AEPS (Aadhaar Enabled Payment System)

AEPS, or Aadhaar Enabled Payment System, uses the Aadhaar number and biometric fingerprint of the user. AEPS financial transactions are performed using Aadhaar-enabled POS machines. AEPS does not require any OTP or PIN for verification. It depends on data available with the UIDAI CIDR repository, which holds your authenticated data during the Aadhaar enrolment process. AEPS performs payment transactions using the Bank Account linked with the Aadhaar Number of the user.

When a payment is initiated from the AEPS platform, the biometric data is converted into an Auth XML PID Block which needs to be digitally signed using the private key on the registered device to be sent to CIDR in an encrypted form using the public key of the UIDAI. The Auth XML is decrypted at the UIDAI CIDR repository using UIDAI's private key and verified using the public key of AUA at CIDR.

In order to securely store these important keys, NIST-recommended FIPS 140-2 Level 3 certified HSMs are required to securely store these private credentials of the authorised individual on behalf of the organisation.

Challenges:

  • To secure the biometric data from unauthorised or malicious users who may attempt to access your customers' private and critical information or manipulate sensitive data to suit their goals
  • To protect financial transactions from fraudsters

Solutions:

  • Compliances: Blue Star E&E's solution helps you meet all necessary compliances for AEPS using Global Security Leader Thales' nShield Connect HSM – General Purpose HSM.
  • Quality Solution: The product is known for its stability, concurrency, best throughput, unlimited partition, and field-upgradable. It is also possible to buy client licenses for this solution via a "Pay per Use" model.
  • Low Cost of Ownership: When compared to other products in the industry, the total cost of ownership is very effective. Most competitor products come with a defined partition and TPS-locked hardware.

Benefits:

  • Complying with UIDAI regulations and adhering to best practices to protect the transactions
  • Secure management and protection of encryption and signing keys
Get In Touch