The Aadhar Card, India’s most recent attempt at a universal form of identification, continues to find itself being of modified use across the numerous services that require customer authentication in India. In the latest concerns raised by non-banking financial companies (NBFCs), the Aadhar card, issued by the Unique Identification Authority of India (UIDAI) has been given an added layer of a security mask in the form of a Virtual ID (VID).
This Virtual ID, 16 digits in length, can be quoted in place of the Aadhar Card Number and was created to offer an additional level of security against the potential misuse of the sensitive data, like fingerprints and retinal scan data, that can be accessed as part of the Know Your Customer (KYC) aspect of being able to avail of services with key institutions.
On 16th May, the UIDAI issued a circular in which it stated that it had segregated those business entities that were in need of the data to verify customer identification and perform other basic types of verification into Global Authentication User Agencies, and Local Authentication User Agencies. Banks fall into the first category, and will be allowed to access Aadhar details in an effort to authenticate customers. However, NBFCs fall into the second category, and they have complained that being forced to deal with only the VID will burden them with the additional costs of having to adopt measures outside of the Aadhar card verification to ensure that their customers are who they say they are.
At present, the Supreme Court is still hearing a series of petitions that question the validity of the Aadhar Card as a form of universal identification.