Aadhaar New 16-Digit Virtual Identity

Due to lot of hue and cry raised over issues of breach of privacy through the unique identification number AADHAAR, UIDAI has come up with a new tool of identification called Virtual Identity — or VID and limited KYC as a measure to safeguard Aadhaar cardholders data. It is expected to come into effect from March 1 and fully operational by 1st June 2018, however the details are yet to be out. Some questions and answers:

What is VID?

It will be a 16 digit number used to validate ones identity without giving Aadhaar number. It will be issued on the temporary basis with the certain period of validity after which it can be renewed, though the details on it are yet to come.

How it will be generated?

It can be generated through Aadhaar resident portal, Aadhaar Enrolment Centers, and the mAadhaar app. It does not require any documents except Aadhaar number. Once the system comes into place every agency has to provide the option of VID as well. Therefore the Aadhaar number holder can use VID in lieu of Aadhaar number whenever authentication or KYC services are performed. When you give your Virtual ID to an authentication agency, they will enter it into the system and then receive a UID token that authenticates it, and provides a limited set of demographic details, such as your name, phone number, address and so on.

How the above measures will help?

Currently collection and storage of Aadhaar number by many agencies like banks, financial institutions, and government to disburse benefits of social security schemes etc has raised a lot of concerns. Aadhaar number, if leaked out of the databank of any agency due to cyber attack etc, can intrude into the privacy of the individuals. It is because Aadhaar number can used to reveal various other signifiers about an individual as every information is now linked with it. Therefore the users may not be keen to use it with every agency. Now introduction of VID will ensure greater privacy, and limited access to the database. First, because VID will eliminate the need to share Aadhaar number with every agency as the user has the option to give VID for authentification of identity. Moreover, it will not be possible to derive Aadhaar number from VID. Also it cannot be be used by agencies for de-duplication as it is issued on temporary basis.

Besides this UIDAI has come up with the concept of limited KYC. It has been done by categorizing the Authentification user agencies (AUAs) like a bank etc. into global AUAs and local AUAs. Global AUAs will use Aadhaar number as a part of their KYC norms, thus, can store Aadhaar numbers within their system. And the Global AUAs will be decided on the basis of some law or guidelines as decided by the UIDAI. For example-a public sector bank or a telecom company can be global AUAs.

On the other hand, Local AUAs will have access to “Limited KYC” and not full KYC norms. They will only get a UID token issued by UIDAI which they can use to identify customers. It will be a a 72-character alphanumeric string, which is meant only for system usage. Each Aadhaar number will have a unique UID token for a particular AUA. It means the UID token of a particular AUA will be different from another AUA for each Aadhaar number. Therefore a Local AUA will authenticate the identity by relying on this UID token, not the Aadhaar number. Thus all local AUAs will need to set up the UID token system. It ensures uniqueness of its users by an agency without having to store the Aadhaar number in their databases while not being able to merge databases across agencies thus enhancing privacy substantially.

Challenges

There will be cases wherein many agencies already has the data of Aadhaar and If is declared as a local AUA then the circular says Local AUAs will have to change their systems to “replace Aadhaar number within the databases with this UID token. It will be a challenging task to do so and might cause implementation issues. Concerns are raised about the already stolen Aadhaar data which might be huge in number. For instance, the recent report by tribune regarding leak of Aadhaar data. Nothing has been done to secure it. Many people especially the poor have not yet linked themselves with the Aadhaar, thus, may be excluded in the long run of many welfare services. Now to get enrolled in another layer of VID will be a tremendous challenge for them.


Leave a Reply

Your email address will not be published. Required fields are marked *