{"id":32117,"date":"2018-10-29T12:42:48","date_gmt":"2018-10-29T07:12:48","guid":{"rendered":"https:\/\/blog.forumias.com\/?p=32117"},"modified":"2018-10-29T12:42:48","modified_gmt":"2018-10-29T07:12:48","slug":"two-tier-shield-for-aadhaar-data","status":"publish","type":"post","link":"https:\/\/forumias.com\/blog\/two-tier-shield-for-aadhaar-data\/","title":{"rendered":"Two tier shield for Aadhaar data"},"content":{"rendered":"<p><a href=\"http:\/\/www.thehindu.com\/news\/national\/uidai-introduces-virtual-id-to-address-privacy-concerns\/article22411683.ece\"><strong>Two tier shield for Aadhaar data<\/strong><\/a><\/p>\n<p><strong>Context <\/strong><\/p>\n<p>In the wake of reports of an alleged breach of the Aadhaar database published in a newspaper last week, the Unique Identification Authority of India (UIDAI) has rolled out a new two-tier security process that will come into effect from June 1<\/p>\n<p><strong>What has been done?<\/strong><\/p>\n<p>Aimed at eliminating the need to share and store Aadhaar numbers, the UIDAI has introduced the concept of a <strong><u>virtual ID<\/u><\/strong> which an Aadhaar holder can use in lieu of his\/her Aadhaar number at the time of authentication, besides sharing of \u2018limited KYC\u2019 with certain agencies<\/p>\n<p><strong>What is a virtual ID?<\/strong><\/p>\n<ul>\n<li><strong>Temporary number<\/strong>: A Virtual ID (VID) will be a temporary 16-digit random number mapped with the Aadhaar number<\/li>\n<li><strong>Only one active VID<\/strong>: There can only be one active and valid VID for an Aadhaar number at any given time and it will not be possible to derive the Aadhaar number from VID<\/li>\n<li><strong>De-depulication not possible<\/strong>: The VID authentication will be similar to using Aadhaar numbers. However, since a VID is temporary, agencies will not be able to use it for de-duplication<\/li>\n<li>Only the Aadhaar holder will be able to generate a VID and no other entity, including authentication user agencies (AUAs), can do it on their behalf<\/li>\n<\/ul>\n<p><strong>Backdrop<\/strong><\/p>\n<p>The move follows a report in\u00a0<em>The Tribune\u00a0<\/em>newspaper that allegedly exposed a data breach in Aadhaar records<\/p>\n<p><strong>Other issues<\/strong><\/p>\n<p>While VID allows Aadhaar number holders to avoid sharing Aadhaar number, storage of Aadhaar number within various databases also needs to be further regulated<\/p>\n<ul>\n<li><strong>Limited KYC concept<\/strong>: To address the issue, the UIDAI has brought in the concept of limited KYC. It has categorised its AUAs into Global AUAs and Local AUAs wherein the latter will get access to only need based or limited KYC details\n<ul>\n<li>AUAs, which by law are required to use Aadhaar number in their KYCs, will be categorised as Global AUAs and have access to Full e-KYC and the ability to store Aadhaar numbers within their system<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>UID token<\/strong><\/p>\n<p>Once storage of Aadhaar number is restricted and since VID is temporary, agencies need a mechanism to uniquely identify their customers within their system<\/p>\n<ul>\n<li>For this, a <strong>72 character alphanumeric<\/strong> \u2018UID Token\u2019 will be generated for \u201csystem use\u201d<\/li>\n<li>UID token allows an agency to <strong>ensure uniqueness of its beneficiaries<\/strong>, customers etc. without having to store Aadhaar number in their databases<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Two tier shield for Aadhaar data Context In the wake of reports of an alleged breach of the Aadhaar database published in a newspaper last week, the Unique Identification Authority of India (UIDAI) has rolled out a new two-tier security process that will come into effect from June 1 What has been done? Aimed at&hellip; <a class=\"more-link\" href=\"https:\/\/forumias.com\/blog\/two-tier-shield-for-aadhaar-data\/\">Continue reading <span class=\"screen-reader-text\">Two tier shield for Aadhaar data<\/span><\/a><\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[555],"tags":[],"class_list":["post-32117","post","type-post","status-publish","format-standard","hentry","category-test-1","entry"],"jetpack_featured_media_url":"","views":{"total":0,"cached_at":"","cached_date":1704717208},"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/32117","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/comments?post=32117"}],"version-history":[{"count":0,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/32117\/revisions"}],"wp:attachment":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/media?parent=32117"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/categories?post=32117"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/tags?post=32117"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}