UIDAI Addresses Security And Privacy Concerns

The issue of protection of citizen data has once again picked up steam in the most recent week after The Tribune revealed that an unknown WhatsApp number was pitching access to the whole Aadhaar database for as low as Rs 500. So in an attempt to address security and privacy concerns around the leakage of Aadhaar numbers and information data, the Unique Identification Authority of India on Wednesday introduced two new measures - virtual ID and limited KYC.

The Aadhaar-card holder can utilize the idea or most likely the 'concept' of the virtual id through its website which can take into consideration different purposes, including SIM verifications, and save them the trouble of sharing the actual12-digit biometric ID.

The Virtual ID would be an arbitrary 16-digit number, complete with biometrics of the user and would give any authorised agency like a mobile company, restricted or limited details like name, address and photograph, which are more than sufficient for any confirmation and verification.
Then again the idea of 'limited KYC' will just give need based or finite details of a user to an authorised agency that is providing a specific administration or service.

From 1 June, 2018 it will be obligatory for all organizations and agencies that attempt verification to acknowledge the Virtual ID from their clients. Agencies that don't relocate to the new framework to offer this additional alternative to their clients by the stipulated due date will confront financial disincentives.

"Aadhaar number holder can use Virtual ID in lieu of Aadhaar number whenever authentication or KYC services are performed. Authentication may be performed using the Virtual ID in a manner similar to using Aadhaar number," a UIDAI circular said.

Clients (users) can go to the UIDAI website to create their virtual ID which will be valid for a definite time frame, or till the user decides to transform it. Since the system generated Virtual ID will be mapped to a person's Aadhaar number itself at the back end, it will get rid of the requirement for the user to share Aadhaar number for validation and decrease the collection of Aadhaar numbers by various organizations.

According to the UIDAI, organizations that attempt validation would not be permitted to generate the Virtual ID on behalf of the Aadhaar holder.The UIDAI is also instructing all agencies utilizing its authentication and eKYC services to ensure Aadhaar holders can give the 16-digit Virtual ID rather than Aadhaar number within their application. 


Needless to say the move mainly focuses to reinforce the protection and security of Aadhaar data and comes in the midst of uplifted concerns around the collection and storage of personal and statistical (demographic) information of individuals.
Category: / / / /

Share this with Your friends: