Government of Assam: Ref No.: DITEC - No.160/2021/131 Release Date: 28 June 2022

Government of Assam
Directorate of Information Technology, Electronics and Communications (DITEC),
Behind CM Block, Assam Secretariat,

Dispur, Guwahati-781006
e-Mail: ditec-asm@gov.in
REQUEST FOR PROPOSAL (RFP)
FOR
Selection of Agency for Supply, Commissioning, Testing, Integration and Operation and Maintenance
of Aadhaar Data Vault for AUA/KUA Project of Directorate of Information Technology, Electronics
and Communication, DITEC, Government of Assam.
REF NO. : DITEC.No.160/2021/131

RELEASE DATE : 28th June 2022
Page 1 of 66
This page is intentionally left blank.
Page 2 of 66
Disclaimer
The information contained in this RFP document or any information provided subsequently to Bidder(s)
whether verbally or in documentary form by or on behalf of the DITEC is provided to the Bidder(s) on the terms
and conditions set out in this RFP document and all other terms and conditions subject to which such information
is provided. This RFP is neither an agreement nor an offer and is only an invitation by DITEC to the interested
parties for submission of bids. The purpose of this RFP is to provide the Bidder(s) with information to assist the
formulation of their proposals. While effort has been made to include all information and requirements of the
DITEC with respect to the solution requested, this RFP does not claim to include all the information each Bidder
may require. Each Bidder should conduct its own investigation and analysis and should check the accuracy,
reliability and completeness of the information in this RFP and wherever necessary obtain independent advice.
The DITEC makes no representation or warranty and shall incur no liability under any law, statute, rules or
regulations as to the accuracy, reliability or completeness of this RFP. The DITEC may in its absolute discretion,
but without being under any obligation to do so, update, amend or supplement the information in this RFP.
Page 3 of 66
Table of Contents
Contents
Disclaimer ................................................................................................................................................. 3
ABBREVIATIONS & DEFINITIONS .................................................................................................................. 8
1. Invitation for Proposal ........................................................................................................................ 12
1. RFP Notice ................................................................................................................................. 12
2. Data Sheet ................................................................................................................................. 13
2. Project Profile & Background Information.......................................................................................... 14
1. Introduction .............................................................................................................................. 14
2.1.1 Project Brief ............................................................................................................... 14

2.1.2 Project Vision .......................................................................................................... 14
2.1.3 Project Objectives .................................................................................................... 15
2.1.4 Aadhaar Data Vault: .................................................................................................. 15
3. Pre-Qualification/ Eligibility Criteria ................................................................................................... 15
1. Pre-Qualification Criteria .......................................................................................................... 15
2. General Instruction of Bidding Process ..................................................................................... 17
4. About Assam Aadhar Authentication Framework (AAAF) .................................................................. 17
1. Module of AAAF........................................................................................................................ 17
i) Data Management .................................................................................................. 18

ii) User Access Management ....................................................................................... 18
iii) KYR Search .............................................................................................................. 18
iv) Authenticate Services .............................................................................................. 18
v) E-KYC validation ...................................................................................................... 18
vi) Web Service Integration .......................................................................................... 18
vii) Aadhaar seeding ..................................................................................................... 19
viii) MIS reports and Dashboard ..................................................................................... 19
ix) Other Services ......................................................................................................... 19
5. Scope of Work .................................................................................................................................... 19
5.1 Detailed Scope of Work ............................................................................................................. 19
Page 4 of 66
5.2 Technical Specification: ............................................................................................................. 21
5.3 Third Party Audit: ...................................................................................................................... 40
5.4 Roles and Responsibilities of DITEC and its authorized agency(s): ........................................... 40
6. Project Deliverables-cum-Time Line & Payment Schedule ................................................................. 40
7. Manpower Specifications ................................................................................................................... 41
7.1 Implementation Phase .............................................................................................................. 41
7.2 Operations & Maintenance Phase ............................................................................................ 41
8. Bidding Process................................................................................................................................... 42
8.1 Site Visit .................................................................................................................................... 42
8.2 Cost of Bidding .......................................................................................................................... 42
8.3 Validity of Proposals ................................................................................................................. 42
8.4 Clarification of Tender Document ............................................................................................. 43
8.5 Pre-Bid meeting ........................................................................................................................ 43
8.6 Amendment of Tender Document ............................................................................................ 43
8.7 Bid Preparation ......................................................................................................................... 43
i) Language of Bids ..................................................................................................... 43

8.8 Procedure for Submission of Bids ............................................................................................. 44
i) Tender Processing Fees............................................................................................ 44

ii) Modes of Submission ............................................................................................... 44
8.9 Authentication of Bid ................................................................................................................ 44
8.10 Financial Bid .............................................................................................................................. 44
8.11 Price validity .............................................................................................................................. 44
8.12 Revelation of Prices .................................................................................................................. 44
8.13 Terms and Conditions of Tendering Firms ................................................................................ 45
8.14 Bid Submission .......................................................................................................................... 45
8.15.1 Consortium and Sub-contracting ............................................................................. 45

8.15.2 Modification and Withdrawal of Bids ...................................................................... 45
8.15.3 Address for Correspondence .................................................................................... 45
8.15.4 Clarifications ........................................................................................................... 45
8.15.5 Verification of Reference Installations ..................................................................... 45
8.15.6 Contacting DITEC ..................................................................................................... 45
Page 5 of 66
8.15.7 Bid Currency ............................................................................................................ 46
8.15.8 Disqualifications...................................................................................................... 46
8.16 Criteria for Evaluation of Bid .................................................................................................... 46
8.17 Submission, Receipt and Opening of Proposals ........................................................................ 47
8.18 Correction of Arithmetic Errors in Financial Bids ...................................................................... 48
8.19 Right to Accept or Reject Proposal ........................................................................................... 48
8.20 Bid Selection Method ................................................................................................................ 48
8.21 Disqualification ......................................................................................................................... 48
9. General Terms and Conditions ........................................................................................................... 48
9.1 Application ................................................................................................................................ 48
9.2 Applicable Law .......................................................................................................................... 49
9.3 Relationship Between Parties ................................................................................................... 49
9.4 Documents/Knowledge Transfer .............................................................................................. 49
9.5 Governing Language .................................................................................................................. 49
9.6 Intellectual Property Rights (IPR) .............................................................................................. 49
9.8 Award of Contract ..................................................................................................................... 50
9.9 Monitoring of Contract ............................................................................................................. 50
9.10 Performance Bank Guarantee (PBG) ......................................................................................... 50
9.11 Execution of Agreement ........................................................................................................... 51
9.14 Penalty ...................................................................................................................................... 51
9.15 Fraud and Corruption ............................................................................................................... 53
9.16 Confidentiality ........................................................................................................................... 53
9.17 Termination ............................................................................................................................... 54
9.18 Force Majeure ........................................................................................................................... 54
9.19 Resolution of Disputes .............................................................................................................. 54
9.20 Amicable Settlement ................................................................................................................. 55
9.21 Legal Jurisdiction ....................................................................................................................... 55
9.22 Notice ........................................................................................................................................ 55
9.23 Limitation of Liability ................................................................................................................. 55
9.24 Deliverables ............................................................................................................................... 55
9.25 Validity of Contract.................................................................................................................... 55
9.26 Others ....................................................................................................................................... 55
Page 6 of 66
10 Exit Management ............................................................................................................................... 56
10.1 Purpose ..................................................................................................................................... 56
10.2 Cooperation and Provision of Information ................................................................................ 57
11 Annexure: Forms and Template for Bid Response .............................................................................. 57
11.1 Technical Proposal Forms .......................................................................................................... 57
12 TECHNICAL PROPOSAL FORMS............................................................................................................ 58
12.1 Form – 1: Covering Letter.......................................................................................................... 58
12.2 Form – 2: Declaration of Acceptance of Terms and Conditions in RFP ............................................. 60
12.3 Form – 3: General Information about bidders ................................................................................. 61
12.4 Form – 4: Bidder’s Relevant Experience Certificate ........................................................................ 62
12.5 Form – 5: Particulars of key professionals ...................................................................................... 63
12.6 Form – 6: CV’s of key professionals ................................................................................................ 64
12.7 Form – 7: Power of Attorney for signing authorities ...................................................................... 65
12.8 Form – 8: Undertaking on being not black listed............................................................................ 66
Page 7 of 66
ABBREVIATIONS & DEFINITIONS
The laws and any other instruments having force of law in India as
Applicable Law
they may be issued and in force from time to time.
API Application Programming Interface
ASA Authentication Service Agency
AUA Authentication User Agency
The bidder’s representative/ officer vested (explicitly, implicitly, or

through conduct) with the powers to commit the authorizing
Authorized Signatory organization to a binding agreement. Also called signing officer/
authority having the Power of Attorney (PoA) from the competent
authority of the respective Bidding firm.
Broadband and Citizen Service Mission Society (under the purview

BCSMS of Information Technology Department, Government of Assam)
DITEC Directorate of Information Technology, Electronics and Communication
(DITEC)
A formal offer made in pursuance of an invitation by a procuring entity
Bid / eBid and includes any tender, proposal or quotation in electronic format.
A security provided to the procuring entity by a bidder for securing the

Bid Security fulfilment of any obligation in terms of the provisions of the bidding
documents.
Any person/ firm/ agency/ company/ contractor/ supplier/ vendor

Bidder / Agency / Firm /
participating in the procurement/ bidding process with the
Supplier
procurement entity.
Documents issued by the procuring entity, including any amendments

Bidding Document thereto, that set out the terms and conditions of the given
procurement and includes the invitation to bid.
BPR Business Process Re-engineering
ASDC Assam State Data Center
CA Chartered Accountant
CIDR Central Identities Data Repository
Committee Committee constituted by DITEC for evaluation of Technical
Page 8 of 66
Proposals
An authority or officer to whom the relevant administrative or

Competent Authority financial powers have been delegated for taking decision in a matter
relating to procurement Director, DITEC in this document.
Contract/ Procurement A contract entered into between the procuring entity and a successful
Contract bidder concerning the subject matter of procurement.
Price payable to the firm/company based on deliverable linked

Contract Price payment milestone.
Day A calandar day as per GoA.
EID Enrolment ID
Effective date The date on which the contract comes into force and effect
EMD Earnest Money Deposit
GCC General Conditions of Contract
GoA Government of Assam
GoI Government of India
HSM Hardware Security Module
ICT Information and Communications Technology
INR Indian Rupee
ISO International Organisation for Standardisation
IT Information Technology
KSA KYC Service Agency
KUA KYC User Agency
KYR / KYC Know Your Resident / Customer
LoI Letter of Intent
MeitY Ministry of Electronics & Information Technology, GoI.
Page 9 of 66
O&M Operation & Maintenance
Professional and Support staff provided by the firm/ company and

Personnel assigned to perform service to execute an assignment and any part
thereof.
Proposals submitted by bidders in response to the RFP issued by

Proposals
DITEC for selection of firm/company
RFP Request for Proposal
Work to be performed by the firm/ company pursuant to the selection

Services by DITEC and to the contract to be signed by the parties in pursuance
of any specific assignment awarded to them by DITEC.
SRS Software Requirements Specification
SRDH State Resident Data Hubs
SP Service Provider
TIN Tax Identification Number
TPA Third Party Auditor
UAT User Acceptance Testing
UID Unique ID
UIDAI Unique Identification Authority of India
WO/ PO Work Order/ Purchase Order
Page 10 of 66
This page is intentionally left blank.
Page 11 of 66
1. Invitation for Proposal
1. RFP Notice
a) DITEC, on behalf of Department of Information Technology, Government of Assam, invites

proposals for “Selection of Service Providers for Implementation and Maintenance of Aadhaar
Data Vault along with Assam Aadhaar Authentication Framework” at Assam State Data Center
with an intent to improve Public Service Delivery. DITEC intends to select a Service Provider
agency to provide necessary hardware, software and experienced resources to become
AUA/KUA for the State. The other departments of Government of Assam will be the Sub-AUA.
b) The requirement under this RFP is to provide an integrated software solution, hardware
required (with related AMC), encompassing Aadhaar Data Vault & Aadhaar based
Authentication services as required by various State government line departments to on-board
and integrate services of Aadhaar-enabled Citizen Centric Services under various government
schemes.
c) Any contract that may result from this public procurement competition will be issued for a
“Term” of six (06) months for implementation phase of the intended application (“Go Live”)
and thereafter followed by 18th months for support and maintenance.
d) DITEC reserves the right to extend the Term further for period of a maximum three (03) years
for support and maintenance on the same terms and conditions, if required. During the
extension(s) fee may be revised based upon mutual agreement acceptable to both the parties.
e) The RFP include the followings:
• Section 1 - Invitation for Proposals

• Section 2 – Project Profile & Background Information
• Section 3 - Eligibility Criteria
• Section 4 – About Assam Aadhaar Authentication Framework (AAAF)
• Section 5 - Scope of Work
• Section 6 – Project Deliverables-cum-Time Line for Payment Schedule
• Section 7 - Technical Bid (manpower specification)
• Section 8 – Bidding Process
• Section 9 – General Terms & Conditions
• Section 10 – Exit management
• Section 11 – Annexure: Technical Proposal
Page 12 of 66
f) Interested firms / companies may download the RFP document from the website
https://assamtenders.gov.in
g) DITEC reserves the right to reject any or all the Proposals in whole or part without
assigning any reasons.
2. Data Sheet
S. No Information Details
1. Tender Processing Fee INR 1000/- (Non-Refundable)
Earnest Money Deposit (EMD) INR 8,00,000/- (Refundable) submitted in form
3. of BG.
Last date and time for submission of Date : 13th July 2022
4.
pre-bid queries Time: 10 PM
Last date and time of Submission of Bid
Date: 29th July 2022
5.
Time: 3 PM
Time: 4 PM
6. Opening of Technical Bids

Time: 4 PM
Place, Time and Date of pre-bid meeting.
7.
https://meet.google.com/rfu-bdiz-wkk
Mobile No: +91-9957926630
Email ID: ditec-asm@gov.in

8. Contact details
The Director
Address at which proposal in response to
RFP notice is to be submitted through Directorate of Information Technology,
9.
online mode only. Electronics and Communications (DITEC),
Behind CM Block, Assam Secretariat,
Dispur, Guwahati-781006
e-Mail: ditec-asm@gov.in
Date of Presentation Will be informed in later stage.
11.
Page 13 of 66
Tender Processing Fee:
A non-refundable fee of Rs 1000/- (One Thousand) shall be made towards the cost of tender
processing fee through Internet Banking from State Bank of India (SBI) or any other banks listed
at SBMOPS on https://assamtenders.gov.in or NEFT/RTGS in case of offline payment from any
Bank.
Bid Security/Earnest Money Deposit
The bid document must be accompanied by the Earnest Money Deposit of Rs. 8,00,000.00
(Rupees Eight Lakh Only) through – i) Option 1- Internet Banking from State Bank of India (SBI) or
any other banks listed at SBMOPS on https://assamtenders.gov.in ii) Option 2- In case of non-
availability of Net Banking facility, Bidders may submit Tender Processing Fees and Bid Security
using NEFT/RTGS option from any Bank against system generated prefilled challan. iii) EMD
exemption is applicable for MSE Manufacturer participating as Bidder. iv) Detail process can be
found in the URL below:-
https://assamtenders.gov.in
2. Project Profile & Background Information
1. Introduction
2.1.1 Project Brief
The overall growth of information technology (IT) across India has resulted in creation of high-
quality employment and wealth creation – both localized as well as for the country. Government
of Assam (GoA) recognizes the strategic importance of Technology as a key catalyst for
development and hence, has continuously focused on constructive exploitation of the
opportunities within the ITsector.
As a first step towards developing a strong technology base in the state, the GoA had laid out
the following construct for itself:
Vision
“Using Information and Communication Technology (ICT) to empower the masses
through easier access to information, transforming governance for better service
delivery and, as avehicle, for economic development of the state.”
2.1.2 Project Vision
The project is expected to improve the service delivery mechanism for residents of state
especially the rural and under-privileged population.
DITEC proposes to formulate a roadmap to proceed with a strategy to define the most effective
mechanism to leverage Aadhaar in delivering services to the intended citizens. The State
proposesto have a centralized infrastructure to facilitate Aadhaar enablement of its’ citizen
centric departments and schemes in a holistic manner and to authenticate identity of residents
in the State through Aadhaar ID, for the purpose of processing resident benefits arising out
Page 14 of 66
of Government Welfare Schemes. The State Government also envisages in long term to setup a
single centralized platform which shall provide the citizen of Assam with a distinct digital
identity and unique profile to map all the services he/she is entitled for, tracking the benefit
disbursement against the same for better governance, enable provision of secure ‘Anytime,
anywhere’ access to Government services and to facilitate better planning and design of
Welfare schemes based on resident data.
This Centralized Digital Identity & Entitlement Platform is proposed to be developed around
Aadhaar and shall also account for state level citizen identity management, targeted profiling of
the services for identification of intended beneficiaries and social accounting for the services
delivered.The State Government would like to design and develop a robust service delivery
platform which shall be integrated with multiple service delivery channels like Physical Service
Delivery Centers, Web Portal, Mobile Platforms, Kiosks etc. in the frontend and various
department applications in the backend to enable seamless service delivery to the citizens.
2.1.3 Project Objectives
The primary objective of this project is to become Authentication User Agency (AUA) / e-KYC
user agency (KUA) for the state of Assam and to set up Aadhar Data Vault (ADV) at State Data
Centre.
2.1.4 Aadhaar Data Vault:
This project constitutes the creation of Assam Aadhaar Data Vault (AADV), which has to adhere
to the guidelines from UIDAI, Government of Assam. The guidelines for the Aadhaar Data Vault
to be created has been detailed in relevant paras in the Scope of Work section of this RFP,
however any additional guidelines released by UIDAI or Government of Assam in future
regarding the Aadhaar Data Vault and has to be incorporated from time to time and adhered
to by the SP in terms of rules and guidelines to be followed.
3. Pre-Qualification/ Eligibility Criteria
The Bidder is expected to submit the following supporting documents with respect to the below-
mentioned eligibility criteria together with the Technical Proposal:
1. Pre-Qualification Criteria
Only those Bidders who fulfill the following criteria are eligible to respond to the RFP. Offers received
from the Bidders who do not fulfill all or any of the following eligibility criteria will be rejected.
Page 15 of 66
SL Eligibility Criteria Documents Required
No
1. Consortium agreement with
Bid can be submitted by individual bidder or
clearly defined scope of work
consortium of bidders, wherein prime member of the
and power of attorney of the
consortium shall be the AUA/KUA application
consortium members.
developer. There shall not be more than two members
in the consortium including prime bidder.
2. The Sole/Prime Bidder should be an Indian registered i) Certificate(s) of Entity

company, incorporated under the Indian Companies Act incorporation
2013. Must be registered under GST. The Sole/Prime bidder ii. Valid Registration
should be in existence for at least three (3) years in India. Certificate on the date of
submission of bid
iii. GST registration
Certificate
iv. Copy of PAN
3. Sole/Lead Bidder should have average turnover of at Bidder need to certify the
least Rs. 10 Crores f r o m I T b u s i n e s s for last three same from a Chartered
years along with positive net worth. Both the Accountant (CA).
members of the consortium should have been
profitable in these 3 years.
4. Sole/Lead Bidder should be an Original Software Relevant document(s) must

Developer (OSD) for the Aadhaar e-KYC platform i.e., be submitted. Work order
AUA & KUA solution. and completion certificate
(both) from Govt/PSU
5. The Sole/Lead Bidder should have developed and Copy of work order/ copies of
implemented AUA / KUA platform for at least two the LoA/ order/ contract and
organizations and the same shall be in production (at least completion certificate from
Govt/PSU
one) at the time of bidding.
6. The Bidder should have prior experience in onboarding & Copy of work order/ copies of
Implementation for Aadhaar Enabled payment System the LoA/ order/ contract and
(AEPS) . Bidder’s AUA software should offer API’s for allowing completion certificate from
Govt/PSU.
external applications to integrate with Aadhaar Platform
using any development platform including but not
constrained to DOT NET, Java, PHP Platform and Android
Platform.
7. Bidder should have KYC platform supporting multiple Copy of work order/ copies of
biometric devices using common API over Standard the LoA/ order/ contract and
web browsers such as Mozilla Firefox, Internet Explorer, and completion certificate from
Govt/PSU.
Chrome etc.
Page 16 of 66
SL Eligibility Criteria Documents Required
No
8. All integration services should be latest version in time of Self-Declaration /
Implementation aadhaar based authentication API Certification on the entity’s
specification, aadhaar best finger detection api specification letterhead
aadhaar e-kyc specification, aadhaar OTP request API
specification, aadhaar mobile update api specification.
9. Bidder should not be black listed by any Department Self-Declaration /

regulator/UIDAI/Central Government / State Government/ Certification on the entity’s
PSU etc. in India. Bidder should not have a conflict of interest letterhead
in the assignment in question as specified in the bidding
document. Comply with the code of integrity as specified in
the bidding document.
10 The Sole/Lead bidder should provide 24x7 application Relevant document(s) must
support be submitted.
11 ISO Certification: ISO 9001:2015 (Valid) Relevant document(s)

must be submitted.
Technical Proposal of only bidders will be evaluated who qualify in Pre-qualification criteria.
2. General Instruction of Bidding Process

a) This invitation for bids is open to all Indian firms who fulfil pre-qualification criteria as
specifiedin the RFP.
b) Breach of general or specific instructions for bidding, general and special conditions of
contract with GoA or any of its user organizations during the past 3 years may make a firm
ineligible to participate in bidding process.
c) Any specific Company can submit only one bid, and a single company submitting more than
one bid shall be disqualified.
d) Terms and conditions of e-procurement tendering process is mandatory to all the bidders.
4. About Assam Aadhar Authentication Framework (AAAF)
1. Module of AAAF
The AAAF application consists of following modules-

✓ Data Management
✓ User Access Management
✓ KYR Search
✓ Authenticate Services
✓ E-KYC validation
✓ MIS reports and Dashboard
Page 17 of 66
i) Data Management
Data management is the development and execution of architectures, policies, practices

and procedures in order to manage the information lifecycle needs of an enterprise in an
effectivemanner.
Bidder will do effective data management of various citizen databases. The Data
management is broadly categorized in two parts
✓ SRDH data Management (Data Received from the CIDR database)
✓ Management of beneficiary data which are integrated with the SRDH from the
various departments of Assam.
ii) User Access Management
To use the proposed SRDH application the admin user needs to create Department wise
userlogin ID for verification and validation. The features of the user management module
are listedas below:
✓ Log in Id creation
✓ Change Password
✓ Forgot Password
✓ Role Based Menu access
iii) KYR Search
The portal allows the user following search options to know the KYR information of the
beneficiary. To use the KYR search the user need to log in to the SRDH portal and select
the type of search.
✓ Simple Search
✓ Advance Search
iv) Authenticate Services
System supports the following authentication types:

✓ Biometric Matching
o Finger Print Authentication
o IRIS Authentication
✓ Demographic Matching
✓ One-Time-PIN (OTP)
v) E-KYC validation
KYC (Know Your Customer) establishes the identity of the resident, their address, and
other basic information such as their date of birth and gender. Typically, this KYC
information is combined with other information at the point of service delivery to
determine eligibility.
vi) Web Service Integration
The existing applications running in various state departments are integrated with the
Page 18 of 66
SRDH application through various web services. This helps the department users to
perform the search operation in the existing application itself without log in to the SRDH
application.
vii) Aadhaar seeding
Aadhaar seeding is a process by which UID id is attached to the database of beneficiaries.

As aresult, the database of beneficiary gets verified with the Aadhaar details. This also help
state department to auto update the Aadhaar data in the beneficiary database.
Seeding of UID number in the beneficiary database serves to uniquely identify its
beneficiaries. When each of the beneficiaries is uniquely identified, the database of
beneficiaries can be clean set of:
✓ All beneficiaries who are non-existent (as non-existing persons cannot get UID)
✓ Duplicate beneficiaries entry, who are claiming benefit more than once
✓ Beneficiaries who are claiming benefits in the name of others
Seeding can be categorized in following categories.

✓ Inorganic seeding
✓ Organic seeding
✓ Self-Seeding
viii) MIS reports and Dashboard

Several dashboards are designed for easy access to different analytical reports and other
defined operations.
ix) Other Services
Apart from the above mentioned modules, bidder will also support departments in
seeding process during the period of tenure. Bidder will also propose and implement
enhancement like e-payment facility, supporting Unicode, implementation of Mobile
enabled services, self-seeding facility etc. in consultation with the department.
5. Scope of Work
The detailed scope of work is described below, and the bidder should go through all the
requirements in details. Bidder should propose a complete solution for implementation of
AUA/KUA including necessary hardware, software, connectivity and Operation and Maintenance
for 24 months after go live of the project. DITEC reserves the right to change the scope of RFP
considering the DITEC’s requirements.
5.1 Detailed Scope of Work
1. The Bidder should Supply required Hardware and develop Software (OS, DB,
Page 19 of 66
Application) with required licenses, install & deploy the solution in line with the UIDAI
guidelines in State Data Centre, Assam, integrate with ASA partner (NPCI) and test (unit test,
system test, performance and security test) the solution as per the timeline specified by the
DITEC.
2. The Bidder should provide AUA/KUA Infrastructure which include Hardware and
Software. The Bidder should provide ready to use Web and Mobile based Authentication
(including Bulk Demographic Authentication) and e-KYC platform with User Management
allowing AUA/KUA to avail Aadhaar Services at ease.
3. The Bidder should provide and manage a dynamic Aadhaar Data Vault solution
along with the AUA / KUA platform including Sub AUA/KUA platform.
4. The Bidder should conduct end-to-end testing of the application for the required
pre-production test transactions and submit the test results in line with UIDAI requirements,
Audit compliance check-list as specified to UIDAI. On confirmation from UIDAI and receipt
of production credentials, the Bidder should make necessary changes as proposed by UIDAI
to perform transactions on the production environment and confirm “Go Live”.
5. Bidder is responsible for all API integration of ASA, Sub-AUA with AUA/KUA as and
when required.
6. The Bidder should ensure the complete solution (Hardware/ Software/ Network
Connectivity) is secured and should get the solution certified by third party i.e. CERT-IN,
STQC Certified auditors/UIDAI approved auditors.
7. The Bidder should onboard other departments of GoA as Sub-AUA (Subject to
approval from UIDAI) and install required software/hardware set up at its Sub AUA location
as and when required.
8. The Bidder should comply with UIDAI and ASA/KSA guidelines for entire proposed
solution as per the needs specified by UIDAI/NPCI.
9. The Bidder should provide Billing and Administrative Module for all Sub-AUA’s
/KUA’s.
10. The Bidder should provide necessary sample application in all OS platforms to Sub
AUA’s/KUA.
11. The Bidder should onboard DITEC and its Sub-AUA onto AEPS.
12. The Bidder should provide Fraud Monitoring Mechanism as per UIDAI guidelines.
13. Bidder shall provide their expertise in delivering the various solutions. These shall
include but not limited to the following:
Page 20 of 66
13.1 Aadhaar based authentication for any financial / non-financial transactions
that require authentication.
13.2 For any other purpose that may relate to Aadhaar enabled service delivery.
14. The Bidder should procure all necessary equipment for implementing the project.
15. The Bidder should provide regular updates/ upgrades to ensure the client
application is ready whenever UIDAI publishes new version of the Aadhaar platform.
16. The Bidder should enter into Annual Maintenance Contract (AMC) with DITEC for a
period of two years and shall be responsible for timely troubleshooting, updates, patches,
upgrades and bug-fixes including additional customization/upgradation, configuration &
integration requirements as per the directions of UIDAI during the contract.
17. The bidder shall deploy necessary skilled manpower on site during implementation as
well as Operation and Maintenance phase of the proposed solution.
18. Training shall be imparted to the DITEC technical team regarding the use of
developed solution.
5.2 Technical Specification:
Bidder should provide the following hardware with the specification as mentioned
below:
5.2.1 Compute Node, Qnty – 2 nos.
Description of Quoted
Sl. No. Description Product (to be filled by Cross Reference
bidder)
Physical Cores- minimum 2 x 24 Cores
1. 1(2nd/3rd Generation Intel Xeon Scalable/AMD
EPYC processor minimum 2.0 GHz speed).
RAM - minimum 512GB (DDR4) (each RAM
2. 2
module should be of minimum 16 GB).
SSD for operating system –
3. 3
2x480 GB NVMe SSD for booting
Network Interface per physical Server-
i) Dual port 25 Gig Ethernet Card populated
with 2 nos. of 25GbE SFP28 Multimode
transceivers and
4. 4ii) Dual port 32Gbps FC Card populated with
32Gbps transceivers
iii) 4 nos. of Multimode Patch Cords of
minimum 3m length
iv) 1 no. of 1GbE dedicated management
Page 21 of 66
bidder)
interface. (Direct Attached Cables should not
be proposed to meet the transceiver
requirement).
Server solution should have interface for

5. 5keyboard, mouse, monitor – minimum 1x VGA
& 2x USB
Power supply and fans- Proposed solution
should have hot swappable redundant power
6. 7
supply and fans to meet 100% workload with
proposed components.
Should be supplied with-
i) virtualization and cloud software
ii) required operating system software
7. 8(Windows/Linux)
iii) required database software
iv) host based security software required for
virtual/host/guest machines.
8. 1Management – Out of Band Management with
0IPMI license/feature ready.
OEM Support for 2 (two) years with advance
hardware replacement warranty for all
proposed components, sub-components
9. 1
(including SSD), for entire warranty period.
1
OEM support for 2 (two) years for proposed
cloud, virtualization, security software,
operating system, database software etc.
10. 1OEM should have service facility available at
2Guwahati
11. 1
TAC Support in India for last 5 years
3
12. 1Spare warehouse should be available in
4Assam.
Spare parts to be made available by OEM
13. 1
within 7 business days from the date of call
5
log.
14. 1Product should not be end of support by next
65 years.
15. 1
19" rack mountable with rail kit
7
Page 22 of 66
bidder)
Unpriced, complete and correct Bill of Material
to be submitted along with the bid,
16. 1mentioning part codes of line items (hardware
9and proposed software), without which Bid
will be rejected. No clarification/correction will
be sought post submission of bid.
5.2.2 Storage Node, Qnty – 2 nos.

Cross
Sl. No. Description Product (to be filled by
Reference
bidder)
Physical Cores- minimum 2 x 16 Cores (2nd/3rd
1. 1Generation Intel Xeon Scalable/AMD EPYC
processor minimum 2.0 GHz speed).
RAM - minimum 256GB (DDR4) (each RAM module
2. 2
should be of minimum 16 GB).
SSD for operating system – 2x480 GB NVMe SSD
3. 3for booting.
SSD for Storage- 10TB offered with RAID 6
Network Interface per physical Server-
i) Dual port 25 Gig Ethernet Card populated with 2
nos. of 25GbE SFP28 Multimode transceivers and
ii) Dual port 32Gbps FC Card populated with
32Gbps transceivers
4. 4
iii) 4 nos. of Multimode Patch Cords of minimum
3m length
iv) 1 no. of 1GbE dedicated management interface.
(Direct Attached Cables should not be proposed to
meet the transceiver requirement).
Server solution should have interface for keyboard,
5. 5
mouse, monitor – minimum 1x VGA & 2x USB
Power supply and fans- Proposed solution should
have hot swappable redundant power supply and
6. 7
fans to meet 100% workload with proposed
components.
Should be supplied with-
i) virtualization and cloud software (if required)
ii) required operating system software
7. 8(Windows/Linux)
iii) required storage and backup software
iv) host based security software required for
virtual/host/guest machines.
Page 23 of 66
Cross
Sl. No. Description Product (to be filled by
Reference
bidder)
8. 1Management – Out of Band Management with
0IPMI license/feature ready.
OEM Support for 2 (two) years with advance
hardware replacement warranty for all proposed
components, sub-components (including SSD), for
9. 1
entire warranty period.
1
OEM support for 2 (two) years for proposed
storage, backup, security software, operating
system etc.
10. 1OEM should have service facility available at
2Guwahati
11. 1
TAC Support in India for last 5 years
3
12. 1
Spare warehouse should be available in Assam.
4
13. 1Spare parts to be made available by OEM within 7
5business days from the date of call log.
14. 1Product should not be end of support by next 5

6years.
15. 1
19" rack mountable with rail kit
7
Unpriced, complete and correct Bill of Material to
be submitted along with the bid, mentioning part
16. 1codes of line items (hardware and proposed
9software), without which Bid will be rejected. No
clarification/correction will be sought post
submission of bid.
5.2.3 HSM Device, Qnty – 1 no.
Sl. Description of Quoted

Minimum Specification Cross
No. Product (to be filled by
Reference
bidder)
Generic Requirements
1 The required HSM must be rack mountable and rack

mount kit and other required accessories must be
supplied along.
Page 24 of 66
Reference
bidder)
HSM and all the components thereof must have
2
provision for redundant/dual power supply
Should comply to standards FIPS 140-2 Level 3
3
4 Key Exchange Symmetric Algorithm: AES, Triple DES
(No separate license of Algorithms to be charged)
Support for PKCS#11, CAPI, OpenSSL, JCE/JCA or
5
equivalent, Rest API
6 Support for Hash Message Digest HMAC, SHA1
SHA2, SHA-3, SM2, SM3, SM4 etc.
Support for various cryptographic algorithms from
7
day 1:
Asymmetric Key RSA (1024-4096 bits), DSA, DH,
ECDSA, ECDH, ECC, KCDSA etc.
Symmetric: AES, AES-GCM, Triple DES, DES, ARIA,
SEED, RC2, RC4, RC5, CAST, etc.
8 provide REST based APIs for encryption and
decryption of data
9 Keys must be stored and protected in Crypto
memory of hardware within FIPS boundary of
HSM
Onboard key generation, signing inside the HSM
10
11 HSM should be scalable to support more signatures
per second i.e. usable in cluster mode
Appliance shall be network (TCP / IP) based appliance
12 and must work as cluster
13 Support for multi factor authentication (Remote and
Local)
14 The HSM Device quoted should be compatible with
all the Class-II & Class-III DSC (Digital Signature
Certificate) issued from all the Indian CAs (Certified
Authorities).
Synchronization of keys between HSMs on real-
15
time basis
Storing of event-based audit logs and standard
16
mechanisms for viewing logs
17 Should comply with the UIDAI Security Standards
and guidelines
Should integrate with UIDAI Proposed
18 Authentication Services and AADHAAR Data Vault
Applications
Should support
Operating System -Windows/Linux
19 Virtualization – VMware/Hyper-V/Xen/KVM
Key Derivation feature
20
Page 25 of 66
Reference
bidder)
Key Wrapping feature
21
Random Number Generation: designed to comply
22 with AIS 20/31 to DRG.4 using HW based true noise
source alongside NIST 800-90A compliant CTR-
DRBG
23 Digital Wallet Encryption: BIP32
24 5G Cryptographic Mechanisms for Subscriber
Authentication: Milenage, Tuak, and COMP128
25 Security Considerations
• FIPS 140-2 Level 3 – Password and Multi-Factor
(PED)
• Common Criteria EAL4+ (AVA_VAN.5 and
ALC_FLR.2) against the Protection Profile EN 419
221-5
• Qualified Signature or Seal Creation Device (QSCD)
listing for eIDAS compliance
• Common Criteria Scheme Host Interface
• 2 x 10G fiber network connectivity and 2 x 1Gbps
ethernet ports
• IPv4 and IPv6
26 Safety & Environmental Compliance
• UL, CSA, CE
• FCC, CE, VCCI
• RoHS
• India BIS IS 13252 (Part 1)/IEC 60950-1
27 • Dual hot-swap power supplies
• Field-serviceable components
28 2 years OEM advance hardware replacement
warranty.
2 years support, subscription/license (in any)
5.2.4 Server Load Balancer with Web Application Firewall, Qnty – 1 no.
Cross
Sl. No Minimum Specification Product (to be filled by
Reference
bidder)
1 OEM should have TAC in INDIA.
Traffic Ports supported: 4 x 1G RJ45 and 2 X
10G SFP+ port with 10G multimode
transceivers.
2 Device L7 Throughput: 1Gbps
Layer 4 connections per second: 100K CPS
Layer 7 connections per second: 100K CPS
Layer 4 concurrent connections: 1 Million
Page 26 of 66
Cross
Sl. No Minimum Specification Product (to be filled by
Reference
bidder)
The proposed Appliance should be equipped
with multicore CPU, 16GB of Memory, Storage
3
of 200GB SSD and Dual Power Supply from Day
1.
The proposed
appliance should support the below metrics:
— Minimum Misses,
— Hash,
— Persistent Hash,
4 — Weighted Hash,
— Least Connections,
— Least Connections Per Service,
— Round-Robin,
— Response Time,
— Bandwidth, etc
Following Server Load Balancing Topologies

should be supported:
• Client Network Address Translation (Proxy IP)
• Mapping Ports
5 • Direct Server Return
• Direct Access Mode
• Assigning Multiple IP Addresses
• Immediate and Delayed Binding
The proposed device should support 5 Virtual

Instance from Day 1
The Proposed Appliance should support
6
Standalone as well as Virtualized Mode (Bidder
may be asked to demonstrate this feature
during Technical Evaluation).
The proposed device should support standard
7
VRRP/equivalent
Device should be accessed through the below:
• Using the CLI
8 • Using SNMP
• REST API
• Using the Web Based Management
The proposed appliance should have ICSA
9 certified WAF functionality covering all the
OWASP Top 10 attack categories
2 years OEM advance hardware replacement
10 warranty.
2 years support, subscription/license (in any)
Page 27 of 66
5.2. 5 Next Generation Firewall, Qnty – 1 no.
Cross
Sl. No. Minimum Specification Product (to be filled by
Reference
bidder)
Requirements
Should be listed in the top quadrant of the
Security Value Map (SVM) of last published NSS
1 Labs report for Next Generation Firewall (NGFW)
ICSA, Common Criteria certified models should
2 be quoted
Multi-core CPUs to protect & scale against
3 dynamic latest security threats.
4 16 GB Memory (DRAM) from day one.
Proposed NGFW appliance must have minimum
internal storage of minimum 120 GB for storing
5 event logs.
4 x 1G RJ45/SFP(loaded with multimode
transceivers) and 4 X 10G SFP+ port with 10G
6 multimode transceivers
Dedicated Management and Console Interfaces
(RJ45) in addition to requested data interfaces
7 from day 1
Threat prevention throughput minimum 1 Gbps in
real world /production environment with
Application control, IPS, antivirus, Zeroday
8 protection.
9 Minimum IPsec VPN throughput – 1 Gbps
Minimum client agent tunnels (SSL, IPSec, and
IKE V1 & V2 supported with XAUTH) – 500 from
10 day 1
Proposed appliance should support Minimum
11 New sessions per second –10000
Proposed appliance should support Minimum
12 Concurrent Connections – 100,000
Should support Active/Active and Active/Passive
13 from day one
The proposed firewall shall support Dual Stack
IPv4 / IPv6 application control and threat
14 inspection support in:
15 - Tap Mode
16 - Transparent mode (IPS Mode)
17 - Layer 2
18 - Layer 3
19 - Should be able operate mix of multiple modes
Page 28 of 66
Cross
Reference
bidder)
Threat Protection Feature
Should support protocol decoder-based analysis
stateful decodes the protocol and then intelligently
applies signatures to detect network and
20 application exploits
Intrusion prevention signatures should be built
based on the vulnerability itself; A single signature
should stop multiple exploits attempts on a
21 known system or application vulnerability.
Should block known network and application-
22 layer vulnerability exploits
The proposed firewall shall perform content-based
signature matching beyond the traditional hash
23 base signatures
The proposed firewall shall have on box Anti-
Virus/Malware, Anti Spyware signatures and
should have minimum signatures update window
24 of everyone hour
All the protection signatures should be created by
vendor based on their threat intelligence and
25 should not use any 3rd party IPS or AV engines.
Should be able to perform Anti-virus scans

27
Should support DNS traps or equivalent for
malicious DNS request from inside hosts to
outside bad domains and should be able to
integrate and query third party external threat
intelligence databases to block or sinkhole bad IP
28 address, Domain and URLs
Should be able to call 3rd party threat intelligence

data on malicious IPs, URLs and Domains to the
same firewall policy to block those malicious
attributes and list should get updated dynamically
29 with latest data
Vendor should automatically push dynamic block
list with latest threat intelligence database on
malicious IPs, URLs and Domains to the firewall
30 policy as an additional protection service
Solution must prevent sensitive information such
as credit card or social security numbers from
leaving a protected network from day one. It
should also allows administrator to filter on key
words, such as a sensitive project name or the
31 word confidential.
Page 29 of 66
Cross
Reference
bidder)
34 Automatically identify and block phishing sites

Prevent users from submitting credentials to
35 phishing sites
36 Prevent the use of stolen credential
Advanced Persistent Threat (APT) Protection
This APT Protection solution should have
37 unknown malware analysis service.
Advanced unknown malware analysis engine
should be capable of machine learning with static
analysis and dynamic analysis engine with
custom-built virtual hypervisor analysis
38 environment
Advance unknown malware analysis engine with
real hardware, detecting VM-aware malware to
detect and protect from virtual sandbox evading
39 advance unknown malware
Solution should detonate evasive threats in a real
hardware environment, entirely removing an
adversary’s ability to deploy anti-VM analysis
40 techniques
Solution should extracts key features from the
content and evaluates it against a model to
41 determine its maliciousness.
Cloud based unknown malware analysis service
should be certified with SOC2 or any other Data
privacy compliance certification for customer data
privacy protection which is uploaded to unknown
42 threat emulation and analysis
Cloud base unknown malware analysis service
should be able to perform dynamic threat analysis
on such as EXEs, DLLs, ZIP files, PDF documents,
Office Documents, Java, Android APKs, Adobe
Flash applets, Web pages that include high-risk
embedded content like JavaScript, Adobe Flash
43 files and DMG file types
Should support Fileless attack/script detection to
identify potentially malicious scripts, such as
44 JScript and PowerShell.
Should support Machine learning based
capabilities which extracts thousands of unique
features from each file, training a predictive
machine-learning model to identify new malware,
which is not possible with static or dynamic
45 analysis alone.
Page 30 of 66
Cross
Reference
bidder)
Should be able to block unknown malicious
46 executables and PowerShell attacks.
Solution must have the ability to automatically
analyze advanced threats in real hardware
47 systems.
Advance unknown malware analysis engine
should be able to create automated high-fidelity
signature for command and control connections
and spyware to inspect command and control http
payload to create one to many payload base
signatures protection from multiple unknown
spyware and command and control channels
48 using single content based signature
The protection signatures created for unknown
malware emulation should be payload or content
based signatures that could block multiple
unknown malware that use different hash but the
49 same malicious payload.
50 SSL/SSH Decryption
The proposed firewall shall be able to identify,
decrypt and evaluate SSL traffic in an outbound
51 connection (forward-proxy)
decrypt and evaluate SSL traffic in an inbound
52 connection
decrypt and evaluate SSH Tunnel traffic in an
53 inbound and outbound connections
The NGFW shall support the ability to have a SSL
inspection policy differentiate between personal
SSL connections i.e. banking, shopping, health and
54 non-personal traffic
SSL decryption must be supported on any port
used for SSL i.e. SSL decryption must be
55 supported on non-standard SSL port as well
56 The NGFW shall support TLS version 1.3
Network Address Translation
The proposed firewall must be able to operate in
57 routing/NAT mode
The proposed firewall must be able to support
58 Network Address Translation (NAT)
The proposed firewall must be able to support
59 Port Address Translation (PAT)
The proposed firewall shall support Dual Stack
60 IPv4 / IPv6 (NAT64, NPTv6)
Page 31 of 66
Cross
Reference
bidder)
Should support Dynamic IP reservation, tunable
61 dynamic IP and port over subscription
IPv6 Support
63 L2, L3, Tap and Transparent mode
Should support on firewall policy with User and
64 Applications
65 Should support SSL decryption on IPv6
Should support SLAAC Stateless Address Auto
66 configuration
Routing and Multicast support
The proposed firewall must support the following
67 routing protocols:
- Static
- RIP V1/V2
- OSPFv2/v3 with graceful restart
- BGP v4 with graceful restart
68 Policy-based forwarding
69 PIM-SM, PIM-SSM, IGMP v1, v2, and v3
70 Bidirectional Forwarding Detection (BFD)
Authentication
should support the following authentication
71 protocols:
- LDAP
- Radius (vendor specific attributes)
- Token-based solutions (i.e. Secure-ID)
- Kerberos
The proposed firewall’s SSL VPN shall support
72 the following authentication protocols
- LDAP
- Radius
- Token-based solutions (i.e. Secure-ID)
- Kerberos
- SAML
- Any combination of the above
Monitoring, Management and Reporting
Should support on device or centralized
management with complete feature parity on
73 firewall administration
Page 32 of 66
Cross
Reference
bidder)
Should have real time logging based on all Traffic,
Threats, User IDs, URL filtering, Data filtering,
Content filtering, unknown malware analysis,
Authentication, Tunneled Traffic and correlated
74 log view base on other logging activities
Should support the report generation on a manual
75 or schedule (Daily, Weekly, Monthly, etc.) basis
Should allow the report to be exported into
another format such as PDF, HTML, CSV, XML
76 etc.
Should have built in report templates based on
77 Applications, Users, Threats, Traffic and URLs
Should be able to create reports based on user
78 activity
Should be able to create custom report based on
79 custom query base any logging attributes
On device management service should be able to
provide all the mentioned features in case of
80 central management server failure.
Original Manufacturer Authorization Certificate to
81 be submitted along with the bid
2 Years support bundle including parts with
24x7x365 days TAC support, RMA, software
82 updates and subscription update support.
The NGFW should be proposed with 2-year
subscription licenses for NGFW, NGIPS, SSL VPN,
Anti-Virus, Anti Malware, Anti Spyware, Zero
83 Day Protection
5.2.6 Router, Qnty – 1 no.
Sl. Cross
Minimum Specification Product (to be filled by
No. Reference
bidder)
4 nos. of Gigabit Ethernet (10 / 100 / 1000 Base-
1 T) Interface Ports
2 nos. of SFP ports populated with single mode
2 transceivers
3 200 Mbps packet forwarding throughput
4 Should have Redundant Power Supply
Static routes, RIPv1 and RIPv2, BGP, OSPF, IS-IS,
5 IGMv3, MPLS from day 1.
SNMP, Remote Monitoring (RMON), syslog, IP
6 Flow Information Export
Page 33 of 66
QOS: support Class-Based Weighted Fair
Queuing (CBWFQ WRED Hierarchical QoS for
Traffic Management inspections QoS
7 classification with TCP Application traffic.)
IPv6 Ready3. IPv6: OSPFv3 and static routers
ipv6 Routing IPv6 Multicast IPv6 QoS IPv6 VPN
8 over MPLS
9 Firmware should have security certification
2 years advance hardware replacement OEM
10 Warranty
5.2.7: Server Switch
Sl. Cross
Minimum Specification Product (to be filled by
No. Reference
bidder)
16 nos. 25Gbps ports (fully loaded with 25Gbps
multimode transceivers)
4x10Gbps ports (fully loaded with 10Gbps
1 multimode transceivers)
8GB RAM,
2 32MB buffer
3 Wire rate packet forwarding throughput
4 Should have Redundant Power Supply
Static routes, RIPv1 and RIPv2, BGP, OSPF, IS-IS,
5 IGMv3
SNMP, syslog
6
QOS: support Class-Based Weighted Fair
Queuing (CBWFQ WRED Hierarchical QoS for
Traffic Management inspections QoS
7 classification with TCP Application traffic.)
IPv6 Ready IPv6: OSPFv3 and static routers ipv6
Routing, IPv6 Multicast, IPv6 QoS, IPv6 VPN over
8 MPLS
9 Firmware should have security certification
2 years advance hardware replacement OEM
10 Warranty
5.2.8 Connectivity
10 Mbps Leased Line/MPLS VPN Link to established between Assam State Data Center, Dispur, Guwahati, PIN-781006
and NPCI Data Centre, Hyderabad for 2 (two) years.
Page 34 of 66
5.2.9 Application Software Solution for AUA/KUA, ADV
Sl. Bidder’s proposed solution

Business / Functional Requirements
No.
Generic Requirements
Upon successful service delivery by the Authentication/e-KYC

1 module, the system should allow processing and forwarding of
authentication requests in the format accepted by UIDAI
(presently XML) between AUA application, ASA & CIDR and vice
versa within reasonable round-trip time mandated by UIDAI.
All communication passing through AUA/KUA to ASA/KSA must be
2
secure and encrypted as per UIDAI standards.
The authentication application platform must be forward

3
compatible with any service and security standards proposed by
UIDAI.
4 Specific fields in the authentication transaction must be captured.
The system should be in compliance with UIDAI specifications

5
and standards published from time to time.
All requests and responses should be logged. The logs shall

6 capture details of authentication transaction but not
corresponding Personal Identity Information (PID).
The system should maintain a log and report for all transactions for
7
audit purpose. Reporting of this module shall be integrated with
the Dashboard Module.
8 The system, if required, should append the license key along with
the request.
In case one ASA is down, the system should have the capabilities
to reroute the request via other alternate ASAs. There must be
9 provision for digitally signing the Auth XML requests on behalf of
AUA. The Auth XML should append the AUA code along with the
request. The Auth XML should be sent to ASA over the secured
network. For the response that is received from ASA, should be
forwarded to specific AUA/sub AUA from where the request
originated.
The Aadhaar authentication should carry out the following
10 Aadhaar Demographic Authentication:
The system should route all demographic authentication
requests i.e. requests with an aim to authenticate
resident’s details like Name,
Address, DOB, etc. are authenticated from the UIDAI’s
CIDR
Page 35 of 66
No.

Aadhaar Biometric Authentication:
11 • `The system should route all biometric authentication
requests from registered departmental applications
(AUAs or Sub-AUAs) to CIDR and back;
• The system should implement Authentication API
• The system should authenticate residents’ fingerprint and
iris
Aadhaar OTP Authentication:
12 • The system should route all OTP authentication
requests from registered departmental applications
(Sub-AUAs) to CIDR and back
• The system should implement OTP Authentication API
• The system should authenticate residents with registered
mobile numbers.
13 The system should handle Authentication API errors correctly.
14 The solution should have interface to search and filter the

data of the Report.
The authentication module should support in establishing SSL
15
connection between the communication systems.
The Solution should provide for future scalability of the whole

16
system without major architectural changes.
17 Should support Web Interface.
The solution should be highly scalable and capable of delivering

18 high performance as & when transaction volumes / users
increases without compromising on the response time.
The application software platform for Aadhaar based

Authentication and e-KYC services should be compatible with all
19 the standard operating systems such as Windows, Linux, UNIX,
etc. Major Software for ASA/KSA and AUA/KUA along with any
auxiliary components such as Web Server, Application Server,
Gateway Server, Load Balancer, etc must also be compatible /
smoothly work with Windows, Linux, UNIX, etc.
The solution shall run on native browser with additional plug-ins
20
that should be freely downloadable and should support at the
minimum IE, Firefox Mozilla etc.
User Interface should require only standards compliant browsers
21
with standard support for JavaScript and HTML.
Page 36 of 66
No.
The solution will initially be required to cover a range of process

22 modules mentioned in the RFP, but it should allow addition of
more modules or more users in any module as and when
required.
23 Should not require opening of any special protocols for connecting
the user client to
the web/ application server. All communication should be on
secured HTTPS and SFTP.
24 The solution shall be supported on client with mobile based
platform
The Application Platform must be compatible / interoperable with
25 proposed Hardware Security Module (HSM) Devices. Integration
between HSM API and ASA/AUA/KSA/KUA application must be
carried out free of cost.
It should be possible to integrate/call/plug-in the
26
ASA/AUA/KSA/KUA application as a module with other web-
based/GUI-based applications.
The web-based application should comply with Guidelines for
27
Indian Government Websites (GIGW), W3C and WCAG 2.0 Level A.
The e-Sign software suite should comprise of the e-Sign Service

Provider (ESP), Application Service Provider (ASP) and the
28 Certifying Authority (CA) software modules. The Bidder should
be a Original Software Developer (OSD) for the Aadhaar ESP and
ASP modules and can offer the Certifying Authority (CA) module
in conjunction with a reliable and time tested CA suit vendor
Reports & Additional Requirements
The Solution should be capable of sending alerts/SMS/email to

1
predefine designated officers in the event of crossing predefined
conditions.
The Solution should have Ability to generate reports at
• real time / online basis
• in background (when evaluation is time-consuming)
2 • via batch processing
• specific date
• regular time interval
• any other specific business condition
Ability to maintain audit trail of changes such as the time of
3
change, the user ID, old and new value with field description.
Page 37 of 66
No.
Ability to support the following functions:

• Portability
• Interoperability
4 • Scalability
• High Performance
• Serviceability
• Manageability
• Flexibility
All sensitive data (such as passwords, Aadhaar Data, DITEC
5 account numbers, etc) shall have to be stored in encrypted
format. The system should protect the integrity and authenticity
of the data.
The solution must allow users to trace the history of a data. It
6
should also be able to trace where a data entity currently is placed
in the system.
UIDAI/CIDR over a period of time may alter the metadata including
7
the number of fields, data type etc. The system should be able to
handle such situations
The system should have provision for the user to submit the data
8 through an easy-to-use interface like GUI, Web-Service, etc. as
appropriate for the data exchange modes.
The system should be able to support all standard file formats

10
including but not limited to CVS, XML, XLS, Delimited File, rar,
zip, 7z, jpg, jpeg etc.
The solution should support bulk loading of data and inbuilt
11
capability of data integration in near real time batch modes.
The system should be able to match each record with the entire
12
CIDR data through fuzzy logics to arrive at strict and lose matches.
The system should also be able to make the match on various

13
attributes including but not limited to name, date of birth,
father’s name, parsed address etc.
The module should also ensure storage of any such data/logs
14 which shall be required by Government, DITEC, UIDAI and
KSA/ASA. These logs shall support in creation of the compliance
reports required by audit agencies.
The system should be able to use the parsed data intelligently
for the matching to take place. All possible permutations and
combinations should be applied to arrive at the most probable
15
match. The cutoff score should be definable for the 1:1 match (1
record of department matched with 1 record of CIDR) and the
1:N match (1 record of department matched with N records of
CIDR). All the parameters should be configurable.
Page 38 of 66
No.
The System shall have the capability of sharing data through

16
common file sharing mechanism including FTP, Web-Service, etc.
Special Requirements
The solution must have provision to sign and encrypt the

1
authentication/e-KYC requests through digital signature certificate
in High Availability mode.
2 All requests and responses should be logged.
The system shall maintain audit logs for all authentication, e-

KYC, BFD related transactions by capturing desirable details of
3 the transaction including Aadhaar number, date, time, IP, Sub-
AUA code, Key, etc. AUA shall log all its authentication
transactions and maintain them for at least 6 months’ time
period. The logs shall capture details of authentication
transaction but not corresponding Personal Identity Information
(PID).
The system should ensure that the authentication request
4 originating at an authentication device is compliant with the
standards and specifications prescribed by UIDAI and complete.
The System should also be able to conduct Buffered

5 Authentication (At places of poor network connectivity,
authentication request may be “buffered” (or queued) on the
device until a configurable period of time (presently 24 hours)
then sent to CIDR for authentication when connectivity is
restored / available)
The system should be able to accept the e-KYC requests from
KUA/sub KUA. System should be able to route the e-KYC request
to KSA. The response from CIDR has to be forwarded to the
KUA/sub KUA. (This may include the e-KYC information or the
6 error code.). The same has to be given back to the sub
organization in a secured manner. The application should validate
the e-KYC request coming from KUA/Sub KUA and should digitally
sign the packet. The system should decrypt the KYC details
provided by CIDR and shall forward the KYC details including his
name, address, photograph DoB, etc. to the clients in a secured
manner. The system should have error handling facility.
The Software solution must be compatible/inter-operable with
7 various STQC Certified PoS (Point of Sale)/Wall-mount devices
used for Fingerprint/IRIS scanning. Respective API to integrate
these devices with software must be made available for fast
implementation.
Compliance of the security guidelines issued from time to time by
8 Department of Telecommunications (DoT), government of India
and UIDAI. Tenderer would be required to fulfill the all
Page 39 of 66
No.
requirement of DOT & UIDAI in this respect.
9 Any other requirement to integrate with existing system of

Customer for ASA and AUA services
10 To provide required support to end customers for ASA and AUA
services as per SLA
5.3 Third Party Audit:
Selected bidder shall be responsible to get the software/application security audited by

CERT-In empaneled auditor before deployment. The cost of such audit shall be borne by the
agency.
5.4 Roles and Responsibilities of DITEC and its authorized agency(s):

1. Evaluate and approve effort/ time estimates provided by the deployed team for development
and deployment of application/ software module/ documents etc.
2. Arrange suitable working environment (Seating arrangement with internet connectivity only)
at DITEC building to the team for to be deployed by the agency. However, selected agency
must arrange their own laptops (Operating System,antivirus solution, Microsoft Office suite
etc), data card etc. with each resource.
3. Provide Sign-off / acceptance of various project deliverables submitted by the

d e p l o y e d resources.
4. Conduct project review meetings with the deployed team and monitor the implementation
andoverall progress of the application development activity on weekly basis.
5. Provide direction to the deployed resources and enable them to achieve overall objective.
6. Provide periodic feedback on changes to be made in the solution to improve usability
andfunctionality of the development application.
6. Project Deliverables-cum-Time Line & Payment Schedule

Phase 1 – Implementation
S.No Project Component Deliverables Timeline (Max Payment
Limit)
1 Issue of LoI/ Work order − T0 NIL
2 Submission of Inception Report Inception Report T0 + 15 days NIL
including Project Plan
Page 40 of 66
3 AUA/KUA, Aadhaar Duly Security Audited Aadhaar Data vault T1 = T0 + 120 days 50%
Data vault solution and associated components Of Phase
Software and (Hardware and Software) 1 cost
Hardware solution–
Development, Customization, Integration with e-KYC solution and all
Supply, Installation, the requisite client / software under
Integration, Configuration, use by various AUA /KUA or ASA as
Deployment, testing & provided by UIDAI
Commissioning
4 Setting up project environment Successful deployment of all project T2 = T1 + 15 days NIL
at Assam SDC components at Assam SDC
5 “Go-Live” Successful running of the scheme T3 = T2 + 15 days 50%

integrated with AADV Of Phase
Integration of at least one 1 Cost
scheme to be onboarded on
Assam Aadhar Data Vault
Phase 2 – Operations & Maintenance

S.No Project Component Deliverables Timeline (Max Limit) Payment
1 O&M and support forAADV Smoothly running of Starting from “Go- Phase 2
& AAAF the Project Live” Cost – payable half yearly arear
basis.
7. Manpower Specifications
7.1 Implementation Phase
The Implementation phase (Go-Live) is a time bound activity. The SP needs to evaluate
and provide resources to deliver as per the required scope in a timely manner.
7.2 Operations & Maintenance Phase
SP shall be responsible for deployment of highly qualified resources as per the desired skill-set
and experience of various categories for smooth running of the project. The following may be
noted:
i) All manpower to be deployed in the project shall be on payroll of the s o l e / p r i m e
bidder. Outsourcing in any form will not be accepted.
ii) The bidder needs to submit CV of all quoted manpower.
iii) The service provider will provide the bio data of the engaged resources for the maintenance
support for screening. If any specific work could not be completed due to poor manpower
quality, at the time of review, the service provider will provide substitute(s) with qualification
and experience as mentioned below.
iv) Any change of resources during the period of contract should be done only with the prior
consent of DITEC. For whatsoever reason provided the target for schedule of work shall not
suffer.
Page 41 of 66
v) The minimum qualification of the resources should be B.E/B.Tech/MCA/M.Sc and should
have minimum 3 (three) years work experience in this field. The numbers of resource
required for smooth running of the project is up-to the bidder to decide. The resources
should present in office during office hour.
vi) The proposed team shall be available and stationed in Guwahati on all the working days of
Govt. of Assam, and on public holidays also as and when necessary. This is necessary since
the agency needs to support the department continuously throughout the contract period.
The attendance of the personnel will be monitored by DITEC.
vii)If at any point of time, DITEC feels that a resource is not up-to the mark, the replacement will
be demanded in writing and will need to be obliged within 2 weeks. During such replacement,
the incumbent shall be available for disposal of the task till the new resource comes on board.
8. Bidding Process
8.1 Site Visit
The Bidder if so desires, may visit and examine the project sites, and revalidate all the
informationrequired for preparing their response document to the bid. The cost of such
visits to the sites shall be at the bidder's expense. The bidder and any of its personnel or agents
will be granted permission by DITEC to enter its facilities at various locations in the state for the
purpose of such visits, but only upon the condition that the bidder, its personnel, and agents,
will indemnify the DITEC from and against all liability in respect thereof, and will be responsible
for death or personal injury, loss of or damage to property, and any other loss, damage, costs,
and expenses incurred as a result of such inspection, undertaken by the bidder. The Bidder shall
at its own risk; peril; cost and liability undertake site visits to designated facilities in the state.
8.2 Cost of Bidding
The Bidder shall bear all costs associated with the preparation and submission of its bid
including cost of presentation for the purposes of clarification of the bid, if so desired by DITEC.
DITEC will in no case be responsible or liable for those costs, regardless of the outcome of the
Tendering process.
8.3 Validity of Proposals
a) Proposals shall remain valid for a period of 180 days (one hundreds eighty days) after the
date of Proposal opening prescribed in RFP. A Proposal valid for shorter period may be
rejected as non-responsive.
b) DITEC may solicit the bidders’ consent to an extension of Proposal validity (but without the
modification in Proposals). A bidder may refuse the request and such refusal shall be treated
as withdrawal of Bid and in such circumstances bid security shall not be forfeited.
c) Bidders that agree to an extension of the period of validity of their bids shall extend or get
extended the period of validity of bid securities submitted by them or submit new bid
securities to cover the extended period of validity of their bids. A bidder whose bid security
is not extended, or that has not submitted a new bid security is considered to have refused
Page 42 of 66
the request to extend the period of validity of its Bid.
8.4 Clarification of Tender Document
A prospective bidder requiring any clarification of the tender document may notify DITEC
through email only with softcopy in excel format at DITEC’s correspondence email address
before the date mentioned in under the ‘important dates’ section. DITEC representative will
respond to any request for clarification of the tender document in the pre-bid conference,
which will be held as per the table of important dates given. DITEC’s response will be sent to all
prospective bidders who have eceived the tender document. The clarification shall be asked as
per the given format. Queries not adhering to this format will not be responded to.
S.No. RFP Page No. RFP Section Content of RFP Clause Proposed Change Reason of Proposed
requiring clarification(s) Change
1
2
8.5 Pre-Bid meeting

a) All those bidders who have obtained bid document can participate in pre-bid meeting to
seek clarification on the bid, if any.
b) Pre bid meeting will be held online. (Clause 1.2 Data sheet to be referred)
c) Non-attendance at the Pre-Bid meeting will not be a cause for disqualification of a Bidder.
8.6 Amendment of Tender Document
At any time prior to the last date / time for receipt of bids, DITEC may, for any reason, whether
at its own initiative or in response to a clarification requested by a prospective bidder, reserves
the right to modify the tender document by issuing an amendment. The amendment will be
notified in e-procurement portal and will be binding on the bidders. In order to afford
prospective bidders reasonable time in which to take the amendment into account in preparing
their bids, DITEC may, at its discretion, extend the last date for receipt of bids.
8.7 Bid Preparation

i) Language of Bids
The Bids prepared by the bidder and all correspondence and documents relating to the bids
exchanged by the bidder and GoA, shall be written in the English language. If any supporting
document and printed literature furnished by the Bidder is in a language other than English
then the same should be accompanied by an accurate English translation in which case, for
purposes of interpretation of the bid, the English translation shall govern. However, such
translations shall be certified by the agency that has done the translations.
Page 43 of 66
A. Technical Bid as per specified criteria
The Technical Bid document shall detail all the information sought from the bidders and
required for DITEC to evaluate the bids as prescribed as part of the technical bid. Hence it is
mandatory that the bidders read this section in conjunction with the technical evaluation
section to provide information as necessary and adequate to evaluate the proposals.
B. Commercial Bid Specified

The commercial bid shall be submitted for all requirements of the GoA for the Request
forProposal (RFP) Selection of an agency for providing services as per details mentioned in
the RFP.
Quantity of the hardware items may vary at the time of issuing work order.
8.8 Procedure for Submission of Bids
i) Tender Processing Fees

Bidder can download the tender document for free from the portal (https://assamtenders.gov.in)
tillthe due date and time for bid submission. Any interested bidder shall pay tender processing
fee asspecified in the e-Procurement portal.
ii) Modes of Submission
All interested bidders shall pay EMD and Tender Processing fee and submit their Technical and
Commercial RFP responses electronically using the e-Forms in the e-Procurement platform.
Companies shall submit the tenders only through the unified e-Procurement system before the
scheduled date and time for bid submission. Tenders submitted after the due date and time
will not be considered. DITEC will not be liable or responsible for any delays due to unavailability
of the portal and the Internet link.
8.9 Authentication of Bid

The response bid shall be signed by the Bidder or a person or persons duly authorized to bind
the Bidder to the Contract. A written power-of-attorney accompanying the bid shall support a
letter ofauthorization. All pages of the bid, except for un-amended printed literature, shall be
initialed andstamped by the person or persons signing the bid.
8.10 Financial Bid
Financial bid to be submitted as per format published in e-procurement portal.
8.11 Price validity

Price should be valid for 180 days from the date of submission of bid.
8.12 Revelation of Prices
Prices in any form and for any reasons shall not be revealed in the pre-qualification bid or
Page 44 of 66
technicalbid or before opening the commercial bid. In case such violation happens, then the
bid shall be immediately rejected.
8.13 Terms and Conditions of Tendering Firms
Bidder should submit a no deviation undertaking as per form -9 at Annexure. Any substantial
deviation may lead to rejection of bid.
8.14 Bid Submission
8.15.1 Consortium and Sub-contracting
1. The bid shall be submitted only as single entity or in Consortium. In case of Consortium
there should not be more than two members including the prime/lead bidder.
2. The project execution performance shall be purely the responsibility of the Lead bidder.
The lead bidder shall be purely and wholly held responsible in case the subcontracted
agency fails to perform.
8.15.2 Modification and Withdrawal of Bids
No bid shall be withdrawn in the interval between the last date for receipt of bids, and the expiry
ofthe bid validity period specified by the bidder in the bid. Withdrawal of a bid during this
interval would result in forfeiture of the bidder’s bid security.
8.15.3 Address for Correspondence

The bidder shall designate the official mailing address, place, mobile number and email address
to which all correspondence shall be made by DITEC. DITEC will not be responsible for non-
receipt of any communication sent by the bidder.
8.15.4 Clarifications
If deemed necessary, DITEC may seek clarifications on any aspect from the bidder. However,
that would not entitle the bidder to change or cause any change in the substance of the tender
submitted or price quoted. DITEC may, if so desire, ask the bidder to give a presentation/
demonstration for the purpose of clarification of the tender. All expenses for this purpose, as
also for the preparation of documents and other meetings, will be borne by the bidders.
8.15.5 Verification of Reference Installations

DITEC, if considers necessary, may conduct verification of reference installations to satisfy
themselves on the performance of the equipment/ services offered with reference to their
requirements.
DITEC will satisfy themselves on the veracity of the reference works with reference to
performance indicators relevant to the requirements specified.
8.15.6 Contacting DITEC

Bidder shall NOT contact DITEC on any matter relating to this bid, from the time of the
Page 45 of 66
submission of bid to the time the contract is awarded. During this period, all-important notices
will be published in the e-procurement portal.
Any effort by a bidder to influence bid evaluation, bid comparison or contract award decision
may result in the rejection of the bid. Such an act on the part of the Bidder shall amount to
misconduct and will be liable for appropriate action, as decided by DITEC.
8.15.7 Bid Currency

Price shall be quoted entirely in Indian Rupees (INR).
8.15.8 Disqualifications
The bid is liable to be disqualified in the following cases:
• The Bid not submitted in accordance with this document.

• During validity of the bid, or its extended period, if any, the Bidder increases their
quotedprices.
• The Bidder qualifies the bid with his own conditions.
• Bid is received in incomplete form.
• Bid is not accompanied by all requisite documents.
• Information submitted in Technical Bid is found to be misrepresented, incorrect or false,
accidentally, unwittingly or otherwise, at any time during the processing of the contract (no
matter at what stage) or during the tenure of the contract including the extension period if
any. Commercial bid/ pricing is uploaded in the Technical bid.
8.15 Earnest Money Deposit
The EMD shall be forfeited:

1 If a Bidder withdraws its bid during the period of Bid validity specified by the Bidder on the
BidForm;
2 Or in case of a successful Bidder, if the Bidder fails:

• To sign the Contract; or
• To furnish the performance security.
8.16 Criteria for Evaluation of Bid
DITEC formed a committee to evaluate the proposals submitted by the bidders for a detailed
scrutiny. During evaluation of proposals, DITEC may, at its discretion, ask the bidders for
clarification of their Technical Proposals. Only those proposals meeting the above
qualification criteria will be evaluated as per the criteria mentioned below:
Page 46 of 66
Sl Documentary Max.
Criteria Marks
No. Evidence Marks
Average Turnover in last 3
≥Rs.10 Crore < Rs.15 Crore
years ending 31st March 2022 from
Audited Balance =5
IT Business and related
1 Sheet and Statutory ≥ Rs.15 Crore to Rs.20 10
services of last three years.
Auditor’s Certificate Crore = 7
≥ Rs.20 Crore= 10
No. of completed/ongoing projects Work Order/Client 1 project = 20 Marks

Letter/ Job 2 projects= 25 Marks
2 related to AUA/KUA/ASA/KSA in 30
Completion 3 or more projects = 30
Government/PSU certificate Marks
The company should have the Rs. 2 Crores = 10 Marks
experience of successfully ≥Rs. 2 crores <Rs. 5 crores
Acceptable
3 implementing Aadhaar = 15 Marks 20
Document
Authentication Projects of value of ≥ Rs. 5 crores = 20 Marks
minimum rupees of two crore
The company should have the 2 Crores = 5 Marks
experience of successfully ≥2 crores < 5 crores = 7
Acceptable
4 implementing Aadhaar Data Marks 10
Document
Vault with Database size of ≥ 5 crores = 10 Marks
minimum two crore authentication
No. of Aadhaar APIs Implemented Acceptable One = 15 marks
5 20
with Live AUA/KUA Document Two or more = 20 marks
Detailed Approach
&
Presentation: Understanding Methodology along Approach and
of Scope of Work and Detailed with CVs of Methodology and
5 10
Approach & Methodology (45 resources proposed technical
mins) to be deployed to be resource
evaluated in
presentation
Total Score 100
Cut Off (to open the financial bid)
60
1. Financial Proposal of only those bidders will be opened who secure minimum 60 marks as
per the above evaluation criteria.
2. Bidder has to give technical presentation in such a way that Aadhaar Authentication and e-KYC
related requirements of the DITEC is covered with detailed technical architecture of the Solution,
Timelines for the completion of the project, requirement & Services to the Sub AUA/KUA,
Integration with the DITEC’s and other state applications, onboarding on AEPS of DITEC and Use
cases of Aadhaar services.
8.17 Submission, Receipt and Opening of Proposals
• DITEC will open all bids (only Technical Bids at the first instance) through the e- Tendering
website, in the presence of Bidders or his representatives who choose to attend.
Page 47 of 66
• In the event of the specified date of Bid opening being declared holiday for the tendering
Authority, the Bid shall be opened at the appointed time and location on the next working
day.
8.18 Correction of Arithmetic Errors in Financial Bids

The bid evaluation committee shall correct arithmetical errors in substantially responsive
Bids onthe following basis, namely:
a) If there is a discrepancy between the unit price and the total price that is obtained by
multiplying the unit price and quantity, the unit price shall prevail and the total price shall
be corrected, unless in the opinion of the bid evaluation committee there is an obvious
misplacement of the decimal point in the unit price, in which case the total price as quoted
shall govern and the unit price shall be corrected;
8.19 Right to Accept or Reject Proposal

DITEC reserves the right to accept or reject any proposal, and to annul the proposal process
and reject all Proposals at any time prior to award of contract, without thereby incurring any
liability to the affected bidder(s) or any obligation to inform the affected bidder(s) of the
groundsfor such decision.
8.20 Bid Selection Method

The selection method is Least Cost Based Selection (LCBS).
8.21 Disqualification
DITEC may at its sole discretion and at any time during the evaluation of Proposal, disqualify
any bidder, if the bidder has:
a) Submitted the Proposal documents after the response deadline.
b) Made misleading or false representations in the forms, statements and attachments
submitted in proof of the eligibility requirements.
c) Exhibited a record of poor performance such as doing as abandoning works, not properly
completing the contractual obligations, inordinately delaying completion or financial
failures,etc. in any project in the preceding three years.
d) Submitted a proposal that is not accompanied by required documentation or is nonresponsive.
e) Failed to provide clarifications related thereto, when sought.
f) Declared ineligible by the Government of Assam for corrupt and fraudulent practices or
blacklisted.
g) Submitted a proposal with price adjustment / variation provision.
9. General Terms and Conditions
9.1 Application
These general conditions shall apply to the extent that provisions in other parts of the contract
Page 48 of 66
donot supersede them. For interpretation of any clause in the RFP or Contract Agreement,
the interpretation of the DITEC shall be final and binding on the firm/ company.
9.2 Applicable Law

Applicable Law means the laws and any other instruments having the force of law in India as
they may be issued and in force from time to time. The contracts shall be interpreted in
accordance with the laws of the Union of India within the jurisdiction of Gauhati High Court,
in the district of Kamrup (M).
9.3 Relationship Between Parties

Nothing mentioned herein shall be constructed as relationship of master and servant or of
principal and agent as between the DITEC and ‘the firm/company’. The firm/company subject
to this contract for selection has complete charge of personnel, performing the services under
the Project executed by DITEC from time to time. The IT Professional(s) provided by
firm/company shall be fully responsible for the services performed by them or on their behalf
here under. DITEC will allocate work/assignment to the IT Professional(s) provided by
firm/company.
9.4 Documents/Knowledge Transfer

All the documents prepared and updated time-to-time by the firm/company under this
contractshall be the exclusive property of DITEC and will be handed over to the DITEC at the
time of completion/ termination of the contract. Following are the indicative listof documents
needs to be prepared & updated by the Successful bidder:
• Process documents
• Change Management Plan
• Final Acceptance Test Plan, Test Cases and Results
• Standard Operations Procedure, QA Process, Release Notes
• Documentation on Data Storage, Security & Data Sharing Guidelines
• The SP shall obtain the sign-off from DITEC or its nominee for all the documents submitted
for this Project and shall make necessary changes as recommended by DITEC before
submitting the final version of the documents.
• The SP shall maintain logs of the internal review of all the deliverables submitted to the
DITEC or the agency designated by the DITEC. The logs shall be submitted to the DITEC or
the designated agency on request.
9.5 Governing Language

The Contract shall be written in English Language. English version of the Contract shall govern
itsinterpretation. All correspondence and other documents pertaining to the contract, which
are exchanged between the parties, shall be written in the English Language.
9.6 Intellectual Property Rights (IPR)

The IPR in respect of all the processes, software, applications and components (including
sourcecode), developed in pursuance of this Project, shall vest with DITEC, immediately on
Page 49 of 66
their creation. Following conditions apply:
• Ownership and Title: Title to all the enhancements, point updates and documentation,
including ownership rights to patents, copyrights, trademarks and trade secrets therein
shall be the exclusive property of DITEC.
• All the deliverables submitted by firm/company under the contract will be the exclusive
property of DITEC.
9.7 Assignments
The firm/company shall not assign the project to any other agency, in whole or in part, to
performits obligation under the Contract, without prior written consent of DITEC.
9.8 Award of Contract

9.8.1 On acceptance of Proposal for awarding the contract, the DITEC will notify the
successful bidders in writing that their proposal has been accepted and Contract
Agreement will be signed. After signing of the Contract Agreement, no variation
in or modification of the term of the Contract shall be made except by written
amendment signed by the parties.
9.8.2 If the issuance of formal letter of acceptance is likely to take time, in the
meanwhile a Letter of Intent (LoI) may be sent to the bidder. The acceptance of
an offer is complete as soon as the letter of acceptance of letter of intent is
posted and/ or sent by e-mail to the address of the bidder given in the bidding
document. Until a formal contract is executed, the letter of acceptance or LoI
shall constitute a binding contract.
9.9 Monitoring of Contract
9.11.1 An officer or an agency or a committee of officers named Project Monitoring Unit

(PMU) will be formed by DITEC to monitor the progress of the contract during its
delivery period.
9.11.2 During the contract period the PMU shall keep a watch on the progress of the
contract and shall ensure that quantity of service delivery is in proportion to the
total delivery period given.
9.11.3 If delay in delivery of service is observed a performance notice would be given to
the selected bidder to speed up the delivery and may take necessary action as
mentioned in penalty section of this RFP.
9.10 Performance Bank Guarantee (PBG)

1) The successful Bidder has to furnish a security deposit in the form of Performance Bank
Guarantee @ 5% of total order value within 15 days from the date of issue of Purchase
order for the duration of warranty of any of Nationalized Bank (operating in India
having branch at Guwahati).
2) The Performance security shall be payable to the DITEC as compensation for any loss
resulting from the SI’s failure to complete its obligations under the Contract.
3) The Performance Security will be discharged by DITEC and returned to the Bidder on
Page 50 of 66
completion of the bidder’s performance obligations under the contract.
4) In the event of any contract amendment, the bidder shall, within 21 days of receipt of
such amendment, furnish the amendment to the Performance Security, rendering the
same valid for the duration of the Contract, as amended for further period.
5) No interest shall be payable on the PBG amount. DITEC may invoke the above bank
guarantee for any kind of recoveries, in case; the recoveries from the bidder exceed
the amount payable to the bidders.
9.11 Execution of Agreement
9.13.1 DITEC will issue Letter of Intent (LoI) to the successful bidder.
9.13.2 A procurement contract shall come into force from the date on which DITEC received
the acceptance letter of the Letter of Intent (LoI) from the successful bidder.
9.13.3 The successful bidder shall sign the procurement contract within 15 days from the date
on which the letter of acceptance or letter of intent is dispatched to the successful
bidder.
9.13.4 If the bidder, who’s Bid has been accepted, fails to sign a written procurement contract
or fails to furnish the required performance security within specified period, the
procuring entity shall take action against the successful bidder as per the provisions of
the bidding document and Act. The procuring entity may, in such case, cancel the
contract with the bidder and debar the bidder to participate in any future bid.
9.14 Penalty
Project Component Deliverables Timeline Value of Penalty

(Max
Limit)
PHASE I (Implementation)
After T0+ 15 days, a Penalty of 1% of
Contract value of Phase-I cost per
Submission of Inception
week and part thereof up to the
Report including Project Successful submission T0 + 15
maximum value of 5% of the Contract
Plan of Inception report days
Value. Delay beyond Five (05) weeks
would lead to termination of contract.
Page 51 of 66
AUA/KUA and Aadhaar Data Successful delivery of T1 = T0 + After T1, a Penalty of 2.5% of Contract
vault Software solution– Duly Security Audited 120 days value of Phase-I cost per week and
Development, AUA/KUA and Aadhaar part thereof. Delay beyond Four (04)
Customization, Supply, Data Vault solution and weeks would lead to termination of
Installation, Integration, associated contract.
Configuration, Deployment,
components.
testing & Commissioning
Integration with e-KYC

solution and all the
requisite client /
software under use by
various AUA/ KUA or
ASA as provided by
UIDAI.
Project Component Deliverables Timeline Value of Penalty
(Max
Limit)
After T2, a Penalty of 2.5% of Contract
Successful value of Phase-I cost per week and
Setting up project
deployment of all T2 = T1 + part thereof. Delay beyond Five (02)
environment at SDC
project components 15 days weeks would lead to termination of
at Assam SDC contract.
“Go-Live” After T3, a Penalty of 2% of Contract

Successful Integration value of Phase-I cost per week and
Successful Running of part thereof up to the maximum value
of at least one scheme T3 = T2 +
the scheme integrated of 10% of the Phase 1 Contract Value.
to be onboarded on 15 days
with ADV Delay beyond Five (05) weeks would
Aadhaar Data
lead to termination of contract.
Vault.
T0 = Date of signing of Contract agreement.
Timeline
Project Component Deliverables (Max Limit) / Value of Penalty
Uptime
PHASE II (Operations & Maintenance)
After T3, a Penalty of 2% of Contract
%age overall value of Phase-I cost per week and part
uptime target thereof up to the maximum value of
Application Uptime 99.5%
(calculated 10% of the Phase 1 Contract Value.
monthly) Delay beyond Five (05) weeks would
lead to termination of contract.
Target in
Measurement Definition Interval Target in % Penalty
Time
>= 99.7% 130 minutes No Penalty

Availability = >= 99.5% to
216 minutes 1% of the QGR value
{1- < 99.7%
Software
[(Downtime) >= 99.3% to
Availability 302 minutes 2% of the QGR value
/ (Total Time Monthly < 99.5%
Page 52 of 66
(Both AAAF & – 5% of the QGR value
ADV) >= 99.0% to [Record as Event of Default]
Maintenance 432 minutes
< 99.3% [Escalation to Customer and
Time)]}*100
Bidder Management]
9.15 Fraud and Corruption

DITEC requires that firm/company selected through this RFP must observe the highest
standards of ethics during the performance and execution of such contract. In pursuance of
this policy, DITEC for the purposes of this provision, the terms set forth as follows:
• “Corrupt practice,” means the offering, giving, receiving or soliciting of anything of
value to influence the action of DITEC or any personnel of firm/company(s) in contract
executions.
• "Fraudulent practice" means a miss-presentation of facts, in order to influence a
procurement process or the execution of a contract, to DITEC, and includes collusive
practice among bidders (prior to or after Proposal submission) designed to establish
Proposal prices at artificially high or non-competitive levels and to deprive DITEC of
the benefits of free and open competition.
• “Unfair trade practices” means supply of services different from what is ordered on,
or change in the Scope of Work, which was given in Section 4.
• “Coercive Practices” means harming or threatening to harm, directly or indirectly,
personsor their property to influence their participation in the execution of contract.
• Will reject a proposal for award, if it determines that the bidder recommended for
award, has been determined by DITEC to having been and engaged in corrupt,
fraudulent of unfair trade practices.
• Will declare a Firm/company ineligible, either indefinitely or for a stated period of
time, for awarding the contract, if it any time determines that the Firm/company has
engaged in corrupts, fraudulent and unfair trade practice in competing for, or in
executing the contract.
9.16 Confidentiality
Information relating to the examination, clarification and comparison of the proposals shall not
bedisclosed to any bidders or any other persons not officially concerned with such process
until theselection process is over. The undue use by any bidder of confidential information
related to the process may result in rejection of its proposal. Except with the prior written
consent of the otherparty, no party, shall, at any time communicate to any person or entity
any confidential information acquired in the course of the Contract.
No party shall, without the other party’s prior written consent, disclose contract,
specifications, plan, pattern, samples or other documents to any person other than an entity
employed by the affected party for the performance of the contract.
Page 53 of 66
9.17 Termination
Under this Contract, DITEC may by written notice terminate the contract agreement entered
with the firm/company in the following ways:
Termination by Default for failing to perform obligations under the Contract or if the quality is
not up to the specification or in the event of non-adherence to time schedule.
a) Termination for Convenience in whole or in part thereof, at any time. However,

termination forConvenience will be invoked with a notice period of one month.
b) Termination for Insolvency if the firm/company becomes bankrupt or otherwise insolvent.
In all the three cases termination shall be executed by giving written notice to the
firm/company. Upon termination of the contract, payment shall be made to the firm/company
for:
i. Services satisfactorily performed and reimbursable expenditures prior to the effective
dateof termination
ii. Any expenditure actually and reasonably incurred prior to the effective date of termination
No consequential damages shall be payable to the firm/company in the event of such
termination.
9.18 Force Majeure
Notwithstanding anything contained in the RFP, the firm/company shall not be liable for
liquidated damages or termination for default, if and to the extent that, it’s delay in
performanceor other failures to perform its obligations under the agreement is the result of
an event of ForceMajeure.
For purposes of this clause “Force Majeure” means an event beyond the control of the
consultingfirm/company and not involving the consulting firm/company’s fault or negligence
and which was not foreseeable. Such events may include wars or revolutions, fires, floods,
epidemics, quarantine restrictions and freight embargos. The decision of the DIT, ASSAM
regarding Force Majeure shall be final and binding on the firm/company.
If a Force Majeure situation arises, the firm/company shall promptly notify to the DITEC in
writing, of such conditions and the cause thereof. Unless otherwise directed by the DITEC in
writing, the firm/company shall continue to perform its obligations under the agreement as far
asreasonably practical, and shall seek all reasonable alternative means for performance not
prevented by the Force Majeure event.
9.19 Resolution of Disputes
If any dispute arises between parties, then there would be two ways for resolution of the
disputeunder the Contract.
Page 54 of 66
9.20 Amicable Settlement
Performance of the Contract is governed by the terms the conditions of the Contract, however
at times dispute may arise about any interpretation of any term or condition of Contract
including the scope of work, the clauses of payments etc. In such a situation either party of
the contract may send a written notice of dispute to the other party. The party receiving the
notice of disputewill consider the notice and respond to it in writing within7 days after receipt.
If that party fails to respond within 7 days, or the dispute cannot be amicably settled within 15
days following theresponse of that party, then next Clause shall become applicable.
9.21 Legal Jurisdiction

All legal disputes between the parties shall be subject to the jurisdiction of the Guwahati, Assam
courts situated in Assam only.
9.22 Notice
Any notice, request or consent required or permitted to be given or made pursuant to this
contract shall be in writing. Any such notice request or consent shall be deemed to have been
given or made when delivered in person to an authorized representative of the party to whom
the communication is addressed, or when sent to such party at the address mentioned in the
project specific Contract Agreement.
9.23 Limitation of Liability
The aggregate liability of the SP under this agreement, or otherwise in connection with the
services to be performed hereunder, shall be limited to two times of the contract value. The
preceding limitation shall also apply to liability arising as a result of the SP's fraud or willful
misconduct in performance of the services hereunder.
9.24 Deliverables
The selected bidder’s firm/company should have to submit deliverables in hard/ soft copy
(including editable soft copy); as desired by the DITEC.
9.25 Validity of Contract

The validity of the contract is for “the Term” of the contract and shall be extended for further
period of one year at the same terms and conditions.
9.26 Others
• The Bidder will need to coordinate and approach various agencies working under BSWAN,
ASDC and likes during course of providing the solution.
• The successful bidder is responsible to maintain documentation on the progress of the
work and will have to update the same on regular basis. Bidder will have to submit the
progress reports regularly, as per the guideline issued by GoA.
• GoA shall provide office space to the operational SP in its own premise during project
period (Phase 2). All other expenses related to transportation, consumables, stationary,
Page 55 of 66
telephone, food, snacks, etc. in case required, has to be completely borne by the Bidder as
part of Contract Agreement.
• Time is the essence of the Project and hence the bidder shall at all times maintain sufficient
manpower, resources, and facilities, to provide the Services in a workman like manner on
a timely basis. If required and to meet SLAs, the bidder shall pool additional resources to
ensurethat work is completed within defined time frame with no additional cost to DITEC.
10 Exit Management
10.1 Purpose
a) This clause sets out the provisions which will apply upon completion of the contract
period or upon termination of the agreement for any reasons. The Parties shall ensure
that their respective associated entities, in case of DITEC any third party appointed by
the DITEC and in case of the SP, carry out their respective obligations set out in this
Exit Management Clause. Exit Management criteria will be a part of Master Service
Agreement with detailed information about exit criteria and exit management plan.
b) The exit management period starts, in case of expiry of contract, or on the date when
the contract comes to an end or in case of termination of contract, or on the date when
the notice of termination is sent to the SP. The exit management period ends on the
date agreed upon by the DITEC.
c) The SPs shall pay all transfer costs and stamp duty applicable on transfer of project
assets except in case the Project is being terminated due to default of DITEC, GoA,
where DITEC, GoA shall be responsible for transfer costs and stamp duty, if any. For
clarification of doubt, transfer costs in this Clause relate to taxes and duties applicable
due to transfer of the Aadhar Authentication Framework project, if any. At the
beginning of the exit management period, the SPs shall ensure that:
1. All Project Assets including the hardware, software, documentation and any
other infrastructure shall have been renewed and cured of all defects and
deficiencies as necessary so that the Aadhar Based Authentication Framework
is compliant with the Specifications and Standards set forth in the RFP,
Agreement and any other amendments made during the contract period;
2. SP delivers relevant records and reports pertaining to the Aadhar Based
Authentication Framework project and its reports, concepts notes and
feasibility report including all manuals pertaining thereto and complete as on
the Divestment Date;
3. The SP shall comply with all other requirements as may be prescribed under
Applicable Laws to complete the divestment and assignment of all the rights,
title
and interest of the Aadhar Based Authentication Framework Project free from
all encumbrances absolutely and free of any charge or tax to DITEC or its
nominee
Page 56 of 66
10.2 Cooperation and Provision of Information
a) During the Exit Management Period:
I. The SP will allow DITEC or any third party appointed by DITEC, access to information
reasonably required to define the then current mode of operation associated with
the provision of the services to enable DITEC any third party appointed by DITEC to
assess the existing services being delivered;
II. Promptly on reasonable request by DITEC any third party appointed by DITEC, the
SP shall provide access to and copies of all information held or controlled by them
which they have prepared or maintained in accordance with the “Contract”, the
Project Plan, SLA and Scope of Work, relating to any material aspect of the services.
DITEC or any third party appointed shall be entitled to copy all such information.
Such information shall include details pertaining to the services rendered and other
performance data. The SP shall permit DITEC or any third party appointed to have
reasonable access to its employees/ facility as reasonably required by DITEC or any
third party appointed to understand the methods of delivery of the services
employed by the SP and to assist appropriate knowledge transfer.
11 Annexure: Forms and Template for Bid Response
11.1 Technical Proposal Forms

1. Form – 1: Covering letter
2. Form – 2: Declaration of Acceptance of Terms and Conditions in RFP
3. Form – 3: General Information about the bidder
4. Form – 4: Bidder’s Relevant Experience
5. Form – 5: Particulars of key professionals
6. Form – 6: CV’s of key professionals
7. Form –7: Power of Attorney for authorized signatory
8. Form – 8: Undertaking on Being Not Black-Listed
Page 57 of 66
12 TECHNICAL PROPOSAL FORMS
12.1 Form – 1: Covering Letter
On Bidders Letter Head

To,
The Director
Directorate of Information Technology, Electronics and Communications (DITEC)
Behind CM Block, Assam Secretariat
Guwahati: 781006
Dear Sir,
Sub: Selection of Agency for Supply, Commissioning, Testing, Integration and Operation and
Maintenance of Aadhaar Data Vault for AUA/KUA Project of Directorate of Information
Technology, Electronics and Communication, DITEC, Government of Assam.
We have examined the Tender and we offer to Design, Supply, Installation, Configuration,
Customization, Operations and Maintenance of Aadhaar based Authentication & e-KYC Software
comprising of AUA/KUA Platform with all requisite hardware and software as per the terms and
conditions and technical specifications spelt out, and in accordance with the schedule of prices indicated
in the commercial bid and made part of this offer/bid.
We confirm that the prices quoted by us in the "Financial Bid" are firm and shall not be subject
to any variation for the entire period of the contract
We agree to abide by providing warrantee for two years from the date of contract for Aadhaar based
Authentication & e-KYC Software comprising of AUA/KUA Platform with all requisite hardware solution.
Until a formal contract is prepared and executed, this offer, together with DITEC’s written acceptance
thereof and DITEC’s notification of award shall constitute a final, conclusive and binding contract
between us.
We also certify that the information/data/particulars furnished in our bid are factually correct. We also
accept that in the event of any information/data/particulars proving to be incorrect, DITEC will have the
right to disqualify us from the bid.
We understand that DITEC may reject any or all of the offers without assigning any reason whatsoever.
Any decision of DITEC in this regard shall be final, conclusive and binding on us.
The above arrangement is binding on our successors and assigns. We agree not to assign these provisions
Page 58 of 66
/ presents without prior written approval of DITEC.
Yours faithfully,
(Signature of the Bidder)

Printed Name:
Designation:
Company Name:
Seal:
Date:
Business Address:
Page 59 of 66
12.2 Form – 2: Declaration of Acceptance of Terms and Conditions in RFP
(On Bidder’s Letter head)
To,
The Director
Directorate of Information Technology, Electronics and Communications (DITEC)
Behind CM Block, Assam Secretariat
Guwahati: 781006
Sub: Selection of Agency for Supply, Commissioning, Testing, Integration and Operation and
Technology, Electronics and Communication, DITEC, Government of Assam.
Ref. No.:
Dear Sir,
I have carefully gone through the Terms & Conditions contained in the RFP document [No.
……………………………….] Regarding “Selection of Agency for Supply, Commissioning, Testing,
Integration and Operation and Maintenance of Aadhaar Data Vault for AUA/KUA Project of
Directorate of Information Technology, Electronics and Communication, DITEC, Government of
Assam” and hereby declared that all the terms and conditions in this RFP are accepted and
will be adhered.
Yours faithfully,
(Signature of the Bidder)

Printed Name:
Designation:
Company Name:
Seal:
Date:
Business Address
Page 60 of 66
12.3 Form – 3: General Information about bidders
Details filled in this form must be accompanied by sufficient documentary evidence, in order to verify the
correctness of the information.
SR.
DETAILS OF THE COMPANY RESPONSE
NO
A Name of Company
B Company Head Office and registered office address
C Telephone and Fax numbers
D Date of incorporation. Please enclose Company Registration
Certificate.
E Ownership structure (e.g. Proprietorship, Partnership, Pvt. / Pub
Ltd Company)
F Company Sales Tax Number, GST registration number, & Service
Tax number. Please
enclose supporting document.
G Company PAN & TIN number. Please enclose supporting
document.
H Please enclose financial accounts (Profit and Loss account and
Balance sheet for last three
financial years).
I Quality Certification Please enclose copies of Quality Certificates
(ISO 9000/9001 certification)
J List of Support Centers with addresses and phone numbers
K Total strength of the
Company.
Bifurcation:
• Installation Team
• Maintenance Team
• Support Team
• Any Other Teams
Page 61 of 66
12.4 Form – 4: Bidder’s Relevant Experience Certificate
Please provide information as per the criteria set so as to facilitate fair evaluation:
Assignment Name: Country:

Location within Country: Professional Staff Provided by your Firm
/ entity (profiles):
Name of Client: No. Of Staff:
Address& Contact Number: No. Of Staff-Months: Duration of

assignment:
Start Date (Month/Year): Completion Date Approx. Value of Services (in Rupees):
(Month/Year):
Name of Associated firm (s) if any: No. Of Months of Professional Staff

provided by Associated firm (s):
Name of senior staff (Project Director / Coordinator, Team Leader) involved and functions performed:
Narrative description of Project:
Description of Actual Services provided by your staff:
Note: Kindly attach work order / work completion certificate
Page 62 of 66
12.5 Form – 5: Particulars of key professionals
Present Employment
Length of Number of
Educational (Name of the
Sr.No Name Professional Eligible
Qualification Employer &
Experience Assignments
Employed Since)
Page 63 of 66
12.6 Form – 6: CV’s of key professionals
1 Proposed Position:
2 Name of Firm:
3 Name of Staff:
4 DOB:
5 Nationality:
6 Educational Qualification:
Work Experience:
7
8 Other Training:
10 Language
11 Detailed Task assigned:

Work Undertaken that Best
11 Illustrates Capability to Handle
the Tasks Assigned
Necessary Certificate should be provided.
I, the undersigned, certify that to the best of my knowledge and belief, this CV correctly describes my
qualifications, and my experience. I understand that any willful mis statement described herein may lead
to my disqualification or dismissal, if engaged.
Yours Sincerely
Name:
Designation:
Seal:
Date:
Place
12.7 Form – 7: Power of Attorney for signing authorities
(On applicable Court Stamp Paper)
Know all men by these presents, we, (Name of Firm and address of the office) do
hereby constitute, nominate, appoint and registered. Authorize
Mr./MS………………………………………………….. Son/daughter/wife and presently residing
at……………….. …………………………………………………………..Who is presently employed with/
retained by us and holding the position of ........................................as our true and lawful
attorney (hereinafter referred to as the “Authorized Representative”) to do in our name and
on our behalf, all such acts, deeds and things as are necessary or required in connection with
or incidental to submission of our Proposal for and selection to work as Request for Proposal
(RFP) “Selection of Agency for Supply, Commissioning, Testing, Integration and Operation and
Technology, Electronics and Communication, DITEC, Government of Assam”, including but not
limited to signing and submission of all applications, proposals and other documents and
writings, participating in pre-bid and other conferences and providing information/ responses
to the DITEC, representing us in all matters before DITEC, signing and execution of all
contracts and undertakings consequent to acceptance of our proposal and generally dealing
with the DIT in all matters in connection with or relating to or arising out of our Proposal for
the said Project and/or upon award thereof to us till the entering into of the Agreement with
the DITEC.
AND, we do hereby agree to ratify and confirm all acts, deeds and things lawfully done or
caused to be done by our said Authorized Representative pursuant to and in exercise of the
powers conferred by this Power of Attorney and that all acts, deeds and things done by our
said Authorized Representative in exercise of the powers hereby conferred shall and shall
always be deemed to have been done by us.
IN WITNESS WHEREOF WE, THE ABOVE-NAMED PRINCIPAL HAVE EXECUTED THIS POWER OF
ATTORNEY ON THIS............ DAY OF ......................................... , Year For.............................
(Signature, name, designation and address)

Witnesses:
1.
2.
Notarized Accepted
..........................
(Signature, name, designation and address of the Attorney)

12.8 Form – 8: Undertaking on being not black listed
(On applicable Court Stamp Paper)
This is to certify that << COMPANY NAME >> is not blacklisted by the Government of Assam or
any of its agencies for any reasons whatsoever and not blacklisted by Central / any other
State/UT Government or its agencies for indulging in corrupt or fraudulent practices or for
indulging in unfair trade practices and not backed out from executing the work after award of
the work as on date ……………………
Company Secretary / Authorized Signatory
Name of Signatory:
Bidder Name:
Date
Place

Government of Assam: Ref No.: DITEC - No.160/2021/131 Release Date: 28 June 2022

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Government of Assam: Ref No.: DITEC - No.160/2021/131 Release Date: 28 June 2022

Uploaded by

Copyright:

Available Formats

Government of Assam

Directorate of Information Technology, Electronics and Communications (DITEC),

Behind CM Block, Assam Secretariat,

REQUEST FOR PROPOSAL (RFP)

REF NO. : DITEC.No.160/2021/131

2.1.1 Project Brief ............................................................................................................... 14

i) Data Management .................................................................................................. 18

i) Language of Bids ..................................................................................................... 43

i) Tender Processing Fees............................................................................................ 44

8.15.1 Consortium and Sub-contracting ............................................................................. 45

API Application Programming Interface

ASA Authentication Service Agency

AUA Authentication User Agency

The bidder’s representative/ officer vested (explicitly, implicitly, or

Broadband and Citizen Service Mission Society (under the purview

A security provided to the procuring entity by a bidder for securing the

Any person/ firm/ agency/ company/ contractor/ supplier/ vendor

Documents issued by the procuring entity, including any amendments

BPR Business Process Re-engineering

ASDC Assam State Data Center

CIDR Central Identities Data Repository

Committee Committee constituted by DITEC for evaluation of Technical

An authority or officer to whom the relevant administrative or

Price payable to the firm/company based on deliverable linked

Day A calandar day as per GoA.

EMD Earnest Money Deposit

GCC General Conditions of Contract

GoA Government of Assam

GoI Government of India

HSM Hardware Security Module

ICT Information and Communications Technology

INR Indian Rupee

ISO International Organisation for Standardisation

KSA KYC Service Agency

KUA KYC User Agency

KYR / KYC Know Your Resident / Customer

LoI Letter of Intent

MeitY Ministry of Electronics & Information Technology, GoI.

Professional and Support staff provided by the firm/ company and

Proposals submitted by bidders in response to the RFP issued by

RFP Request for Proposal

Work to be performed by the firm/ company pursuant to the selection

SRS Software Requirements Specification

SRDH State Resident Data Hubs

TIN Tax Identification Number

TPA Third Party Auditor

UAT User Acceptance Testing

UIDAI Unique Identification Authority of India

WO/ PO Work Order/ Purchase Order

a) DITEC, on behalf of Department of Information Technology, Government of Assam, invites

• Section 1 - Invitation for Proposals

Date: 29th July 2022

Date: 18th July 2022

Mobile No: +91-9957926630

Email ID: ditec-asm@gov.in

Bid Security/Earnest Money Deposit

2. Project Profile & Background Information

2.1.1 Project Brief

2.1.2 Project Vision

2.1.3 Project Objectives

2.1.4 Aadhaar Data Vault:

3. Pre-Qualification/ Eligibility Criteria

2. The Sole/Prime Bidder should be an Indian registered i) Certificate(s) of Entity