With the government’s policy initiative to digitize the process of offering various services coupled with multiple e-governance projects, online transactions have grown phenomenally. The DigiLocker service offered by the government intends to serve the need of citizens, businesses and government departments to access e-documents effectively and easily.
DigiLocker is a unique feature for storing important document online. Today, these kinds of services are offered by private sector players as well. The DigiLocker is simple, safe and secure, does away with the need to produce documents in physical form and carrying of multiple true copies of the documents specified. However, the question is – how safe and secure the DigiLocker is?
The documents in the repositories associated with DigiLocker are secure. They can be stored and accessed without compromising security. In the case of certain specific documents (according to the type of document) it may only be possible to share them through the owner’s authentication. This is to ensure that sharing and access are authorized by the document’s owner.
Security features in DigiLocker such as 256-bit encryption, mobile authentication, timed logout are a few that make the system robust.
256-bit SSL encryption
DigiLocker uses a 256-bit key to encrypt and decrypt data or files. This encryption is one of the most protected methods of encryption after 128 and 192-bit encryption. Today, this encryption is most popular in encryption algorithms, protocols and technologies such as AES and SSL.
Automatic log out
This feature is incorporated to ensure the safety of the credentials of the user. In the event you forget to log out, logout happens automatically from the account when the browser window is closed.
To sign up or register with DigiLocker, the user needs to have a valid Aadhaar number. When you sign up using Aadhaar number, you’ll be given authentication with an OTP (one time password) to be sent to the mobile number and email id registered with Aadhaar. Once you enter the OTP in the field, you are done.
Users can log in to DigiLocker using Aadhaar number with OTP, or user Id and password. However, some people opine that the authentication should be made mandatory whenever there is login by the user to enhance security. This is so in case of logging in to email accounts such as Gmail, outlook, and so on. This is because if the username and passwords are compromised, unauthorized access may occur.
ISO 27001 is a set of standards for information security management system (ISMS). An ISMS is a framework comprising policies and procedures including legal, physical and technical controls associated in the information risk management process of a business or an organization.
DigiLocker service is easy to use, safe, secure and free, and is expected to bring paperless governance. It provides as much as 1 GB storage space in the cloud. Citizens can access their digital documents on a real time basis, and can thus save time. The security features make a compelling reason to sign it up.