will be kept in the Aadhaar Data Vault

You have the option to host your Aadhaar Data Vault either on a Cloud Server or on your local Physical Servers within your data center. Nevertheless, if you decide to host the Aadhaar Data Vault on a Cloud Server, it is important to ensure that the Physical Servers of your chosen Cloud Service Provider are located within India.

The CryptoBind Aadhaar Data Vault solution ensures high data security and strict adherence to UIDAI guidelines. CryptoBind offers the entire software package required to implement Aadhaar Data Vault within your organization. The software exposes a SOAP/REST API that can be used to securely and easily store the Aadhaar number, and it is linked with Aadhaar data into the Aadhaar Data Vault using the UIDAI-mandated Tokenization method. The package includes database encryption and HSM integration for data protection.