In a bid to address privacy concerns, the Unique identification Authority of India (UIDAI) today announced the introduction of `Virtual ID' for Aadhaar-card holders - a new concept under which Aadhaar-card holder can generate IDs from its website for various uses, including SIM verification, instead of sharing the actual 12-digit biometric ID.
The Virtual ID will be a temporary and revocable 16-digit random number mapped to a person's Aadhaar number.
The move aims to strengthen the privacy and security of Aadhaar data and comes amid heightened concerns around the collection and storage of personal and demographic data of individuals.
The UIDAI also introduced the concept of 'limited KYC', under which it will only provide need-based or limited details of a user to an authorised agency that is providing a particular service, say, a telco.
The UIDAI is instructing all agencies using its authentication and eKYC services to ensure Aadhaar holders can provide the 16-digit Virtual ID instead of Aadhaar number with their application.
Virtual Aadhaar IDs will give users the option of not sharing their Aadhaar number at the time of authentication.
The Virtual ID, which would be a random 16-digit number, together with biometrics of the user would give any authorised agency like a mobile company, limited details like name, address and photograph, which are enough for any verification.
A user can generate as many Virtual IDs as he or she wants.
The older virtual ID will be automatically cancelled once a fresh one is generated. The Virtual ID will be mapped to a person's Aadhaar number and UIDAI will start accepting Virtual IDs from 1 March 2018.
From 1 June 2018 it will be compulsory for all agencies that undertake authentication to accept the Virtual IDs from their users.
Agencies that do not migrate to the new system to offer this additional option to their users by the stipulated deadline will face financial disincentives.
Users can go to the UIDAI website to generate their virtual ID, which will be valid for a defined period of time, or till the user decides to change it.
They can give this Virtual ID to service agencies along with the fingerprint at the time of authentication.
Since the system generated Virtual ID will be mapped to an individual's Aadhaar number itself at the back end, it will do away with the need for the user to share the actual Aadhaar number for authentication.
It will also reduce the collection of Aadhaar numbers by various agencies.
As per the UIDAI, agencies that undertake authentication would not be allowed to generate the Virtual ID on behalf of Aadhaar holder.