UIDAI introduces two-layer security system post reports of Aadhar breach

Days after a report by Tribune claimed a data breach in the Aadhaar database, the Unique Identification Authority of India (UIDAI) introduced a 2-level safety net.

a.)     By creating a Virtual ID

b.)    Limiting Know Your Customer (KYC) – for the 12-digit biometric code.

ET Now reported, the two moves will cover Aadhaar users from any further breach.

How does this work?

The virtual ID will replace your Aadhaar number at the time of authentication. The ID will be a 16-digit, randomly-generated number, that will be used for authentication instead of your Aadhaar number. No one will be able to locate your Aadhaar based on this ID.

All agencies will shift to the new system by June 1.

Limited KYC access will provide agency-specific UID to do away with agencies from storing your Aadhaar number. The agencies will now build their own KYC database without depending on your Aadhaar. They will identify users with tokens.

The move comes a day after an RBI-backed research note pointed out some serious fears about Aadhaar. A study by a think tank associated with the RBI said Aadhaar in its current form is sitting duck for cyber criminals.

Aadhaar faces several challenges in the near future. The primary task is to protect the data from snooping and disproportionate revenue seeking excess of the business world. It is well-known that businesses are gradually operating in a highly competitive world in which ethical borders are rapidly being pulled down. The problem is compounded because they must satisfy their shareholders in a competitive business environment that rarely looks beyond the quarterly profits and the operational dynamics of stock market listing, a note by Reserve Bank claimed.

However, the note said, cyber weaknesses of Aadhaar are a bigger concern than the possible commercial misuse of data.

Feedback welcome!