Banks need more time to implement new APIs: IBA

K Ram Kumar Updated - June 24, 2018 at 11:18 PM.

The objective should be to implement the revised Application Programming Interfaces without compromising on accuracy, safety and security, the IBA said

The Indian Banks’ Association (IBA) has told the Unique Identification Authority of India (UIDAI) in no uncertain terms that banks need to be given reasonable time for testing, making changes in and going live with the three new APIs (application programming interfaces) introduced by the latter for performing 100 per cent Aadhaar authentication.

 

The objective should be to implement the revised systems without compromising on accuracy, safety and security (of transactions), it said, stressing that penalties and disincentives should not be brought in in a rush.

 

The UIDAI had published three APIs relating to authentication, e-KYC (electronic-know your customer) and OTP (one time password) request in April 2018.

 

 

Full migration

 

The Authority said all authentication user agencies (AUAs) and e-KYC user agencies (KUAs) were expected to fully migrate to the new system of virtual ID (VID) and UID Token by June 1, 2018, failing which their authentication services may be discontinued and financial disincentives imposed.

 

On June 4, the UIDAI shot off a letter to all stakeholders stating that all AUAs should achieve 100 per cent Aadhaar authentication for all their daily transactions using the new APIs by July 1.

 

“Considering that the change emanating from API version 2.5 touches multiple systems and needs to be clubbed with Aadhaar vault, the impact on any system is large. Such changes should not be inflicted on the entire ecosystem without sufficient pilot,” said the missive.

 

The IBA also highlighted issues related to Aadhaar storage. For example, the direct benefit transfer (DBT) files received from the Public Financial Management System (PFMS) containing Aadhaar numbers of beneficiaries for processing DBT need to be stored by the sponsor banks for audit purposes.

 

“However, UIDAI is not permitting the Aadhaar numbers to be stored other than in the Aadhaar vault.

 

“This will have an impact on the current processing of DBT benefits. We presume that concurrence of the government audit department has been obtained for dispensing with the storing of the Aadhaar numbers to audit. A copy of the same may be made available for circulation to banks,” said the Association.

Published on June 24, 2018 17:48