ALSO READMandatory Aadhaar threatens right to privacy: Amnesty and HRW report Securing Aadhaar: Letter to BS on UIDAI introduces 16-digit 'Virtual ID' Improved privacy UIDAI introduces 'Virtual ID' to avoid sharing of your Aadhaar number 'Aadhaar-less citizens can be eliminated': Fears around misuse by state coming true
Long before it brought in an extra firewall for privacy with the proposed virtual IDs, the Aadhaar-issuing authority UIDAI had set in place a 'biometric lock' as additional layer of protection against outside intrusions or breach. A lesser-known feature, the biometric lock in existing Aadhaar system is aimed at allowing users to safeguard or lock down their biometrics as and when they want. Aadhaar, which captures an individual's personal details along with biometrics like fingerprint and iris, has been mandated to be used for authentication of identity with banks and telecom companies, among others. The authentication for mobile SIM (subscriber identity module) verification, for instance, is done by providing the 12-digit identifier together with biometrics. The extent of Aadhaar usage can well be gauged from the fact thatan average of 4 crore authentications are being done on a daily basis, while over 1,500 authentication have taken place so far. But not many know or perhaps use a feature called the biometric lock that allows a user to seal or lock theirbiometric information. User can ring-fence their biometrics by simply going to theUnique Identification Authority of India (UIDAI) website or its app, and choosing the option and entering their Aadhaar number. A registered mobile number is essential to avail this service. Once the lock clicks into place and thesystem is enabled, it will simply not accept a biometric request,much like a physical lock blocking an unauthorised access. A user can unlock for specific transactions and then lock the biometrics back again. When residents enable biometric locking system, their biometric remains locked till the Aadhaar holder chooses to either unlock it (which is for a temporary period) or disable the locking system, an official said. UIDAI CEO, Ajay Bhushan Pandey says that the idea behind the facility was to "rule out" possibility of anyone even attempting to misuse biometric information. The Aadhaar-issuing authority expects the existing biometric lock feature along with new virtual ID facilitybeing rolled out in coming months to address various security and privacy concerns. The UIDAI, last week, announced the biggest overhaul of the system by allowing Aadhaar owners to create and use a virtual ID to avoidsharing their unique identity numbers, when using government and other services. Users will, from March 1, have the option of generating a 16-digit virtual identity mapped totheir Aadhaar number that can be shared with telecom companies and others at the time of authenticating their identity. From June 1, 2018, it will be compulsory for all agencies, which undertake authentication, to accept the virtual IDs fromtheir users. Agencies that do not migrate to the new system to offer this additional option to their users by the stipulated deadline, will face financial disincentives. The move aims to strengthen the privacy and security of Aadhaar data, and comes amid heightened concerns around thecollection and storage of personal and demographic data ofindividuals. As many as 119 crore biometric identifiers have been issued so far, and Aadhaar is required as an identity proof ofresidents by various government and non-government entities. For instance, the government has made it mandatory for verifying bank accounts and PAN to weed out black money and bring unaccounted wealth to book. The same for SIM has beenmandated to establish the identity of mobile phone users.