COAI Concerned Over New Face Authentication Norms Set by UIDAI For Telcos

The Cellular Operators’ Association of India (COAI) has raised its concern over UIDAI’s new norms on face recognition for telcos. COAI today urged that some of the conditioned provisions will put additional cost and time burden on telecom firms. COAI also voiced that the new norms are against the tenets of ease of doing business. The apex industry body opined while the industry fully supports all efforts to make authentication secure and customer-friendly, two of the provisions under the new rules may put fresh posers for telcos. The face comparison and audit requirements place an additional burden on operators and raise costs and processing time, COAI Director General, Rajan Mathews told PTI.

And while the operators will strive to comply with the roll-out deadline of September 15, much would be dependent on device manufacturers and their readiness, Mathews added.

“The face recognition enhances security for consumers. But two aspects of UIDAI’s order are of concerns to us. This includes a requirement that operators have to keep a copy of the photo and compare it at the back-end, thus duplicating the process done by UIDAI,” Mathews said.

He said that this new back-end requirement goes against the principles of ease of doing business as it leads to duplication of efforts. “Also, the industry will do its best to comply with the implementation deadline but a part of the compliance also depends on device manufacturers,” Mathews said.

Earlier this month, the Unique Identification Authority of India (UIDAI) announced a phased rollout of face recognition feature as an additional mode of authentication, starting with telecom service providers from September 15. It has proposed a monetary disincentive for telcos found slipping on the prescribed targets from mid next month.

Significantly, the UIDAI has said ‘live face photo’ capture and its verification with the photo obtained in eKYC will be essential in those cases where Aadhaar is used for issuance of mobile SIMs.

UIDAI had said the move aims to curb the possibility of fingerprint spoofing or cloning, and seeks to tighten the audit process and security around issuance and activation of mobile SIMs. It may be recalled that in June this year, a Hyderabad-based mobile SIM card distributor had forged Aadhaar details for activating thousands of SIMs.

A UIDAI source, however, sought to play down COAI’s apprehensions saying that the authority’s norms are aimed at ensuring security and integrity of the entire process.

The UIDAI source said that new requirements are far less when compared to the previous paper-based KYC (Know Your Customer) process and documentation that were involved. A fine balance has been struck between ease of doing business and security considerations, said the UIDAI official who did not wish to be named.

Moreover, a majority of device vendors have already been certified, the official said, adding that initial target has, as it is been kept at only 10% of total monthly authentication transactions. – Telecom Talk