FB pixel

L1 biometric device certification now mandatory for Aadhaar authentication

Categories Explaining Biometrics  |  In Depth
L1 biometric device certification now mandatory for Aadhaar authentication
 

India has transitioned to more secure biometric authentication devices, with the requirement for only registered devices certified to the Level 1 standard set by the Unique Identification Authority of India (UIDAI) allowed for use with Aadhaar as of January 1, 2025.

All biometric devices used for Aadhaar authentication must now have passed L1 certification, which includes a required test of the false rejection rate (FRR) with at least 5000 people. This “5000 FRR” test is part of the testing specification set by the Standardization Testing and Quality Certification (STQC) Directorate. STQC is part of the Ministry of Electronics and Information Technology (MeitY), and set the specification for biometric device testing back in 2013.

The UIDAI ordered all participants in the Aadhaar ecosystem to phase out fingerprint biometrics scanners that are certified to the lower level, Level 0, with a January 2023 memo, to “enhance the security” of Aadhaar transactions. The change came as part of a larger shift, which also included new guidelines on informed consent and mandated the use of liveness detection.

Understanding L1 security and certification

L1 certification is a key standard for biometric devices in the Aadhaar authentication ecosystem. Unlike L0 devices, which process biometric data at the level of the host’s operating system, L1 devices have a Trusted Execution Environment (TEE) for data signing and encryption. Biometric data is safely processed within the TEE, and not passed unencrypted from the sensor to the host, reducing the risks of unauthorized access or breaches.

To acquire L1 certification, devices must meet UIDAI’s strict security standards, including passing the 1 in 5000 FRR test. This milestone certifies the device’s accuracy, dependability, and resistance to spoofing attempts. By switching to L1 devices, UIDAI strengthens India’s digital infrastructure while providing smooth and secure service delivery.

The general certification specifications for all fingerprint biometric authentication scanners requires an FRR of below 2 percent at a false acceptance rate (FAR) of 0.01 percent, IAFIS image quality certification with built-in NFIQ software and MINEX interoperability compliance.

STQC’s 5000 FRR benchmark

STQC says the 5000 FRR test is validates image quality, and is important to the overall quality assessment of a biometric device.

The specification refers to NIST Special publication 800-76-2 – Biometric Specification for Personal Identity Verification, which sets the technical and operational requirements for America’s PIV government credentials, as the basis for its testing procedure.

Testing FRR with 5,000 or more subjects is intended to demonstrate that the reliability standard is met not just on a specific population, but across India’s demographically diverse population.

Next Biometrics noted the successful completion of the 5000 FRR test by one of its Indian partners weeks ahead of the L1 certification requirement taking effect.

Ghulam Shabir Arain contributed to this report.

Related Posts

Article Topics

 |   |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics providers and systems evolve or get left behind

Biometrics are allowing people to prove who they are, speeding journeys through airports, and enabling anonymous online proof of age,…

 

Findynet funding development of six digital wallet solutions

Finnish public-private cooperative Findynet has announced it will award 60,000 euros (US$69,200) to six digital wallet vendors to help translate…

 

Patchwork of age check, online safety legislation grows across US

As the U.S. waits for the Supreme Court’s opinion on the Texas case of Paxton v. Free Speech Coalition, which…

 

AVPA laud findings from age assurance tech trial

The Age Verification Providers Association (AVPA), and several of its members, have welcomed the publication of preliminary findings from the…

 

Sri Lanka to launch govt API policies and guidelines

Sri Lanka’s government, in the wake of its digital economy drive, is gearing up to release application programming interface (API)…

 

Netherlands’ asylum seeker ID cards from Idemia use vertical ICAO format

The Netherlands will introduce new identity documents for asylum seekers Idemia Smart Identity, compliant with the ICAO specification for vertical…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events