Red Faced, UIDAI Introduces New Virtual ID To Address Aadhaar Privacy Concerns

Joanna Estrada
January 14, 2018

A newspaper report had recently brought to the fore alleged Aadhaar data breach.

- A "Virtual ID" (VID) can only be generated by the Aadhaar number holder.

The UIDAI announced on Wednesday that Aadhaar card holders would now have a second layer of security - a 16-digit virtual ID (VID) which they could use to avail services instead of providing their 12-digit Aadhaar number.

The VID will be a temporary, revocable 16-digit random number mapped with the Aadhaar number.

So, UIDAI has added a way to actually hide the real Aadhaar ID and use the virtual ID. This is an effort to curb the number of people who will have access to the Aadhaar number. "The Aadhaar data, including biometric information, is fully safe and secure", the authority had said in a statement, calling the report in The Tribune "a case of misreporting". "Authentication may be performed using the Virtual ID in a manner similar to using Aadhaar number", a UIDAI circular said. The circular notes that VID, by design being temporary, can not be used by agencies for de-duplication. This, UIDAI hopes, will ensure that no one, except the holder, can access the person's Aadhaar number.

Starting 1st June, authorized agencies would be mandated to accept Virtual IDs for KYC or any other verification process. On December 21, it allowed Airtel to use Aadhaar for re-verification of its mobile customers till January 10 with stiff riders. Here's a Guide to Track Its Usage History!

"Aadhaar commenced to enable RESIDENTS of India to access basic services thru an identity".

Despite the government's attempts, critics have seemingly raised some rather valid concerns.

Local AUAs should make changes inside their systems to replace Aadhaar number within the databases with UID Token.

- Users can give this Virtual ID along with the fingerprint at the time of authentication.

Finally, some critics suggest that the new system does not adequately address the real problem, which is the inability of various government and private agencies to protect our data.

Here's a 9-point explainer on how Virtual ID is supposed to work - and if it addresses security concerns.

The decision to provide a temporary reprieve to Airtel on 21 December was taken after Rs138 crore of funds under the direct benefit transfer scheme were credited back to the original accounts of 5.6 million beneficiaries. This does not remove the financial fraud risk that Aadhaar poses. The idea is to minimise sharing of the actual Aadhaar number or demographic information. In this way, Aadhaar holder can control what data he/she wants to share with the agency that is providing a particular service.

Other reports by Click Lancashire

Discuss This Article