UIDAI urges verification entities to adhere to Aadhaar usage hygiene
The Unique Identification Authority of India (UIDAI) has issued a set of guidelines to Offline Verification Seeking Entities (OVSEs) highlighting several usage hygiene issues, better safety mechanisms at users level, and ways to further enhance residents’ trust while using Aadhaar voluntarily for lawful purposes.
Entities have been informed to perform verification of Aadhaar after explicit consent of the Aadhaar number holder. These entities need to be courteous to residents and assure them about the security and confidentiality of their Aadhaar while conducting offline verification.
Entities must maintain the log/record of the explicit consent received from residents for any future audit by UIDAI or any other legal agency thereof.
UIDAI has also asked OVSEs to verify Aadhaar via the QR Code present on all four forms of Aadhaar (Aadhaar letter, e-Aadhaar, m-Aadhaar and Aadhaar PVC card) instead of accepting Aadhaar in physical or electronic form, as a proof of identity.
Offline verification is the use of Aadhaar for carrying out identity verification and KYC processes locally, without connecting to the Central Identities Data Repository of UIDAI. The organizations conducting offline verification of an Aadhaar number holder for a lawful purpose are called OVSEs.
Entities have been urged to ensure that no services are denied to any resident for refusing to or being unable to undergo offline verification of Aadhaar, provided the resident is able to identify himself/ herself through other viable alternatives. It has been underlined that OVSEs need to provide residents viable alternative means of identification in addition to Aadhaar, for rendering service.
Verification entities, generally should not collect, use or store Aadhaar number of the resident after having conducted offline verification of Aadhaar, UIDAI has informed OVSEs. Post verification, if the OVSE finds it necessary for any reason, to store a copy of Aadhaar, the OVSE must ensure that Aadhaar number is redacted/masked and irretrievable.
Any Aadhaar can be verified using the QR code available on all forms of Aadhaar (Aadhaar letter, e-Aadhaar, Aadhaar PVC card, and m-Aadhaar) using mAadhaar App, or Aadhaar QR code Scanner. Tampering of Aadhaar documents can be detected by offline verification, and tampering is a punishable offence and liable for penalties under Section 35 of the Aadhaar Act.
In case, they notice any misuse of information, verification entities need to inform UIDAI and the resident concern within 72 hours. UIDAI has cautioned OVSEs not to perform offline verification on behalf of any other entity or person and ensure full cooperation to the Authority or law enforcement agencies in case of any investigation involving misuse of Aadhaar.