Two-tier security of Aadhaar:
Recently, Unique Identification Authority of India (UIDAI) introduced two new layers of security for Aadhaar-They are- Virtual ID and
- Limited KYC.
- These two security measures related to Aadhar are introduced in the light of the recent media reports alleging Aadhaar data leak for just Rs 500.
- The new two-tier security process will come into effect from June 1.
- The main aim of new security measures is to eliminate the need to share and store Aadhaar numbers, which an Aadhaar holder can use in lieu of his/her Aadhaar number at the time of authentication, besides sharing of ‘limited KYC’ with certain agencies.
What is Virtual ID (VID) in the proposed two-layer security of Aadhar?
- The main purpose of VID is to avoid sharing their Aadhaar number
- As per Unique Identification Authority of India virtual Id is a temporary 16-digit, randomly-generated number that an Aadhaar holder can use for authentication or KYC services along with his/her fingerprint instead in lieu of the Aadhaar number.
- There can only be one active and valid VID for an Aadhaar number at any given time and it will not be possible to derive the Aadhaar number from Virtual ID
- The VID together with biometrics of the user would give any authorized agency, say, a mobile company, limited details like name, address and photograph, which are enough for any verification.
How Aadhaar holder get VID?
- As per proposed security measure to generate VID to Aadhaar card holders can go to the UIDAI website and generate their VID
- The generated Virtual ID will be valid for a defined period of time, or till the user decides to change it.
- One user can generate as many VIDs as that they want and older virtual ID gets automatically cancelled once a fresh one is generated.
- UIDAI will be releasing the necessary Application Programming Interface (API) by March 1 and all agencies using its authentication and e-KYC services have been instructed to ensure Aadhaar holders can provide the 16-digit VIDs instead of Aadhaar number in their applications.
- All authentication bodies have to fully migrate to the new system by June 1, and those failing to meet the deadline will face financial disincentives.
What is limited KYC?
The main purpose of limited KYC is to regulate storage of Aadhaar numbers within various public and private databasesIn Limited KYC security measure UIDAI has categorised its Authentication User Agencies into two types. They are
- Global Authentication User Agencies
- Local Authentication User Agencies
- AUAs, whose services, by law are required to use Aadhaar number in their KYCs, will be categorised as Global AUAs and will enjoy access to full demographic details of an individual along with the ability to store Aadhaar numbers within their system. Agencies like Banks and income tax authorities will fall in this category.
- Local Authentication User Agencies will get access to only need-based or limited KYC details. They will neither get access to full KYC, nor can they store the Aadhaar number on their systems. For authentication purpose Local AUAs will get a tokenized number issued by UIDAI to identify their customers. The 72 character alphanumeric 'UID Token' for your Aadhaar number be different for every authentication body you approach.
- There for limited KYC allows an agency to ensure uniqueness of its beneficiaries, customers etc. without having to store the Aadhaar number in their databases while not being able to merge databases across agencies thus enhancing privacy substantially
Model Questions:
1. How many digits are the present Virtual ID in the proposed two layered security of Aadhar?a. 12b. 14
c. 16
d. 18
2. From which date two layered security of Aadhar came into force?
a. March 1st, 2018
b. April 1st, 2018
c. May 1st, 2018
d. June 1st, 2018
3. Authentication User Agencies are classified into how many types of new two layered security of Aadhar?
a. 2
b. 3
c. 4
d. 5
a. 2
b. 3
c. 4
d. 5
4. How many numbers of digits are present in Aadhar?
a. 10
b. 11
c. 12
d. 13
5. Recently under which article of the constitution Supreme court declares Right to privacy is a fundamental right?
a. Article-20
b. Article-21
c. Article-22
d. Article-23
a. 10
b. 11
c. 12
d. 13
5. Recently under which article of the constitution Supreme court declares Right to privacy is a fundamental right?
a. Article-20
b. Article-21
c. Article-22
d. Article-23