ID Authentication

Overview

ID Authentication (ID Auth) provides an API based authentication mechanism for entities to validate individuals. ID Authentication is the primary mode for entities to validate an individual before providing any service.

Following are the pre-requisites for an entity to do authentication of an individual

ID Authentication requests must come to MOSIP only via trusted parties who are white listed in MOSIP. The trusted parties are referred to as partners in MOSIP.
The biometric devices used for authentication must be registered with MOSIP.

ID Auth allows only partners to make authentication requests. The requests are cryptographically secured and verified. A partner that captures data from a biometric device must conform to standards to ensure interoperability.

An individual is authenticated based on the following:

Demographic data
- name
- date of birth
- gender
- address
Biometrics
- fingerprint
- iris
- face

To enhance security a second factor of authentication is supported:

OTP based
Static pin based
Challenge response

To analyze and generate authentication patterns, all authentication requests are audited. These audit logs may be used to determine any frauds during authentication process.