June 14, 2018
The Department of Telecom (DoT) released a circular on Tuesday asking all telecom operators to work on a mechanism that employs Virtual IDs instead of the sensitive biometric data. This step will help UIDAI restrict the massive flow of data to major telecom companies. The companies will now have to use Virtual IDs and Limited KYC, which essentially mask user data and hence avoids blatant sharing of sensitive data.
The implementation of this new service launched by UIDAI is due on July 1. Telecom companies are expected to make the necessary changes in their data verification method.
What is a Virtual ID?
The virtual ID will be a combination of 16-digits which will be used to mask the Aadhaar data. This set of random number can be used by the Aadhaar holder in lieu of his/her Aadhaar number. This step avoids the need on sharing any personally identifiable information during the time of authentication.
What is Limited KYC?
This service does not return Aadhaar number. Instead, it provides “agency specific” unique UID token to eliminate any the scope of agencies storing the number. At the same time, this process will provide access to paperless KYC.
In order to streamline the shift, the DoT has released a set of guideline for the telcos. Telecom operators will be registered under as local authentication user agencies. These agencies won’t get complete access to KYC process.
The telcos will have to display the Aadhaar number masked by the unique virtual ID during the authentication process at the point of sale (PoS). Furthermore, the companies won’t be allowed to store any of the data anywhere in the systems, applications and any other database.
Earlier, companies demanded the Aadhaar data during the e-KYC process which included the Aadhaar number and even biometric verification. Earlier, a Supreme Court ruling pushed back the decision on Aadhaar being compulsory for mobile number verification.