Today, Aadhaar has become one the most reliable pieces of identity proof for a resident. The acceptability of Aadhaar has also become ubiquitous, both in the domains of government and private sector user schemes & services.
Since the first Aadhaar came into being in Sep 2010, more than 135 crore Aadhaars have been issued till date. When it comes to putting Aadhaar to use, there are about 177 authentication user agencies registered with UIDAI, including both public and private entities, that carry out more than 6 crores of online Aadhaar authentications daily for rendering various user services that require authentication of an individual’s identity in real-time and in a non-repudiable way.
Dos and Don’t for agencies seeking offline verification of Aadhaar
Apart from online authentication of Aadhaar done by entities registered with UIDAI (called as Requesting Entities-RE), there are also offline means available to verify Aadhaar. Offline verification is the use of Aadhaar for identity verification and carrying out KYC process locally, without sending data to and receiving response from UIDAI online. The organizations desirous of conducting offline verification of an Aadhaar number holder without doing any registration with UIDAI are known as Offline Verification Seeking Entities(OVSE).
Offline verification of Aadhaar involves validation of UIDA/’ digital signature present either within the secure QR code (displayed on Aadhaar letter, e-Aadhaar, Aadhaar PVC card, m-Aadhaar) containing the resident’s Aadhaar data or the paperless offline e-KYC XML file. A resident may voluntarily use the Aadhaar number to establish his/her identity by way of offline verification by an OVSE
While usage of Aadhaar, especially offline usage, has enormously expanded, it has been observed that many a time, the OVSEs (and also REs, in some cases) resort to collection of physical copies of Aadhaar letter or e-Aadhaar and also, without conducting verification (authentication, in case of an RE) of Aadhaar document presented. Some agencies have also been found to have very little awareness about their obligations as enshrined in the Aadhaar Act, 2016 and amendments & regulations thereof.
While it is important that offline usage of Aadhaar is promoted in still greater number of areas & use-cases in the country, employing the prescribed ways & means of using Aadhaar is essential to ensure that basic essence & purpose of it is not lost. In the same vein, compliance to the laws/rules/regulations governing usage of Aadhaar cannot be compromised in any way.
In this context, a public circular listing out some of the important Dos and Don’t for Offline Verification Seeking Entities (OVSE) was recently published by UIDAI. A copy of the same is enclosed herewith for your kind reference.
Following are the Dos and Don’ts to be followed by the OVSEs: Dos:-
Be courteous to residents. Assure the resident about the security & confidentiality of their Aadhaar being used for offline verification.
Be sure to carry out offline verification of Aadhaar (as per para 2 above) prior to accepting it as proof of identity. This applies to all modes of offline usage of Aadhaar, ie. secure QR Code on Aadhaar Letter (or copy thereof) / c-Aadhaar/ m-Aadhaar or in the Aadhaar Paperless Offline c-KYC (XML.). as the case may be.
Carry out offline verification of Aadhaar only for the lawful purpose specified to the Aadhaar number holder along with his/ her explicit consent for verification taken either in physical or electronic form. Maintain logs/ records of the consent for any future audit by UIDAl or any agency thereof.
Provide the resident, desirous of availing any service from OVSE, other viable alternative means of identification, in addition to Aadhaar, as required for rendering the service.
Ensure that Aadhaar data collected is not shared with any entity except in accordance with the Aadhaar Act and/or regulations thereof.
Ensure that no service is denied to any resident for refusing to or being unable to undergo offline verification of Aadhaar provided that the resident is able to identify himself/ herself through other viable alternative means. as suggested by the OVSE.
Ensure full cooperation to the Authority, or any agency appointed or authorized by it or any other authorized investigation agency, in case of any fraud investigation involving Aadhaar.
Do inform the Authority and the adhaar number holder, without undue delay and in no case beyond 72 hours after having knowledge of misuse of any information or systems related to the Aadhaar framework or any compromise of Aadhaar related information.
Ensure strict compliance to the Aadhaar Act and Regulations and to any other directions received from UIDAI from time to time, with respect to obligations of OVSEs.
Do not accept an Aadhaar number, in physical or electronic form, as a proof of identity for a lawful purpose, without first verifying the digital signature of the Authority as provided in the Aadhaar Secure QR Code on Aadhaar Letter or e-Aadhaar or m-Aadhaar or Aadhaar Paperless Offline e-KYC (XML.), as the case may be.
Do not perform verification of Aadhaar without explicit consent of the Aadhaar number holder in the form & manner as prescribed.
Do not perform offline verification on behalf of any other entity or person.
Do not collect, use or store Aadhaar number or biometric information of the resident after having conducted offline verification of Aadhaar. Post verification, if the OVSE finds it necessary for any reason, to store a copy of Aadhaar letter/e-Aadhaar, the OVSE must ensure that Aadhaar number is redacted/ masked and irretrievable through any means by any entity, including by OVSE itself.
For the Latest Educational News (CBSE, ICSE, and State Board News) and live news updates, like us on Facebook or follow us on Twitter and Join our Premium Telegram Channel. Read more on Latest Exams & Results News on Shikshapress.com.