National Skills Registry / NSR Security Features

Only Professional enters and updates his / her profile : The professional enters his / her details on NSR web-site so that authenticity of information is ensured and professional gets a chance to represent himself / herself without requiring to share the information with anyone.
Login & Transaction Passwords : Professional needs to record two different passwords for the profile, "login password" to access the profile and "Transaction password" to update the profile. This ensures higher access security to professionals.
Uniqueness of Professionals : NSR seeks to ensure a unique profile for all the persons working in the industry so that all references can be made to such common profile. Uniqueness among millions of working professionals is achieved through tested and proprietary biometrics matching mechanism. NSR collects live impression of six fingers for each registering professional. Using an algorithm such impression is converted into a database value based on unique features of such finger-print impression and is matched with the database value for all registered professionals to find-out if now registering Knowledge Professional is registering for the first time. If a person is registering for multiple times all subsequent profiles are marked as "Duplicate".
Data Access Controls : The registered professional can authorise a NSR subscriber company to view his/her information. Therefore companies can view / use the profile of any registered professional only with specific authorization of such professional. This ensures privacy of information to all registered professionals. EBCs have access to only such information for whom the verification has been requested and assigned to them.
Authorised Downloads : If a user authorised by a Company to access profiles needs to download data from NSR system, it requires approval of the admin user of such company.
Dual Verification by EBC : There is dual verification of data entry at EBC end so that one user records the background verification results and another user verifies the same.
ISO 27001 Certification : NDML is implementing NSR system and has obtained ISO 27001 certification for information security. Moreover, NDML has advised empanelled background checkers also to obtain ISO 27001 certification for information security.
Network Access Security : Network Access Security is ensured by using Intrusion Detection System (IDS), firewall and setting up segregation of access using different zones of firewall.
Data Security : Data is secured even during transmission on internet as 128 bit Secure Socket Layer (SSL) encryption is enforced for user access to the website. Secure Socket Layer (SSL) certificate is obtained from reputed certificate issuing agency. This also provides authenticity of website.
Secure Access : Enterprise users like user Companies, Point of Service (POS) and Empanelled Background Checker (EBC) can access the system using Digital Signature Certificate (DSC) authentication.
Security of Biometric Data : Biometric data collected by POS is converted by the POS software application into a database value and the same is uploaded to NSR central system. Central site validates the user uploading the data as well as the integrity of data being uploaded. This database value alone is used for matching professionals' profiles for uniqueness.
Audit Trail : Audit Trail is maintained in the database for all the relevant actions / performed events such as login, logout, data updations etc. by the users.
Password Management : Strong Password Management policy including password complexity structure password expiry, password history etc. is implemented.