Embedded Files
BioEnable has successfully set up MOSIP Management Server and Client solutions for two national ID projects. One project is in Asia, and the other is in West Africa. We have more projects in the pipeline.
MOSIP Management Server:
MOSIP Management Server:
The management server is hosted in a data center and only allows access through port 443. It has a high-security HSM that complies with FIPS 140-2 Level 3 standards. The server can register and deregister devices through a management portal. It uses end-to-end encryption over SSL and only permits securely provisioned and approved devices. The server checks for key rotation and expiration daily adjusting these according to its policies.
Here's what the management server does:
Verifies that devices are genuine and from authorized providers.
Registers genuine devices with the MOSIP device server.
Syncs time between the server and the device ensuring the time is trusted and accepted by the device.
Issues commands to end devices for deregistration (including device keys) and collects device information for maintenance support and upgrades.
Maintains a central repository of all approved devices.
Safely stores keys using the high-security HSM which are used to issue device certificates upon registration.
Can push updates from the server to the client devices.
MOSIP Management Client:
MOSIP Management Client:
The management client is the interface that connects devices to the management server. It automatically registers the device with the server verifying its identity and validity.
All communication between the client and server must follow these rules:
Communication is digitally signed.
Data sent to and from the server is encrypted using public key cryptography.
Requests include timestamps in ISO format down to the millisecond within the signature.
Communication includes a signed digital ID as one of its attributes.
The server triggers key rotation through telemetry.
The client ensures it is communicating with the correct management server.
The client will not expose any API to capture biometric data and the management server cannot trigger a capture request.
Biometric data will not be logged, whether encrypted or unencrypted.
MOSIP Compliant Biometric Scanners
MOSIP Compliant Biometric Scanners
*Â -Â MOSIP Compliance in Progress
Our biometric enrollment scanner passed self-testing and were integrated with the Modular Open-Source Identification Platform (MOSIP) security standard. BioEnable team's quick understanding of the security model and API specifications our biometric scanners achieved MOSIP compliance.
MOSIP is an open-source platform designed to help governments and international organisations build a foundational identification system at a low cost. A functioning identity system allows individuals to obtain a unique identity from the government in order to access various services such as financial and social security. Nations can use the platform to create their own identification system. It provides a vendor-neutral and interoperable approach that allows governments to precisely configure their systems. Aside from that, the platform provides approaches to addressing various challenges when constructing a national functional system that assists in meeting essential needs. Nations are free to use MOSIP to create their own identity systems.
The platform can be used for various use cases such as national ID systems, voter ID systems, and welfare schemes. The platform is designed to be scalable and can handle millions of identities. The platform is also designed to be secure, to protect the privacy of individuals and to prevent data breaches.
SBI (Service-based Interface) in MOSIP (Modular Open Source Identity Platform) refers to a set of APIs (Application Programming Interfaces) that provide a standard way for interacting with different components of the MOSIP platform.
The SBI is designed to support a modular architecture, which means that different components of the platform can be easily replaced or upgraded without disrupting the overall system. The SBI provides a standard way for components to interact with each other, making it easier to integrate new components and services into the platform.
The SBI also makes it easier for third-party applications and systems to integrate with MOSIP, as they can use the SBI to interact with the platform. This can help to increase the functionality and utility of the platform and make it more useful for a wider range of use cases.
In summary, the SBI in MOSIP is a key component that helps to ensure the modularity, scalability, and interoperability of the platform, and makes it easier for third-party applications and systems to integrate with MOSIP.
Device Discovery
The applications would use device discovery to identify MOSIP compliant devices in a system. The protocol is intended to be a simple plug-and-play solution, with all necessary abstraction to the specifics.
Device Info
The device information API would be used by applications to identify MOSIP compliant devices and their status.
Page updated
Report abuse