In alignment with the UIDAI Information Security Policy (Page 46, Point 2.13.7), all Authentication User Agencies (AUA) and KYC User Agencies (KUA) are mandated to implement a Fraud Analytics module. This module is essential for scrutinising authentication transactions to uncover signs of fraudulent activities and to detect potential frauds by analysing the various data points related to the authentication transaction.
Integration of Fraud Analytics with eKYC
To comply with UIDAI directives, AUA/KUA entities must integrate their eKYC applications with a comprehensive Fraud Analytics module. This module should not only monitor ongoing transactions but also analyse underlying data and transaction patterns to identify suspicious activities.
Furthermore, it is required to report such incidents to UIDAI, thereby strengthening the overall techno-operational security of the eKYC ecosystem.
The Fraud Analytics module must incorporate specific checks and balances to detect and prevent unauthorised use of Aadhaar Authentication process by monitoring various operational activities some of which are as enlisted below:
- It should record details of devices assigned to field officers or agents.
- The module must collect and report device-level transaction data in real time.
- It should have the capability to restrict and lock the usage of biometric devices to designated agents / field officers /applicaitons only.
- The system must identify and store locations from which transactions are performed by agents.
- Field officers’ operations, including the use of the Aadhaar Authentication app and assigned biometric devices, should be confined to specified operational areas.
Introducing Fraud Eye 360 by ECS
ECS has developed Fraud Eye 360, an advanced and scalable Fraud Analytics platform designed for seamless integration with the eKYC stack and peripheral applications of AUA/KUA entities.
By leveraging real-time transactional data, it effectively enhances fraud detection and prevention through several key functionalities:
- Device to Agent Mapping: This functionality maps field officials or agents to their assigned devices, ensuring that only designated individuals can access and use these devices.
- Device Level Reporting: It collects device-level transaction data to analyse abnormal behaviour or anomalies in transaction processing.
- Device to Application Mapping & Locking: AUA/KUA entities can restrict biometric device usage to specific applications, preventing interaction of the assigned biometric devices with unauthorised apps installed on field officers’ or agents’ handsets.
- Geo Tagging: This functionality is designed to capture and store the Geo location data of the transaction to identify the locations from which transactions were being initiated / executed by the field agents.
- Geo Fencing: It restricts field officers’ operations, including the use of the Aadhaar Authentication app and the assigned biometric devices, to designated operational areas.
- Monitoring Device Failures: The platform is capable of identifying devices reporting consistent transaction failures and is designed to send out custom alerts to relevant officials.
- Reoccurrence Analysis: Is capable of checking if a particular device is used multiple times for any specific Transaction ID or Customer ID, and sends out custom alerts to relevant officials accordingly.
- Cross Location Analysis: This module is designed to detect and report simultaneous or near-simultaneous transactions from geographically distant locations.
- Response Error Analysis: This Module identifies the devices experiencing recurring specific errors, alerting concerned officials about these issues.
- On-Premise Implementation: Designed for on-premises deployment in the Data Center/Disaster Recovery sites of AUA/KUA entities, ensuring complete privacy of transactional data.
- UIDAI Compliance: The platform is fully compliant with UIDAI Information Security standards.
Summing Up
With a vision to enhance the security framework of the Aadhaar Authentication ecosystem, UIDAI is actively promoting the deployment of a robust and scalable Fraud Analytics Module.
As India’s leading Aadhaar-based Digital Identity Solutions provider, ECS has developed a robust Fraud Analytics solution that enables REs meet all regulatory directives effectively.
For more information about our Fraud Analytics solution, please reach out to our colleague Amit Joshi at 9820875525 / 7208155528 or via email at amit@eastcs.com.