New Delhi: Establishments like hotels that seek people’s Aadhaar to verify identities will soon have to register with the Unique Identification Authority of India (UIDAI) to prevent misuse of data.
This rule also applies to event organisers and tour operators.
This step is meant to discourage such entities from taking photocopies of Aadhaar cards of customers and storing them in physical form, as these can be misused. Such practices are also in contravention of the present Aadhaar Act.
The new rule will give these establishments access to a new technology, allowing them to verify individuals by scanning a QR code or connecting with the new Aadhaar app, which is currently under development, UIDAI CEO Bhuvnesh Kumar told PTI.
“The new rule has been approved by the authority and will be notified soon. It will mandate registration of offline verification-seeking entities like hotels, event organisers. The objective is to discourage paper-based Aadhaar verification,” Kumar said.
This verification system will also help in avoiding delays caused by outages in the intermediate servers that connect to the central Aadhaar database, ensuring smoother processing of various services, as reported by Mint.
Entities who prefer offline verification, will be given access to an API (application programming interface) by UIDAI through which they can update their system for Aadhaar verification..
UIDAI is beta-testing a new app that will enable app-to-app verification without requiring to connect with the central Aadhaar database server for every verification request.
Access to the new app won’t be limited to a few entities, as it can also be used by airports, shops that need to sell age-appropriate products, and other places that require Aadhaar-based verification.
“The ease of verification will enhance offline verification without the use of paper while maintaining privacy of users or any risk of their Aadhaar data getting leaked for misuse,” Kumar said.
The new app is expected to further improve Aadhaar authentication service in line with the Digital Personal Data Protection Act, which will be completely operational within the next 18 months.
