The Unique Identification Authority of India has launched its “Virtual ID” system for the country’s national biometric ID program, Aadhaar.
First announced in January, the system’s name is a little bit misleading: Virtual ID is essentially a tokenization system, allowing citizens to convert their 12-digit Aadhaar ID number into a 16-digit proxy that can be used for authentication. The idea is of course to help protect genuine Aadhaar credentials from identity theft and other fraud threats.
There are some issues with the system. The biggest one is that nobody supports it: While the UIDAI launched the service on Monday, third party organizations have until June 1st to enable support, and so far no businesses have come forward to announce VID compatibility.
The other issue is that only one Virtual ID number can be generated per day, a restriction that doesn’t “make much sense,” as one computer science professor told the Business Standard. In theory, this single VID could be used to authenticate with multiple different services in a single day, but it isn’t clear why the UIDAI decided not to allow the generation of multiple VIDs per day, which would seem to offer citizens greater security.
The VID arrives amid a legal fog surrounding the Aadhaar program, with the implications of a Supreme Court ruling finding privacy to be a fundamental right still unclear with respect to citizen data used in Aadhaar, and another ruling from last month indefinitely extending a government deadline to make Aadhaar authentication mandatory for a range of services.
April 6, 2018 – by Alex Perala