In a bid to give a breather to banks and government departments, the Unique Identification Authority of India (UIDAI) has now extended the deadline for deployment of the 16-digit virtual ID (VID) as an alternate to Aadhaar numbers till August this year.
The decision was well-received. Bank officials said that companies were facing multiple problems in generating Virtual ID numbers from mobile phones and there was lack of awareness among the public about the VID.
The reports have also said that banks have sought time to upgrade their systems to be able to process VID applications for authentication of Aadhaar users for various purposes. This extension will also allow Aadhaar-enabled payment system (AEPS) transactions to continue for two more months.
However, at the same time, the UIDAI has started levying a charge of 20 paise per transaction on telecom and e-sign generating companies that have not implemented the new system from July 1.
It will reverse the charges if these firms comply by July-end.
In a statement, Ajay Bhushan Pandey, CEO, UIDAI, said that while some authentication user agencies (AUAs) carry out the authentication in a controlled environment in the presence of their employees, other AUAs perform it in the presence of agents, who often cater to more than one AUA.
“It is imperative that on the basis of the level of supervision in the authentication ecosystem and the risk assessment, the VID/UID token-associated security features should be implemented in a certain category of AUAs sooner without any delay,” he said.
The UIDAI chief also added that the Virtual ID is a critical security measure for protecting residents’ privacy and their Aadhaar numbers.
However, users have been facing difficulty in creating Virtual IDs. Reports claimed that the process of generating a VID is more-or-less smooth on the desktop, but it is not working for smartphone users, who form a large part of the consumer base.
The UIDAI had introduced VID as one of the two-layered safety net features to avoid data breaches. It is said that with VID, there will be no need to share the real Aadhaar number at the time of authentication.
Instead, a randomly generated 16-digit code will be shared with the agency every time. This ID, along with the biometrics of the user — like the name, address, and photographs — can provide the necessary details to the concerned AUA without allowing it to track the actual Aadhaar number of the user.
The limited KYC feature will provide AUAs with only the essential details; they can do their own KYC and identify users with ‘tokens’. Also, as stated by the UIDAI in a media statement, “Agencies that undertake authentication will not be allowed to generate the Virtual ID on behalf of the Aadhaar holder.”
The Aadhaar system is filled with loopholes and has seen continued data breaches, but with Virtual ID and face recognition features, the UIDAI now aims to prevent user data from being compromised.
[The development was reported by ET.]