Locking the stable after horses have bolted: Chidambaram on Aadhaar Virtual ID


The other development is the introduction of the new "virtual ID" to prevent Aadhaar from hacks and potential breaches.

So, here's a ready reckoner on these new features.

Now, while Nilekani himself has asserted that virtual IDs would be fool-proof, tech experts and Aadhaar critics say it's not going to be so.

The UIDAI, has also introduced the concept of "limited KYC" under which it will only provide need-based or limited details of a user to an authorised agency that is providing a particular service.

Where to get the VID? .

Users can generate as many Virtual IDs as he or she wants, but the newly generated ID will automatically cancel the older one.

Moreover, what about the Aadhaar numbers already leaked through portal access sales, which had given out the "unique" Aadhaar numbers to those with nefarious intentions, thereby exposing them to threats even in the future. "One OTP (One Time Password) comes to your mobile number registered in the Aadhaar database and then a 16-digit number is sent to you", he said.

The introduction of Virtual ID will reduce collection of Aadhaar numbers by various agencies.

Reported Liverpool target Lemar could leave Monaco, Jardim admits
The Gunners tried and failed with a £90million bid for the Frenchman on deadline day which scuppered Sanchez's move to the Etihad. However, 22-year-old Lemar decided that the move was happening too quickly and stayed in the principality.

This does not, however, mean that the earlier security system allowed profiling, but privacy concerns were raised because "may be at some later day, somebody may start linking Aadhaar number with various databases and then some profiling could be done", he added.

"Virtual ID will be a temporary, revocable 16 digit random number mapped with the Aadhaar number".

According to a report, the UIDAI claims that they are now busy working on a "Virtual ID" for months, and the declared was made at a time privacy concerns around Aadhaar peaked. The limited KYC categories will be "local AUAs". The first kind of authentication agency would include banks and income tax authorities and would be granted complete access to an individual's details. 210 government published at least 13 crore Aadhaar numbers in the past and the risk of people having these numbers already is very high. Instead, they will get a tokenised number issued by UIDAI to identify their customers. The 72 character alphanumeric "UID Token" for your Aadhaar number will reportedly be different for every authentication body you approach.

The deadline for this security layer is the same as that for VIDs, i.e. June 1.

Why did UIDAI feel the need for this new two-tier security system?

The UIDAI's and the government's cavalier attitude towards security in Aadhaar has been exposed many times over.

Vipin Nair, one of the advocates representing the petitioners who have challenged the Aadhaar Act in the Supreme Court said, "It is potentially a case of unmitigated chaos purely from an Information Technology perspective". Moreover, the survey, which had received over 15,000 votes, revealed that the public supports restricted access to biometric data. For any kind of verification with virtual ID, only name, address and photograph will be shared.