wordpress blog stats
Connect with us

Hi, what are you looking for?

Now facial-based biometric authentication also permitted under e-KYC: Communications Ministry

As per a press release, SIM subscribers will have to do fresh KYC for SIM replacement wherein facial data may also be used in addition to thumb and iris-based biometric authentication.

What’s the news: Folks wanting to get a SIM replacement will now have to do a fresh KYC possibly with facial-based biometric authentication aside from thumb impression and iris-based authentication, as per a press release issued by the Union Ministry of Communications.

KYC reforms for individuals: As per the department press release, a subscriber has to now undertake complete KYC for the replacement of their SIM with a bar of 24 hours on outgoing & incoming SMS facilities.

“In addition to thumb impression and iris-based authentication in Aadhaar E-KYC process, facial based biometric authentication is also permitted,” said the Ministry.

Why it matters: The first time we heard of the telecom department gathering facial data was for the use of ASTR, a facial recognition system that allegedly ensures there is no duplication of SIMs. Aside from covering stories of how the use of ASTR hindered customer experience, MediaNama had also sent out RTIs to the government asking how this personal data was being handled and stored by the government. The government refused to reply claiming confidentiality of data. This means that we still don’t know what the government does with this facial data once the verification process is finished. The only silver lining this time is that it is made public that such data will be collected unlike in the case of ASTR.

Article continues below ⬇, you might also want to read:

Vaishnaw mum on individual KYC: The move for complete KYC of subscribers is part of two reforms announced by Communications Minister Ashwini Vaishnaw on August 17, 2023: KYC reforms and point-of-sale (PoS) registration reform. For the former, he talked at length about the need for verifying SIM card dealers and replacing bulk SIM card connections with “business connections.” However, news of permitting facial data for subscriber KYC was only mentioned in the press release.

What are business connections? Vaishnaw said the department will be discontinuing bulk SIM card connections to reduce the “20 percent misuse” of such SIMs given to companies or other entities for big events. Instead, he introduced business connections “for issuing of mobile connections to entities (for ex. company, organizations, trust, society, etc.) Entities can take any number of mobile connections subject to complete KYC of all of its end-users. SIM will be activated only after successful KYC of end users and physical verification of premise/address of the entity,” the press release said.

“Even in this business set-up, the one person to whom the SIMs are allocated will have to do his KYC,” said Vaishnaw in Hindi during the conference.

Police and biometric verification for SIM card dealers: According to the government, SIM card dealers have complicity in cyberfrauds. Vaishnaw claimed that the dealers do not carry out the verification that is legally required.

“They focus on selling the SIM by short-circuiting the verification process. To control this, we are making police verification and biometric verification mandatory for the dealer [by the licensee]. There will be compulsory registration of PoS dealers. By doing so, we will hold accountable anyone who sells SIM fraudulently or on the basis of fraudulent documents,” said Vaishnaw.

If a PoS indulges in any illegal activities, it will be terminated and blacklisted for three years. All existing PoS will be registered as per this process by Licensees within 12 months, said the Ministry. Further, dealers who fail to have their verification done will face a penalty of INR 10 lakh. He anticipated a significant reduction in SIM card-related cyber frauds over the next seven months or so.

How’s the government been doing in tackling cyber fraud?

As per the communications department, the government analysed around 114 crore active mobile connections using ‘Sanchar Saathi’ portal and ASTR tool and took the following actions:

  • Detected over 66 lakh suspected mobile connections
  • Disconnected more than 52 lakh mobile connections after failed re-verification
  • Blacklisted over 67,000 PoS
  • Blocked about 17,000 mobile handsets
  • Registered more than 300 FIRs against over 1,700 PoS
  • Blocked more than 66,000 WhatsApp accounts
  • Froze about 8 lakh bank/wallet accounts used by fraudsters

Yet in June, North Delhi cyber police reported the arrest of three people who had acquired 18 SIMs from a fourth person. How is this possible if the government’s ASTR facial recognition mechanism is scanning every SIM that is issued to people?

MediaNama’s take: When the government went public with this system, it boasted that ASTR had great success in catching such scamsters in Haryana. What prevented it from doing the same here in Delhi? And a bigger question is—if ASTR can end up missing such scams then what is the point of using such an invasive technology as a preventive measure in the first place? At the very least, does this now at least justify that some aspects need to be made public – such as its functioning – to understand how ASTR acts as a useful tool for public safety?

STAY ON TOP OF TECH NEWS: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!

Written By

I'm interested in the shaping and strengthening of rights in the digital space. I cover cybersecurity, platform regulation, gig worker economy. In my free time, I'm either binge-watching an anime or off on a hike.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...


Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...


RBI Deputy Governor Rabi Shankar called for self-regulation in the fintech sector, but here's why we disagree with his stance.


Both the IT Minister and the IT Minister of State have chosen to avoid the actual concerns raised, and have instead defended against lesser...


The Central Board of Film Certification found power outside the Cinematograph Act and came to be known as the Censor Board. Are OTT self-regulating...

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ