wordpress blog stats
Connect with us

Hi, what are you looking for?

, , ,

Late by a month, UIDAI’s Aadhaar Virtual ID is finally live

Aadhaar

The UIDAI website now has a page for generating VID numbers. According to information provided in the announcement of Virtual IDs made hastily in the wake of The Tribune data breach report, the Virtual ID is a randomly generated 16 digit number that can be used for authentication in the place of an individual’s actual Aadhaar number. The number is, in reality, a 15 digit number, with the last digit being a check digit as per the Verhoeff algorithm, which is a checksum formula for error detection.

According to the original announcement, an Aadhaar holder can generate a Virtual ID for themselves to use or revoke it (after a UIDAI specified minimum period) at any time they wish. However, only one Virtual ID can be used per Aadhaar number at any given time.

According to the announcement, the VID was to be launched on the 1st of March, 2018 and APIs were to be provided in order to integrate the VID. The government was vague on the implementation or details long past the due date.

At the moment, the VID generator page on the UIDAI website appears to provide options to generate or retrieve a VID after OTP authentication of the Aadhaar. However, it is still unclear where the VID numbers can be used and where they cannot be used.

There does not appear to be an official announcement to this effect, though according to Dr. Ajay Bhushan Pandey’s statements in court, it appears that Income Tax would be one purpose that would require the real Aadhaar, while telecom operators are not considered to be entities that require the real Aadhaar numbers. Dr. Pandey also had said at that time that the use of Virtual ID would prevent aggregation of data across databases using Aadhaar.

MediaNama’s take

The Virtual ID appears to be a lot like shutting the stable door after the horse has bolted. Or, to use a more “internet” metaphor, storing your real credit card on a shopping site profile, but using a “one time use” virtual card to make purchases and calling it “security”. The Aadhaar number has been proliferated across databases already, and the use of a Virtual ID cannot undo this. Everything linked with the real Aadhaar number so far will remain vulnerable to exploitation, and by the UIDAI’s own admission and the government and service providers’ relentless coercion, the Aadhaar is mostly already linked for the majority of citizens.

Advertisement. Scroll to continue reading.

Justice Sikri’s question to Dr Pandey from the Supreme Court hearing also becomes important here. In a country where Aadhaar based money transfers are being promoted because debit cards are too difficult for the masses, how can the masses be expected to manage a Virtual ID securely? Those who cannot permanently remain at risk from the deleterious effects of Aadhaar on privacy and the Virtual ID cannot be considered to mitigate this risk for those with Aadhaar numbers already on record in various places.

Additionally, the implementation of the Virtual ID is unclear. When services are allowed to store the Aadhaar number – and now Virtual ID – of individuals, what happens when the Virtual ID is revoked by the individual? Does this mean that revocation will require repeated authentication with all services linked with the Aadhaar using the Virtual ID? Does this mean that the revoked Virtual IDs will remain as incorrect data on the servers of services (in which case, what is the purpose of allowing them to be stored at all?) Will they be automatically updated (which would defeat the purpose of revocation)? Something else?

At this stage, it is unknown where a Virtual ID can be used, even though the UIDAI has provided a generator to generate one.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

By Rahul Rai and Shruti Aji Murali A little less than a year since their release, the Consumer Protection (E-commerce) Rules, 2020 is being amended....

News

By Anand Venkatanarayanan                         There has been enough commentary about the Indian IT...

News

By Rahul Rai and Shruti Aji Murali The Indian antitrust regulator, the Competition Commission of India (CCI) has a little more than a decade...

News

By Stella Joseph, Prakhil Mishra, and Surabhi Prabhudesai The recent difference of opinions between the Government and Twitter brings to fore the increasing scrutiny...

News

This article is being posted here courtesy of The Wire, where it was originally published on June 17.  By Saksham Singh The St Petersburg paradox,...

You May Also Like

News

The UIDAI’s request comes in the wake of recently proposed amendments to the Cinematograph Act which would give the government powers that are making filmmakers...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ