National Skills Registry / NSR Security Features


Only Professional enters and updates his / her profile : The professional enters his / her details on NSR web-site so that authenticity of information is ensured and professional gets a chance to represent himself / herself without requiring to share the information with anyone.
Login Passwords and OTP : Professional needs to record, "login password" to access the profile and verify his mobile number and email id to update the profile based on One Time Password (OTP) based access. This ensures higher access security to professionals.
Uniqueness of Professionals : NSR seeks to ensure a unique profile for all the persons working in the industry so that all references can be made to such common profile. Uniqueness among millions of working professionals is achieved through matching of specific profile details and KYC information (Aadhaar KYC or Video KYC) submitted by professionals to identify if Knowledge Professional is unique. If a person is registering multiple times all subsequent profiles are marked as "Duplicate" and may be revoked.
Data Access Controls : The registered professional can authorise a NSR subscriber company to view his/her information. Therefore companies can view / use the profile of any registered professional only with specific authorization of such professional. This ensures privacy of information to all registered professionals. EBCs have access to only such information for whom the verification has been requested and assigned to them.
Authorised Downloads : If a user authorised by a Company to access profiles needs to download data from NSR system, it requires approval of the admin user of such company.
Dual Verification by EBC : There is dual verification of data entry at EBC end so that one user records the background verification results and another user verifies the same.
ISO 27001 Certification : NDML is implementing NSR system and has obtained ISO 27001 certification for information security. Moreover, NDML has advised empanelled background checkers also to obtain ISO 27001 certification for information security.
Network Access Security : Network Access Security is ensured by using Intrusion Detection System (IDS), firewall and setting up segregation of access using different zones of firewall.
Data Security : Data is secured even during transmission on internet as 128 bit Secure Socket Layer (SSL) encryption is enforced for user access to the website. Secure Socket Layer (SSL) certificate is obtained from reputed certificate issuing agency. This also provides authenticity of website.
Secure Access : Enterprise users like Companies and Empanelled Background Checker (EBC) can access the system using Password or OTP based authentication.
Audit Trail : Audit Trail is maintained in the database for all the relevant actions / performed events such as login, logout, data updations etc. by the users.
Password Management : Strong Password Management policy including password complexity structure password expiry, password history etc. is implemented.