Following Reports Of Data Leaks, UIDAI To Introduce ‘Virtual Aadhaar’ To Strengthen Privacy

Following several reports of data leaks, the government has said that it will introduce a virtual identification number for Aadhaar that will help strengthen the privacy of users' data.

In a circular, the Unique Identification Authority of India (UIDAI) said that the virtual number would give the users the ability to give out a randomly generated sixteen digit-long ‘token’ that would be mapped to their Aadhaar number (unique ID or UID) to avail of welfare schemes and to complete Know Your Customer (KYC) norms.

The Virtual ID (VID) will be a sixteen digit number, mapped to the original UID, but cannot be used to derive the UID. For a given UID, only one VID will be active at a point in time and can be revoked at any point in time by the user. The VID can then be used for verification and e-KYC. Further, the VID cannot be generated by any agency on behalf of the user and due to its temporary nature cannot be duplicated.

In order to regulate who has access to the Aadhaar data, the UIDAI has also introduced the concept of Limited KYC under which Authentication User Agencies (AUAs) fall under two categories – global AUAs who require the data to be stored per laws and local AUAs who will not be able to store the data.

All agencies have been asked to update their systems before the new authentication system is put in place by 1 March. The new system will be fully functional by 1 June.