With the government making Aadhaar card mandatory for almost most the services, companies, be it public or private, are using Aadhaar as the KYC document to authenticate their customers before providing any services. The new safety standards were introduced from June 1. This new security system is a layer of the already existing security system so as to make the existing one more secure.
The UIDAI claims to use the highest cryptography encryption. Thus any sort of tampering will be detected with the help of a built-in mechanism. The biometric information includes fingerprint scan or an iris scan of an individual given at the time of Aadhaar enrollment. Recently there have been reports of Aadhaar details getting leaked in a number of government websites. However, the UIDAI has assured that the core Aadhaar details have not been tampered with.
Security Concerns with regards to Aadhaar Details
The Aadhaar biometric system has several pros but at the same time, there are several cons also.
Aadhaar Biometric System Pros
The Aadhaar is used as KYC document by a number of services providing companies. Many times a customer is required to provide their biometric data to these companies for example fingerprint scan or iris scan. The photograph of such a scan is uploaded to the computer and then sent to UIDAI for authentication. The data then provided should match with the data available in UIDAI database. This process of authentication not only helpful for the authenticator but also for the customers. Now, the customers are no longer required to carry documents to verify their identity and do not have to wait for days for their verification to get completed. Similarly, service providers do not have to go through the process of verifying each and every document and can simply use Aadhaar number for verification.
Aadhaar Biometric System Cons
The cons are that when an individual gives his or her fingerprint or iris scan for authentication, it can be saved to the host computer. Thus a person can use these details without consent. At the same time the host computer is also linked to other public internet servers, thus it is also vulnerable to hackers.
Further, there is no specific law if any breach takes place. There is no provision in the Aadhaar act that in case of any breach the UIDAI will be held accountable.