Page 42 - Implementation of Secure Authentication Technologies for Digital Financial Services
P. 42
7 IMPLEMENTATION EXAMPLES OF STRONG AUTHENTICATION SYSTEMS
This section contains examples of strong authentica- dent’s latest demographic and photograph informa-
tion systems that cover DFS use cases. The examples tion using an e-KYC User Agency (KUA) public key
also illustrate mechanisms related to the authenti- and subsequently forwards the encrypted response
cation assurance phases of ITU-T Recommendation to KUA. On receiving the encrypted response, the
X.1254. KUA decrypts the data using their own private key
and returns an eXtensible Markup Language (XML)
7�1 Use case: Enrolment and Account opening with seven pieces of data - name, address, date of
The examples presented for the Enrolment use case birth, gender, phone number, e-mail address and
describe how previously-established identity infor- photograph, this eliminates collecting photocopy of
mation can be used to create new service accounts Aadhaar letter from resident.
and to satisfy KYC requirements. The key aspect in Some of the benefits of Aadhaar-based eKYC are
the examples is that the person has been enrolled described below:
previously with an authority: their identity informa-
tion collected, verified and stored. This stored iden- • Activation – there is no requirement for filling up
tity information is then available for later presenta- of Customer Application Form (CAF) and submis-
tion to service providers, controlled by the person’s sion of photograph along with Proof of Identity
authentication to release that identity information. (POI) and Proof of Address (POA) documents.
Use of digital sources of identity information for • Secure process – customer’s data is fetched from
not-in-person KYC and account opening is both central UIDAI server in encrypted format and not
convenient for the person but also presents risks stored on any of the Point of Sale (POS) terminals
for impersonation. Therefore, use of using strong except for the company’s server.
authentication mechanisms is recommended. • No document copy or photograph is required –
this gives additional confidence to the custom-
7.1.1 Example: Aadhaar eKYC ers as they don’t need to submit any documents
eKYC service allows resident to authorize Unique which can be later misused by the retailers for
Identification Authority of India (UIDAI) to share pecuniary gains.
electronic version of Aadhaar information (demo- • Extremely quick activation – as against the tra-
graphic information and photo only) with the explicit ditional process for activation of SIM card which
authentication of the resident. In eKYC service, UIDAI could take between 12-24 hours, the SIM card is
encrypts the eKYC response data containing resi- activated in very short time once the form gets
Table 3 – Digital Financial Services Use Case Examples
Authentication Assur- DFS Use Cases Use case examples
ance Phase
Enrolment Account opening (Section 8.1): • Aadhaar eKYC (Section 8.1.1)
• eKYC • Sierra Leone National Digital Identity and Credit Platform –
• Credit checks Kiva (Section 8.1.2)
• K-FIDO Enrolment (Section 8.1.2)
• Zug eID – Ethereum Blockchain-based Digital ID (Section
8.1.4)
• FIDO Enrolment (Section 8.1.5)
• Healthcare provider user enrolment (Section 8.1.6)
Authentication Access a Digital Financial Service • Alipay fingerprint payment (Section 8.2.1)
(Section 8.2): • Aadhaar authentication (Section 8.2.2)
• Storing Funds • K-FIDO Authentication (Section 8.2.3)
• Buying • Healthcare provider Next-Generation Authentication (Sec-
• Paying Bills tion 8.2.4)
• Sending/receiving funds • SK Telecom - Mobile Connect Authentication (Section
• Borrowing 8.2.5)
• Saving
• Insuring Assets and Risks
40 Implementation of Secure Authentication Technologies for Digital Financial Services
