Please select your question category
- What is e-Pramaan?
e-Pramaan is a standards based, federated e-Authentication solution aimed to provide a robust and uniform electronic authentication mechanism for online access to government applications providing public services. It addresses risk based authentication needs of an application and so, provides several factors of authentication such as username-password, One Time Password (OTP), Digital Signature Certificates (DSC), Aadhaar biometrics which can be combined to provide single or multi-factor authentication depending on the application's requirements. In addition, it comes with features such as single-sign on (SSO), website authentication and fraud management.
- Why should I use
e-Pramaan provides a one-stop solution to both, government applications delivering public services and users accessing these services. Unlike current scenario in which, as a user you are required to authenticate multiple times, remember several usernames and passwords for different online applications, with e-Pramaan's SSO this can be achieved by having a single username and password of your choice (can be even Aadhaar Number). E-Pramaan will also ensure that the website you are accessing is not a fraudulent one If you are a department, currently you are required to authenticate every user through your own system. The authentication mechanism used may not be adequate, standards based and may require changes with evolution of newer technologies and ways of online authentication. A cost as well is associated with developing and maintaining solutions, identity-proofing and verifying users. e-Pramaan provides you flexible choice of authentication mechanisms, with its strong enrolment process, ensures that registered users are verified. e-Pramaan provides verification of user credentials through various trusted services such as Aadhaar or PAN before registering the user on e-Pramaan. It also guarantees a secured communication between the user and the service.
- What is Single Sign On
facility on e-Pramaan?
If you are a user of any government services, to access different government services you need to authenticate yourself multiple times, remember logins and passwords for each of them. Through Single Sign On (SSO) facility you can access multiple e-Gov services that are integrated with e-Pramaan by logging only once to any one of these services or on e-Pramaan portal.
- How can I use e-Pramaan?
Using e-Pramaan is very easy.
If you are a user of any government service,
- You should first register yourself on e-Pramaan
through online self-registration process.
- You need to provide your email ID or Mobile number during registration. The given email ID or mobile number is verified by e-Pramaan through a verification link or a One Time verification code.
- You choose your desired login username and password during registration.
- During registration you also need to provide at least one of the following identity details (1) Aadhaar Number, (2) PAN, (3) Digital Signature Certificate. The provided identity is verified by e-Pramaan online through the backend services integrated with these identity providers. You are registered on e-Pramaan once the given credentials are verified.
- Now you are ready to use services provided by e-Pramaan. If you want to access government services through e-Pramaan, you should also be registered with the service provider. e-Pramaan requests you to do the one time login on the requested service provider's portal. Once this is done, e-Pramaan remembers you as user of these services and allows to access all those services, provided you are authenticated.
- Every time you are using the service, e-Pramaan authenticates your credentials for the service. If you are a department with a e-Service needing authentication.
- A department first needs to integrate and enlist itself on e-Pramaan. In order to do this, a registration form is provided on e-Pramaan website.
- C-DAC will get in touch with you to help you with technicalities of integration.
- You should first register yourself on e-Pramaan through online self-registration process.
- What online services can
I access with my e-Pramaan?
One can access all those services that are already integrated with e-Pramaan and listed on e-Pramaan portal.
- Is there any dependency
on the browser?
- The error "Internet
Explorer cannot display the web page" occurs after submitting
to the e-Pramaan login page. How to resolve this issue?
- Goto Internet Explorer -> Tools -> Internet Options
- Select the Security tab.
- Select the Trusted Site icon and click on the Sites button.
- Add "epramaan.gov.in" to the trusted site zone.
- What is e-Pramaan?
- How can a user register
e-Pramaan provides a web portal where users can register using a self-registration form and generation of e-Pramaan username and password pair, which will be used for logging into e-Pramaan portal.
User must provide email and/or mobile number during registration at e-Pramaan. User also has to provide any one of the identity Credential Information such as Aadhaar Number or PAN Number or DSC to complete the registration at e-Pramaan.
A successful verification of email/mobile and any one of the identity proof will complete the registration process. Incomplete registration process will not allow user to access any of the functionalities offered through e-Pramaan other than that of verification of email/mobile and identity proofs.
- How to reset the
e-Pramaan provides an option to reset the password. User will be prompted to enter the old password, new password and confirm new password.
- How to update my
Profile on e-Pramaan?
User can update his/her profile using Edit Profile functionality provided at e-Pramaan portal. User can update all fields except username, password, security question, security answer and personal message. User also cannot update the identity that are verified and have a lifetime validity.
However password can be reset using the reset password functionality. User can also update the optional information which was not provided by the user during registration.
- User Account
On receiving a request for de-provisioning, user will need to answer security question. e-Pramaan will also verify the request using the registered email ID or Mobile Number of the user. After the successful verification, user's e-Pramaan account will be de-provisioned from e-Pramaan.
Account for which a de-provisioning request is being initiated will remain in suspended state till the time verification of email/mobile is completed. Username associated with the de-provisioned account cannot be used again. The user has to register again if he/she wants to avail the services of e-Pramaan.
- User Account
User account suspension will only be initiated by e-Pramaan based on the inactivity of user account for more than 12 months or if the user is found to be involved in fraudulent, anti-national, cyber crime, duplicate registration activities etc. e-Pramaan will initially suspend such accounts and with proper verification, suspicious accounts will be marked for de-provisioning at e-Pramaan.
On receiving a request for account re-activation, end- user will need to answer security question and verify email or mobile upon which her e-Pramaan account will be reinstated.
- Why do I need to
validate my mobile number?
e-Pramaan uses OTP for authenticating a user. In this authentication mechanism the OTP will be sent to the verified mobile number of the user.
e-Pramaan also notifies various activities of the account on the verified mobile number and hence one needs to validate the mobile number on e-Pramaan during registration.
- Does e-Pramaan allow me
to change my username after the registration?
No, username once created at e-Pramaan will not be allowed to change.
- Does e-Pramaan allow me
to change my primary email ID after the registration?
Yes, user will be provided with an option to change the email-id which was provided during registration. Verification link will be sent on the newly provided email-id and only after the successful verification of same, will entail the change of the email-id.
- I cannot access my
account. What should I do?
There is a possibility where a user may face issue in accessing the account. e-Pramaan provides appropriate error/reason if such problem is faced by the user. In case of non-resolution of the problem by the user based on the error message displayed, user can contact the helpdesk of e-Pramaan or mail to firstname.lastname@example.org.
- I did not get the
activation e-Mail on my e-mail ID.
It may happen due to network congestion in mobile networks. e-Pramaan provides resend option using which another OTP can be generated and resendon the registered mobile number.
e-Pramaan also provides an option of an mobile apk which generates an OTP on the smart phone. The same OTP can be filled in at e-Pramaan. Note that this is possible only with the registered and verified mobile number on e-Pramaan of the user. The apk should also be registered on e-Pramaan to recognize the OTP generated by the apk.
If the issue is still not resolved then the user can contact the helpdesk of e-Pramaan or mail to email@example.com.
- Is there a limit on the
number of unsuccessful login attempts before I get
Yes, user account will be locked after six (6) unsuccessful attempts of login at e-Pramaan. User will be updated with the number of remaining attempts after each unsuccessful login attempt.
- What is e-Pramaan CA?
Are there any charges to get a DSC from e-Pramaan CA? Is the
DSC issued by e-Pramaan CA legally valid?
e-PramaanCA will be based on the Hierarchy based closed PKI model and will issue certificate using its Self-Signed RootCA. e-PramaanCA certificates will be issued based on the e-PramaanCA Certificate Practise Statement (CPS). e-Pramaan shall issue Digital Certificate only to e-Pramaan end-users. Digital Certificate issued by e-PramaanCA will be valid only for Digital Certificate based authentication at e-Pramaan.
Currently there will be no charges for the certificate issued by e-Pramaan CA. DSC issued by e-PramaanCA will be valid used only at e-Pramaan for authentication and not for signing
- How can a user register on e-Pramaan?
- How does a department
application benefit from integration with e-Pramaan?
If you are a department, currently you are require to authenticate every user through your own system. The authentication mechanism used may not be standard based and may require changes in future. If a new authentication mechanism is to be implemented a cost has to be incurred.. e-Pramaan provides you flexible choice of authentication mechanisms. e-Pramaan also provide verification of the user credentials through various authentic services such as Aadhaar or PAN. It also guarantees a secured communication between the user and the service.
- e-Pramaan provides a single platform for using multiple factors of authentications which are username-password, OTP based, DSC and biometrics. A department also has an option to apply different factors of authentication in combination for the e-Governance services provided by them.
- A department has an option to use the Single Sign On (SSO) and Single Logout (SLO) functionalities with interdepartmental communications also.
- Other than this departments will also be able to use the Aadhaar based authentication, ASA-AUA and e-KYC services through e-Pramaan.
- How departments can use
e-Pramaan will provide a self registration to Service Providers/ Departments through a e-Pramaan department portal. Departments will be allowed to create an account using this facility. However, SP account activation will be based on the MOU signed between C-DAC and the respective SP/Department.
- How can a department
register/de-register on e-Pramaan?
e-Pramaan provides a self registration to Service Providers/ Departments through a e-Pramaan department portal. Departments can create the account using this facility. However, department account activation will be based on the MOU signed between C-DAC and the respective SP/Department.
- How departments can
change their Login password?
e-Pramaan provides "reset password" option for changing the password.
- How departments can
integrate their services on e-Pramaan?
Once the department account gets created and activated at e-Pramaan, department can Add/Delete/Modify its services. During Service Registration, department will be provided with the option to choose any combination of authentication factors which the department finds suitable for the service. Department may select different authentication combinations for different services.
- Can departments have
their own authentication mechanism after integration with
It is advised that the department use the authentication mechanism provided by e-Pramaan. This will provide flexibility to select various combinations of standard mechanism with strong authentication factors.
- How does a department application benefit from integration with e-Pramaan?
- How are privacy concerns
addressed in e-Pramaan?
Being an authentication service protection of individual information is the prime concern addressed in the design of e-Pramaan. e-Pramaan collects the very basic information such as Name, Date of Birth, Address and stores identity such as Aadhaar Number, PAN Card only after the verification. It only stores these numbersand no other details.
- No profiling and tracking information is collected by e-Pramaan. Sensitive personal information such as religion, caste, community, class, ethnicity, income and health. The profiling of individuals is therefore not possible through the e-Pramaan system.
- e-Pramaan does not share any personal information except Aadhaar number with attached services.
- Aadhaar number or the SP User name of the User are used for mapping.
- Is my data secure at
All critical data in e-Pramaan including passwords is stored in e-Pramaan in encrypted format. SHA-2 encryption is used to restrict unauthorized access and SSL for ensuring security during information transmission.
- What standards are being
followed for encryption and de-cryption of data?
SHA-2 technique is followed for hashing. For encryption RSA 2048 is used.
- How are privacy concerns addressed in e-Pramaan?
and Aadhaar Authentication
- How e-Pramaan is
leveraging Aadhaar Authentication?
- e-Pramaan uses e-KYC service of Aadhaar while registering the users on e-Pramaan.
- It also provides a flexibility of using a verified Aadhaar number as a username instead of a chosen username of the user on e-Pramaan. This will help user not to remember one extra username.
- e-Pramaan, in its Level- 4, where it does biometric authentication, uses the fingerprint biometric verification based on Aadhaar services.
- e-Pramaan is AUA and KUA in Aadhaar Authentication ecosystem.
- What is AUA and ASA in
UIDAI provides APIs to verify any data on Aadhaar. These APIs are only accessible through the empanelled Authentication Service Agency (ASA). ASAs are entities that have secure leased line connectivity with the Central Identities Data Repository (CIDR). They verify the requests for Aadhaar and forward as a request.
Authentication User Agency (AUA) is any entity that uses Aadhaar authentication to enable its services and connects to the CIDR through an ASA.
- How departments can
become a sub-AUA?
Any department that wants to become sub-AUA has to enter into a formal agreement with AUA. C-DAC's AUA provides such a facility. You can contact C-DAC on firstname.lastname@example.org for further queries regarding sub-AUA services.
- How departments can
integrate with e-Pramaan to avail ASA services?
In order to communicate with ASA, the department should be empanelled AUA of UIDAI. This AUA communicates with CIDR database through ASA.
To integrate with C-DAC ASA, the department may register as an ASA-AUA department through a registration form provided on e-Pramaan website. C-DAC person will get in touch with you for further formalities such as MOU signing and integration with ASA.
The department may also directly contact C-DAC on email@example.com for integration with C-DAC's ASA service.
- How e-Pramaan is leveraging Aadhaar Authentication?
Factors Offered by e-Pramaan
- Which authentication
factors are offered by e-Pramaan?
- Password: Basic authentication with username and password.
- One-Time Password (OTP): e-mail, SMS or Mobile App based OTP authentication.
- Digital Signature Certificate (DSC): Authentication via hardware tokens.
- Aadhaar-based Biometric: Fingerprint authentication.
Above listed can be used as a single or multi-factor for authentication in following ways.
- Single Factor : Any one of the following factors: Password/Aadhaar-based Biometric.
- Two Factor :Combination of any two of the authentication factors such as Password/Biometrics and OTP/Digital Signature Certificate, Password and Biometrics.
- Multi-Factor : Combination of any two factors along with other factors of authentication. For ex. Password, OTP and/or Digital Signature Certificate and Biometrics.
- How can I use the various
authentication factors offered by e-Pramaan?
Authentication factors as required by various services integrated with e-Pramaan will be used for user verification through e-Pramaan. Accordingly,
- Password as authentication factor will be used when services integrated with e-Pramaan will require the user to be verified using e-Pramaan password. In this instance, once the user is logged in to e-Pramaan using his/her text password, user will be authenticated for all such services requiring password authentication.
- One-Time Password using email/SMS/mobile app will be used in combination with text password/Aadhaar-based biometric authentication. In this scenario, once the user is logged in to e-Pramaan using his/her text password or Aadhaar-based biometric, OTP will be used as an additional factor of authentication for the services which requires OTP as an additional factor. OTP can be availed using e-mail or SMS or it can be generated using e-Pramaan mobile application.
- Digital Signature Certificate (DSC) will be used in combination with text password/Aadhaar-based biometric. In this scenario, once the user is logged in to e-Pramaan using his/her text password or Aadhaar-based biometric, DSC will be used as an additional factor of authentication for services which requires DSC as an additional factor. USB based crypto token /digital certificate belonging to the user can be used through e-Pramaan DSC utility which can be downloaded from e-Pramaan.
- Aadhaar-based biometric as an authentication factor will be used when services integrated with e-Pramaan require the user to be verified using Aadhaar-based authentication. Aadhaar based authentication can be used through e-Pramaan Biometric utility which can be downloaded from e-Pramaan.
- Which authentication factors are offered by e-Pramaan?