+91 9324813180
+1 4847906355
+63 9208320598
+44 1519470017
+84 908370948
+7 9639173485
+62 81808037776
+90 5441016383
+66 993367171
+254 725235855
+256 707194495
+46 700548490Network
Getting enrolled with UIDAI, allows organizations to provide E-KYC and Aadhar based authentication. Organizations that are looking to become an empaneled KYC User Agency (KUA) or looking to integrate with Aadhaar Authentication Services (AUA), are required to get a comprehensive security assessment and corresponding compliance certification from a CERT-In Empaneled Security Auditor ensuring compliance with UIDAI standards and specifications.
The latest version of UIDAI Information Security Policy for AUAs and KUAs outlines a comprehensive process of technical and operational audit. The following domains (but not limited to) falls under the focus of the audit, thereby improving your security preparedness and technology defense:
Security of the authentication devices and applications
-
-
Systems
-
Key management
-
Data vault requirements
-
Security framework policies for requesting entity compliance requirements
These changes include obtaining consent, transparency and purpose limitation, amongst others. As per the guidelines of UIDAI, client applications of the organization using Aadhaar based authentication need to undergo periodic annual auditing or need basis, by Information Systems Auditors certified by CERT-IN. The compliance audit report is then to be submitted to UIDAI or shared upon request. The assessment is mandatory for any organization that wants to comprise Aadhar based authentication in their business process.
As a CERT-IN empanelled body, QRC will help you understand, manage and comply with UIDAI Security Audit & Compliance requirements that are released on a periodic basis.
