#ANCS token reference from Aadhaar Authentication Application Security Standard (of JH SRDH) https://aadhaar.jharkhand.gov.in/Aadhaar_Authentication_Application_Security_Standard_v1.0.pdf
Does the authority have powers to determine entity of national importance in base act @apar1984 @prasanna_s @PrasanthTweets? https://t.co/w5wXU3Km2M
Log maintainence -- While @UIDAI itself will keep logs only for 6 months, per SC judgement, @UIDAI is now regulating that private entities / AUAs will have to keep them for 2 + 5 = 7 years! #SaveOurPrivacy
Notification about authentication / verification to Aadhaar holder, including the case of offline verification, where OVSE should notify about verification. through email and/or SMS on mobile number and/or paper based
acknowledgement. Basically, get a slip when you share #Aadhaar
Side stepping a bit on facial authentication guidelines by volunteers. Yeah, you will not see any reference to UIDAI, but this is how all #Aadhaar tech was built.
Capturing biometrics. It is to be noted that @AyushmanNHA is capturing facial data for #CoWIN facial authentication pilot - without the processes and specification laid down by the authority in public domain.
#OVSE must tell the Aadhaar holder - the nature of information received during auth / verification, its use - in local language *AND* must provide alternate viable means of identification, and cannot deny / refuse any service.
Authentication types - such careful wording to allow facial authentication, without explicitly mentioning that in regulations.
#CoWIN is the first large scale app to perform facial authentication.
On definitions - ANCS - #Aadhaar Number Capture Service is a new tech getting a mention. There are very references technical details of this service, which will run by @UIDAI. At the outset, does seem like OAuth endpoint being run.
Regulations without sufficient details is bad
Draft Aadhaar (Authentication and Offline Verification) Regulations, 2021 - https://uidai.gov.in/images/Draft_Aadhaar_Authentication_Regulations_2021_v0.3.pdf
Draft put for consultation 'silently' by @UIDAI on May 20, 2021 and closing by June 2, 2021.
Some highlights on thread.
@SFLCin @internetfreedom @nixxin
Public interest technologist. Rants on technopolitricks. Building TechCollectives, sometimes products.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!