The telecom department has instructed telecom providers to be ready for allowing users to provide Virtual ID instead of Aadhaar for e-KYC registration of SIM cards, ETTelecom reports. To recap, Virtual ID is UIDAI’s anonymized one-time token for Aadhaar that users can use to authenticate themselves instead of the Aadhaar number itself. This allows telecom operators to authenticate users without asking them for their Aadhaar numbers, and DoT’s rules around it essentially forbids telcos from ever storing consumers’ Aadhaar numbers — or even their Virtual ID numbers.

[Read the telecom department’s order]

Do Virtual IDs work?

From our earlier post on VID’s effectiveness:

Another critical issue that the virtual ID system fails to address is the usage of paper-based Aadhaar copies something that happens a lot in rural parts of the country. “This still doesn’t solve the issue of non-electronic or paper usage, which is something most people use. That is the primary source of abuse and leakages,” co-founder of Internet Freedom Foundation Kiran Jonnalagadda said. “Loopholes still exist, this does not solve anything.”

A virtual ID can only be generated if an Aadhaar holder has access to the UIDAI’s website. Around two-thirds of the country’s population is not online and therefore the virtual ID feature fails to address them.

The core issue, of details which have already been leaked also remains unsolved, “At least 13 crore Aadhaar numbers were published by 210 government in the past and the risk of people having these numbers already is very high. UIDAI needs to re-issue fresh Aadhaar numbers to solve the problem, which is highly unlikely,” says Srinivas Kodali, an independent security researcher.