UIDAI restricts access to Aadhaar data for mobile wallets, cites security concerns

UIDAI restricts access to Aadhaar data for mobile wallets, cites security concerns
Photo Credit: Photo Credit: Thinkstock
4 Jun, 2018

The Unique Identification Authority of India (UIDAI), which runs India’s national identity card project Aadhaar, has curbed access to its database for mobile wallet companies, citing security concerns, The Economic Times reported.

Restricted access to UIDAI’s database means the firms can now only seek virtual Aadhaar numbers from consumers, and not real ones, for authenticating customer details.

Some payment companies see the move as driving wallets to the costlier old ways of KYC (know your customer) completion, involving PAN cards or driving licences, and shooting up customer inconvenience. 

The change in policy follows the apex court’s concerns about the security and privacy of data.

UIDAI said that the step was taken in the knowledge that a lot of companies don't have the requisite infrastructure to protect the data.

The chief executive of a mobile wallet was quoted as saying, “Even cooperative banks and regional rural banks seem to have greater safety systems than technology companies like ours. UIDAI’s move will only make business more difficult, especially while gathering full details from the customer.” The wallet mentioned above is an authentication user agency (AUA), meaning it is allowed to capture Aadhaar information from a person and submit it to the Central Identities Data Repository for validation. 

A senior executive of a digital wallet that has an AUA licence was quoted as saying, “There is no restriction on doing a biometric scan of customers through the UIDAI-certified dongle — that will continue to happen for people who are not digitised yet. But those accessing wallets would be required to use their virtual IDs from July 1.”

The report also cited another top executive as saying that UIDAI’s move will drive digital wallet companies to the old ways of KYC completion, pushing up costs. “Our business models were not built for such changes. While we have to abide by such norms and we realise that data privacy concerns around this space are genuine, what it also causes is shooting up of costs and customer inconvenience,” he was quoted as saying.

Previously, all digital wallet companies were asked by the central bank to complete KYC (know your customer) processes. The step was taken to ensure that all customer expenditure data were recorded.