{"id":187599,"date":"2022-06-01T21:08:13","date_gmt":"2022-06-01T15:38:13","guid":{"rendered":"https:\/\/blog.forumias.com\/?p=187599"},"modified":"2022-06-01T21:08:13","modified_gmt":"2022-06-01T15:38:13","slug":"questioning-the-safety-of-aadhaar","status":"publish","type":"post","link":"https:\/\/forumias.com\/blog\/questioning-the-safety-of-aadhaar\/","title":{"rendered":"Questioning the safety of Aadhaar"},"content":{"rendered":"\n

News<\/strong>: Two days after issuing an advisory asking people to refrain from sharing photocopies of their Aadhaar Card, the Unique Identification Development Authority of India (UIDAI) has opted to withdraw the notification.<\/p>\n

It stated that the action was to avert any possibility of \u2018misinterpretation\u2019 of the (withdrawn) press release, asking people to exercise \u201cnormal prudence\u201d in using\/sharing their Aadhaar numbers.<\/p>\n

What did the UIDAI advisory say?<\/b><\/h5>\n

It had suggested holders to use a masked Aadhaar card instead of the conventional photocopy<\/strong>, adding that the document must not be downloaded from a cybercaf\u00e9 or public computer and, if done for some reason, must be permanently deleted from the system.<\/p>\n

–<\/strong> \u2018Masked Aadhaar\u2019 hides the first eight digits<\/strong> of the twelve-digit ID with \u2018XXXX\u2019 characters.<\/p>\n

The notice informed that only entities possessing a \u2018User Licence\u2019 are permitted to seek Aadhaar for authentication purposes<\/strong>. Private entities like hotels or film halls cannot collect or keep copies of the identification document.<\/p>\n

What does the law say? \u00a0<\/b><\/h5>\n

The Aadhaar (Targeted Delivery of Financial and Other Subsidies Benefits and Services) Act, 2016<\/strong><\/em> makes it clear that Aadhaar authentication is necessary for availing subsidies, benefits and services<\/strong> that are financed from the Consolidated Fund of India.<\/p>\n

–<\/strong> In the absence of Aadhaar, the individual is to be offered an alternate and viable means of identification to ensure she\/he is not deprived of the same.<\/p>\n

–<\/strong> Separately, Aadhaar has been described as a preferred KYC (Know Your Customer) document but not mandatory<\/strong> for opening bank accounts, acquiring a new SIM or school admissions.<\/p>\n

The requesting entity would have to obtain the consent of the individual<\/strong> before collecting his\/her identity and ensure that the information is only used for authentication purposes on the Central Identities Data Repository (CIDR).<\/p>\n

–<\/strong> This centralised database contains all Aadhaar numbers and holder\u2019s corresponding demographic and biometric information.<\/em><\/p>\n

UIDAI does not receive or collect the holder\u2019s bank, investment or insurance details.<\/p>\n

The Aadhaar Act forbids sharing Core Biometric Information<\/strong> (such as finger print, iris scan, among other biometric attributes)<\/em> for any purpose other than Aadhaar number generation and authentication.<\/p>\n

The Act makes it clear that the authenticated information cannot be used for anything other than the specified purpose<\/strong>. More importantly, no Aadhaar number (or enclosed personal information) collected from the holder can be published, displayed or posted publicly.<\/p>\n

Identity information or authentication records would only be liable to be produced pursuant to an order of the High Court or Supreme Court<\/strong>, or by someone of the Secretary rank or above<\/strong> in the interest of national security<\/strong>.<\/p>\n

Is identity theft via Aadhaar possible?<\/b><\/h5>\n

In 2017, the UIDAI in response to an RTI stated that more than 200 central and State government websites publicly displayed details of some Aadhaar beneficiaries such as their names and addresses. This was made possible by the lack of robust encryption. This data could be potentially used to fraudulently link the rightful beneficiary\u2019s Aadhaar with a distinct bank account<\/strong>, embezzling the beneficiary by impersonation, made possible by the sizeable identity documents available.<\/p>\n

CIS states that brokers are known to buy tonnes of Aadhaar documents from mobile shops and other places where the identification document is shared. Additionally, there have been instances where employees of service providers were caught stealing biometric information collected solely for Aadhaar authentication.<\/p>\n

What are some of the structural problems that the UIDAI faces? \u00a0<\/b><\/h5>\n

The Aadhaar Data Vault is where all numbers\u00a0collected by authentication agencies are centrally stored. Its objective is to provide a dedicated facility for the agencies to access details only on a need-to-know basis.<\/p>\n

Comptroller and Auditor General of India\u2019s (CAG) latest report stipulated that UIDAI neither\u00a0specified any encryption algorithm (as of October 2020) to secure the same nor a mechanism<\/strong> to illustrate that the entities were adhering to appropriate procedures. It relied solely on audit reports provided to them by the entities themselves.<\/p>\n

Further, UIDAI\u2019s unstable record with biometric authentication<\/strong> has not helped it with de-duplication efforts, the process that ensures that each Aadhaar Number generated is unique.<\/p>\n

The CAG\u2019s report stated that apart from the issue of multiple Aadhaars to the same resident<\/strong>, there have been instances of the same biometric data being accorded to multiple residents<\/strong>.<\/p>\n

Biometric authentications can be a cause of worry, especially for disabled and senior citizens with both the iris and fingerprints dilapidating.<\/p>\n

Though the UIDAI has assured that no one would be deprived of any benefits due to biometric authentication failures, the absence of an efficient technology<\/strong> could lead to frauds.<\/p>\n

Source<\/strong>: This post is based on the article \u201cQuestioning the safety of Aadhaar<\/strong>\u201d published in The Hindu<\/strong> on 1st June 22<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"

News: Two days after issuing an advisory asking people to refrain from sharing photocopies of their Aadhaar Card, the Unique Identification Development Authority of India (UIDAI) has opted to withdraw the notification. It stated that the action was to avert any possibility of \u2018misinterpretation\u2019 of the (withdrawn) press release, asking people to exercise \u201cnormal prudence\u201d… Continue reading Questioning the safety of Aadhaar<\/span><\/a><\/p>\n","protected":false},"author":10328,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1230,9],"tags":[212,10498],"class_list":["post-187599","post","type-post","status-publish","format-standard","hentry","category-9-pm-daily-articles","category-public","tag-gs-paper-2","tag-the-hindu","entry"],"jetpack_featured_media_url":"","views":{"total":0,"cached_at":1700807760,"cached_date":1704855105},"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/187599","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/users\/10328"}],"replies":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/comments?post=187599"}],"version-history":[{"count":0,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/187599\/revisions"}],"wp:attachment":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/media?parent=187599"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/categories?post=187599"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/tags?post=187599"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}