Virtual ID for Aadhaar: How the new security feature works


Since the system-generated VID will be mapped to an individual's Aadhaar number at the back end, it will do away with the need for the user to share Aadhaar number with sundry service agencies.

The Unique Identity Authority of India (UIDAI) has extended the temporary permission it gave to Bharti Airtel for using biometric identity for re-verification of its mobile customers, till March 31. The UIDAI said the Virtual ID software would be released by March 1.

Existing Aadhaar numbers can be replaced with corresponding UID token by doing demographic match using authentication API.

While Nilekani had shrugged off the potential harm posed by his own tweet, even though he was alerted by tech specialists a number of times, he did in fact delete it months before the Aadhaar Act was passed in September 2016, which made publishing Aadhaar information online a criminal offence. This ID will be used to authenticate Aadhaar users through a new authentication method that UIDAI is calling Limited KYC.

Users can give their Virtual ID to service providers along with fingerprints at the time of authentication.

In the midst of the prevailing hullabaloo over the vulnerability of Aadhar - a citizen's unique identity data in India - the government has come up with an additional security feature that it claims will address the people's concerns.

People can go to the UIADAI website to generate their virtual ID which will be valid for a short period of time or till the user decides to change it.

"Aadhaar number holder can use Virtual ID in lieu of Aadhaar number whenever authentication or KYC services are performed".

In its place, a random and temporary 16-digit Virtual ID number would be generated, which the consumer can use in place of Aadhaar with authorised telecom service providers. "VID is revocable and can be replaced by a new one by Aadhaar number holder after the minimum validity period set by UIDAI policy", the authority added.

Putting up a robust defence of the ambitious scheme of providing a 12-digit unique identity number to the citizens of the country, Union Law minister Ravi Shankar Prasad said finger print and iris data stored in the Aadhaar system are safe and secure and can not be breached even by "billions of efforts".

"The new virtual ID is untested and unworkable". It can be generated only by the Aadhaar number-holder via the UIDAI website, Aadhaar enrolment centre, or its mobile application.

Finally, some critics suggest that the new system does not adequately address the real problem, which is the inability of various government and private agencies to protect our data. The current deadline for linking Aadhaar with multiple utilities is March 31. The hurry with which it was turned into a national ID system for over a billion Indians is now evident, with a new issue staring at UIDAI's face every day.