UIDAI is hoping to mitigate concerns over privacy and security of users under the Aadhaar biometric system by introducing 16-digit numbers, which will be randomly generated and mapped to users’ respective Aadhaar.
The Department of Telecom (DoT) has said Aadhaar will not be one of the 29 parameters required by telecom operators to validate the identity of their subscribers. The regulatory body directed all telecom operators in the country to develop a mechanism that employs virtual IDs in lieu of Aadhaar biometric data, thereby shifting to a “limited KYC” system for user verification.
In a circular dated June 12, DoT said UIDAI has proposed to introduce some changes in Aadhaar ecosystem and telecom operators must comply with these changes by adopting the mechanism of virtual ID, which will limit their access to user data, to increase security and privacy of users. The implementation of virtual ID is due on July 1, which will replace the need to produce the Aadhaar number with a random 16-digit number mapped to a user’s Aadhaar.
The virtual IDs is expected to be rolled out effectively by next month and UIDAI is pinning big hopes on it. UIDAI is hoping to mitigate concerns over privacy and security of users under the Aadhaar biometric system by introducing 16-digit numbers, which will be randomly generated and mapped to users’ respective Aadhaar.
The telecom operators have been categorised as local authentication user agencies by UIDAI, which means that only a part of the full KYC mechanism will be accessible to them. Furthermore, the telcos will not be allowed to store any information obtained via KYC process – either using Aadhaar or the imminent virtual ID system.
DoT, on the other hand, has taken the matter seriously and issued guidelines for KYC process conducted by telcos. The government body has said telcos will have to display the Aadhaar number of the user whose KYC process is underway but in a masked form. Telcos use a password overlay at the point of sale terminal when the KYC process is carried out. DoT has asked telcos to follow these instructions so that no Aadhaar data can be stored anywhere in systems, applications, and database.
The decision rules out the longstanding e-KYC process that required the display of Aadhaar number for user verification for mobile numbers. The customers were required to have their KYC done using Aadhaar to get a new SIM card or continue using their old number. However, a Supreme Court ruling earlier this year pushed back its decision on whether the Aadhaar number is mandatory for mobile number verification until further notice.