What is Aadhaar Authentication?
Aadhaar Authentication means the process by which the Aadhaar number along with the demographic information or biometric information of a Aadhaar number holder is submitted to the Central Identities Data Repository (CIDR) for its verification and such repository verifies the correctness, or the lack thereof, on the basis of the information available with it.
The Aadhaar number or the authentication thereof shall not, by itself, confer any right of, or be proof of, citizenship or domicile in respect of an Aadhaar number holder.
Several requesting entities (or service providers) require individuals to submit their identity proofs that serve as an enabler for providing consumer services, subsidies or benefits. While collecting such identity proofs, these service providers face challenges in verifying/validating the correctness of identity information documents or proofs submitted by individuals.
The purpose of Aadhaar Authentication is to provide a digital, online identity platform so that the identity of Aadhaar number holders can be validated instantly anytime, anywhere.
UIDAI offers Aadhaar-based authentication as a service that can be availed by requesting entities (government / public and private entities/agencies). This service from UIDAI can be utilized by the requesting entities to authenticate the identity of their customers / employees / other associates (based on the match of their personal identity information) before providing them access to their consumer services / subsidies/ benefits / business functions / premises.
Modalities of Authentication
Aadhaar Authentication can be performed in one or more of the following modes:
- Demographic authentication wherein the Aadhaar number and demographic data of the Aadhaar number holder in the database of the requesting entity or as obtained at the point of authentication is matched with the demographic attributes (name, address, date of birth, gender, etc) of the Aadhaar number holder in the CIDR and response returned as a “Yes” or “No” along with other information related to the authentication transaction.
- Biometric authentication wherein the biometric data along with the Aadhaar number submitted by an Aadhaar number holder are matched with the biometric attributes of the said Aadhaar number holder stored in the CIDR and return a response in either a “Yes” or “No” along with any other information related to the authentication transaction. It may be carried out through the following:
- Fingerprint (FP) authentication
- Iris authentication
- One-time Pin authentication wherein a OTP is sent to the mobile number of the Aadhaar number holder registered with the UIDAI (Authority) as specified in “Aadhaar One Time Pin (OTP) API” document. The OTP shall have limited time validity. The Aadhaar number holder shall provide this OTP along with his/her Aadhaar number during authentication and the same shall be matched with the OTP sent by the Authority and response returned as a “Yes”, “No” along with any other information related to the authentication transaction.
Multi factor authentication is a combination of two or three factors highlighted above i.e. the OTP, biometric (Fingerprint and/or IRIS) that may be used for authentication.
Obtaining Aadhaar number holder’s Consent for Authentication
The Central / State Government may, for the purpose of establishing the identity of individual as a condition for receipt of subsidy, benefit or service require that such individual undergo authentication, or furnish proof of possession of Aadhaar number or in the case of an individual to whom no Aadhaar number has been assigned, such individual makes an application for enrolment of Aadhaar.
If an Aadhaar number is not assigned to an individual, the individual shall be offered alternate and viable means of identification for delivery of subsidy, benefit or service.
In compliance with Aadhaar Act, all requesting entities or service providers shall
- unless otherwise provided in the Act, obtain the consent of an individual before collecting his/her identity information for the purpose of authentication in such manner as mandated by UIDAI’s policy and regulations.
- ensure that the identity information of an individual is only used for submission to the CIDR for authentication.
Nothing contained in this Aadhaar Act shall prevent the use of Aadhaar number for establishing the identity of an individual for any purpose, whether by the State or anybody corporate or person, pursuant by law, for the time being in force, or any contract to this effect.
Provided that the use of Aadhaar number shall be subject to the procedure and obligations under section 8 and Chapter VI of the Act.
The authentication service is provided in online and real-time manner by UIDAI through its two data centres i.e. Hebbal Data Centre (HDC) and Manesar Data Centre (MDC) where online services for authentication and other services such as e-KYC are deployed in active-active mode to ensure high availability of services.
The UIDAI’s Central Identities Data Repositotry (CIDR) is currently capable of handling tens of millions of authentications on a daily basis, and can be scaled up further as demand increases. Many requesting entities that provide services to Aadhaar number holders have integrated Aadhaar into their domain applications for improved service delivery anywhere in the country in a real-time, scalable, interoperable manner.
The tabulated section below indicates the scope of Aadhaar based Authentication services.
Expected Benefits of Aadhaar Authentication:
The tabulated section below shows the scenarios for three categories of benefits that can be leveraged using Aadhaar Authentication services of UIDAI.
Adding new beneficiaries: Aadhaar authentication can be used as proof of identity to extend basic social welfare programs such as PDS & RSBY to Aadhaar number holders. It would also give them access to social levellers such as banking & telecom which they have so far been denied for want of identity proof.
Confirming Beneficiaries: Various programs where beneficiaries need to be confirmed before delivery of the service can use Aadhaar authentication. This will help curb leakages and ensure that the targeted beneficiary is not denied entitlement.
Attendance Management: Programs such as SSA and NREGA where financial outlay is linked to beneficiary attendance can use Aadhaar authentication for attendance tracking.
Financial Transactions: One of the biggest benefits of Aadhaar-based authentication is in the financial inclusion segment. Micro-ATM devices using Aadhaar authentication have the potential of changing financial landscape of the country.
Access Control: Aadhaar authentication can be used to control access/entry to restricted areas such as airports, hotels, examination halls etc.
Improving Efficiency And Transparency In Service Delivery
Track end-to-end service delivery: Aadhaar authentication if implemented across the service delivery process / supply chain will help curb leakages and diversions, and help identify bottlenecks in delivery.
Demand-driven, portable service delivery: Since beneficiaries can authenticate their Aadhaar anywhere, delivery processes can be re-engineered to make delivery more flexible & favourable to the beneficiaries.
Access to Relevant MIS and empowerment of Beneficiary: Aadhaar can be used to empower beneficiaries and provide self-help facilities for activities such as checking their entitlements, services delivery timeline, log grievances etc through self-service kiosks, mobile phones, call centres etc.
Accountability / Vigilance: Aadhaar-based authentication can also be used for authenticating officials / members responsible for service delivery, audits, vigilance etc.