UIDAI Will Also Introduce Face Recognition Feature, Limited KYC
Inc42 Daily Brief
Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy
While the Supreme Court is entertaining several petitions against the Aadhaar, the UIDAI (Unique Identification Authority of India) has introduced the beta version of the VID (virtual ID) feature.
In a tweet, the UIDAI said, “The UIDAI launches Virtual ID. Generate your VID from Resident.uidai.gov.in/web/resident/vidgeneration. Soon, service providers will start accepting VID in place of the Aadhaar number. For now, you can use this for online address update in your Aadhaar form.”
Residents can go to the UIDAI website and generate a VID number, which service providers will soon start accepting.
The deadline has been set for June for the full rollout of VIDs. Aadhaar users will also have the choice for the reverse – which is to not generate their virtual IDs and continue using their Aadhaar numbers each time.
What Is The Virtual ID For Aadhaar?
In January, the UIDAI launched a two-layered safety net feature to avoid data breaches. This consists of a 16 digit Virtual ID and limited know-your-customer (KYC) for Aadhaar number holders.
With the virtual ID, there will be no need to share the real Aadhaar number at the time of authentication. Instead, a randomly generated 16-digit code will be shared with the agency every time. This ID along with biometrics of the user, like the name, address and photographs, can provide the necessary details to the concerned agency, without being able to track the actual Aadhaar number of the user.
A user can generate multiple virtual IDs as per the need. The older IDs will get cancelled once a fresh ID is issued to the user. Since the virtual ID would get mapped to the individual’s Aadhaar number, the need to share the original Aadhar number would be done away.
While, the limited KYC feature will provide the agencies with only the essential details , thus avoiding the chance to track and store a user’s Aadhaar number. Agencies can do their own KYC and will identify users with ‘tokens’. Also, as stated by the UIDAI in a media statement, “Agencies that undertake authentication would not be allowed to generate the Virtual ID on behalf of Aadhaar holder”.
The Hot Bubble Of Aadhaar Breaches
At present, the UIDAI is explaining the Aadhaar’s security features to the Supreme Court, where UIDAI chief Ajay Bhushan Pandey said, “Aadhaar makes exceptions for those who are unable to give their biometric information for any reason.”
However, at the same time, the Aadhaar card has also been said to be vulnerable to data theft risks and other major security leaks. Also, the UIDAI has set July as the deadline to introduce face recognition feature for the Aadhaar verification.
In January, the Aadhaar system was hacked by a self-proclaimed French cybersecurity expert who goes by the alias Elliot Alderson. Soon after, a leakage was reported after an unidentified group on WhatsApp shared links containing the login and the password details which enabled access to 1 Bn Indian citizens.
Also, a harsh rebuttal to the UIDAI’s claims of the Aadhaar security surfaced when a report claimed that “a data leak on a system run by a state-owned utility company Indane allowed anyone to download private information on all Aadhaar holders, exposing their names, their unique 12-digit identity numbers, and information about services they are connected to, such as their bank details and other private information”.
While the court case continues, the steps being taken by the UIDAI viz VID and face recognition, etc. to ensure the security and the privacy under the Aadhaar comes as a recluse for the Aadhaar system.
{{#name}}{{name}}{{/name}}{{^name}}-{{/name}}
{{#description}}{{description}}...{{/description}}{{^description}}-{{/description}}
Note: We at Inc42 take our ethics very seriously. More information about it can be found here.