Centre for Digital Public Infrastructure
english
english
  • THE DPI WIKI
    • 🎉About the DPI Wiki
    • 🔆What is DPI?
    • ✨DPI Overview
    • 📝DPI Tech Architecture Principles
      • 🔗Interoperability
      • 🧱Minimalist & Reusable Building Blocks
      • 💡Diverse, Inclusive Innovation
      • 💠Federated & Decentralised by Design
      • 🔐Security & Privacy By Design
    • 🎯DPI Implementation & Execution Guidance
    • 🆚DPG and DPI
    • ❓What DPI can I build?
    • 🥇First use case for DPI
    • 📘Inputs for designing a DPI informed digital transformation strategy
    • 💰How much does it cost to build DPI?
    • 📢Is my system a DPI?
      • TL; DR - Is my system a DPI?
  • Mythbusters and FAQs
    • 🔯DPI and Mandating Adoption
    • 🔯DPI and Private Competition
    • 🔯DPI and Privacy / Security
    • 🔯DPI and the Digital Divide
  • Technical Notes
    • 🆔Identifiers & Registries
      • Digital ID
        • Capabilities on ID system
        • ID-Auth
        • Face Authentication
        • eKYC/ Identity profile sharing
        • Single Sign On (SSO)
        • QR Code for Offline ID
    • 📂Data Sharing, Credentials and Models
      • A primer to personal data sharing
      • Data standards
      • Verifiable Credentials
      • Building Data Analytics Pipelines
      • eLockers
      • Non-personal Anonymised Datasets
    • 🔏Trust Infra
      • Digital Signatures and PKI
      • eConsent
      • eSign
    • 🛒Discovery & Fulfilment
      • Platforms to Protocols
    • 💸Payments
      • Financial Address
      • Interoperable QR Code
      • Interoperable Authentication
      • Interoperable Bill Payments
      • Cash in Cash Out (CICO)
      • Financial Address Mapper (G2P Connect)
      • G2P Payments
  • Initiatives
    • 🌐DPI advisory
    • 🚀DPI as a Packaged Solution (DaaS)
      • 💡Why do we need DaaS?
      • 🎯DaaS in a nutshell
      • 📦Pre-packaged DaaS kits
      • ♻️Reusable DaaS Artefacts
      • 3️⃣A 3-step process from idea to implementation!
      • 📈Funded DaaS Program overview
      • 👩‍💻Cohort 1: DaaS Offerings
        • Digital authentication
        • Digital credentials
        • ID Account Mapper
      • 🖥️Co-create with us!
      • 💬Upcoming DaaS cohorts
        • Functional Registries
        • AI Assistant
      • ❓FAQs on DaaS
        • Country x DPG MOU /LoI FAQs
        • Ecosystem Participation Terms FAQs
    • 📑DPI Residents Program
    • ⚖️DPI-CPA
    • 💸G2P Connect
    • 📨User Centric Credentialing & Personal Data Sharing
    • ⚕️DPI for Health
    • 🌍Agri Connect (forthcoming)
  • References
    • Glossary
    • Curated Specifications
  • Additional Info
    • 🤝Licensing
    • ✍️Contact Us
Powered by GitBook
On this page
  • Overview
  • Assumptions
  • Challenges
  • Approach
  • Risk Mitigation
  • Summary
  • Attributions
Export as PDF
  1. Technical Notes
  2. Identifiers & Registries
  3. Digital ID

Face Authentication

Approach to enabling inclusion in onboarding individuals for use cases such as social protection

Overview

Authenticating a user is most primitive action in any service delivery. Assuming user's registered photo is available in digital form and is easily verifiable, opening up face authentication on mobile phone app(s) creates non linear scale in providing services in an inclusive way.

Assumptions

  1. Country or any department offers a digitally signed artefact i.e JSON/XML document as file or in QR code format with foundational/functional ID or ID alias, Photo and any other minimal information requried for validation to deliver a service.

  2. Access to this digitally signed artefact can be through a digitial copy shared or securely cached on a mobile device, scanned through QR code using a printed or physically issued card.

Challenges

Following are few common challenges in any given country / context that is the primary cause for user exclusion who may other wise can be easily reached to deliver services:

  1. Access : Not all users are digitally savy to own and/or operate a mobile phone.

  2. Reach : Network connectivity or coverage is a universal challenge to avial online services.

  3. Digital Literacy : Many users lack digital financial literacy e.g., handling of PIN/OTPs.

  4. Choice : Users trust known neighbourhood agents and choice to pick the service touch points/agents is key to build trust / inclusion.

  5. Automation : Manual steps/processes cause delays, middlemen

Approach

Following are few key capabilities to consider to address above challenges:

  1. Mobile First : Mobile first approach is to have service delivery enabled using mobile devices like phones, tablets, laptops. Ideally build once and deployed across operating system platforms is encouraged to keep the IT systems lean.

  2. Online/Offline : Mobile device based delivery enables local secure storage to strategise processes for offline delivery when online services are not reachable due to network connectivity/coverage. System processes can be dictated to grant device level online/offline policies based on local context.

  3. Smart Synchronization: Offline service delivery requires required master, reference and recent transactional data available for taking minimum required business validations.

  4. Self/Assisted : Business processes to be aligned for self and assisted use case scenarios.

  5. Local Face Auth : Face authentication with liveness checks on the edge device as reusable software library/module across various department apps. This can act digital rail infrastructure component.

  6. Device Registration : All mobile devices enabled to provide self or asssisted services can be registered to manage granual level of controls to deliver services in secure and trusted environments.

  7. Assisted Operators: All assisted operators enabled to provide assisted services can be trained and registered to deliver remote services.

Risk Mitigation

  1. Face authentication models should be well tested to ensure seamless user experience to address inclusion. The solution should work in conditions like low device technical specifications, lighting conditions, ease use, local language support, integration with business application flows etc.,

  2. Face authentication models should be integrated with face liveness detection process as well.

  3. Digital exception management should integrated into the workflows thought reason codes. Scenarios where face liveness / match, backend service related errors to be handled through a well thought through exception management process.

  4. Continuous improvements to both technical and business processs should be considered by analysing the telemetry data from the devices.

Summary

Attributions

PreviousID-AuthNexteKYC/ Identity profile sharing

Last updated 1 year ago

Face Autentication using a mobile device opens up an oppurtunity for governments to serve large number of population with ease.

🆔
excluded