The Unique Identification Authority of India (UIDAI) has extended the deadline for the implementation of virtual ID, UID token and limited e-KYC (know your customer) for authentication user agencies (AUA), including banks and financial institutions, by three months to January-end. Earlier, the deadline for migration to the new system was 31 October.
The move comes in the wake of certain entities requesting the Aadhaar-issuing authority for more time to complete the migration to the new system as they were at various stages of implementation of the virtual ID, UID token and limited e-KYC, UIDAI said in a circular dated 1 November accessed by Mint.
The virtual ID is a 16-digit random number mapped with the Aadhaar number. It can only be generated, replaced or revoked by the Aadhaar-number holder. It has been introduced so that the actual 12-digit Aadhaar number need not be shared for authenticating identity. The move is part of UIDAI’s initiative to put in place a multilayered security system to reinforce the privacy of Aadhaar holders.
“UIDAI has received requests from various organizations/ departments that they are at various stages of implementation of virtual ID, UID Token and Limited e-KYC and need some more time to complete the migration to new APIs v2.5,” the circular said.
This is the second time that UIDAI has extended the timeline for implementation of virtual ID. In a circular dated 30 August, UIDAI had extended the initial 31-August deadline by two months to 31 October after it received requests from authentication agencies to extend the deadline as these entities were not yet ready to migrate to the new system.
The August circular had said that telecom companies and e-sign providers that had not been using the upgraded systems after 30 July would be charged ₹0.20 for every transaction.
UIDAI had in this circular also asked local AUAs, which will have limited access to Aadhaar data through a virtual ID, to delete all Aadhaar numbers in their databases by 31 December. The latest circular, however, does not provide any clarification on this.
UIDAI has introduced two categories of an Authentication User Agency—an entity engaged in providing Aadhaar-enabled services. Local AUA, which is the limited KYC category, and a global AUA, will have access to e-KYC using the Aadhaar number. An AUA may be a government, public or a private legal agency registered in India, which uses Aadhaar authentication services provided by UIDAI.
All banks, including commercial banks, payment banks, regional banks, rural banks, cooperative banks, small finance banks, life insurance companies, housing finance companies and the National Payments Corporation of India (NPCI), have been categorized as global AUAs. Prepaid payment instruments (PPIs), non-banking financial companies (NBFCs), telecom operators and non-life insurance companies are among those classified as local AUAs.
“As virtual ID is a critical measure for security and privacy of residents’ Aadhaar details and UIDAI shall be free to take action as per provisions of the Aadhaar Act 2016, its Regulations, AUA Agreement etc. but not limited to financial disincentives and termination of license key for failure to implement the virtual ID system by an AUA,” Thursday’s circular said.
All AUAs have been directed to make necessary changes to accept virtual ID in their front-end client application and UID token at back-end system immediately, the circular added.
On Tuesday, UIDAI said that it would establish Aadhaar Seva Kendras across the country within the next few months aimed at providing Aadhaar-related services such as enrolment.
The move will include shifting of enrolment centres at private places to banks, post offices and government premises operated by UIDAI officials. Over the last few years, the UIDAI had been facing a backlash over security of Aadhaar details of people who go to private Aadhaar centres.
There are more than 1.22 billion Aadhaar number holders in the country.