In the light of ecent reports of breach of Aadhaar data-base, the Unique Identification Authority of India (UIDAI) has come up with a new two-tier security process that will come into effect on June 1.
The concept underlying the new mechanism is to avoid the need to share and store Aadhaar numbers, for which the UIDAI has introduced a virtual ID which a card holder can use in lieu of his or her Aadhaar number at the time of authentication, besides sharing of 'limited KYC' with certain agencies.
As per a Ministry of Electronics and IT circular, "While it is important to ensure that Aadhaar number holders can use their identity information to avail many products and services, the collection and storage of Aadhaar numbers by various agencies has heightened privacy concerns."
The move follows a recent report in The Tribune newspaper that allegedly exposed a data breach in Aadhaar records.
The new security feature will consist of a Virtual ID (VID) carrying a temporary 16-digit random number linked to the Aadhaar number. There can only be one active and valid VID for an Aadhaar number at any given time and it will not be possible to derive the Aadhaar number from VID, the circular said.
The VID authentication will be similar to using Aadhaar numbers. Therefore, those who use the VID number will provide a valid proof of having Aadhaar, at the same time not having to part with all data by producing an Aadhaar number.
However, since a VID is temporary, agencies will not be able to use it for de-duplication.