Aadhaar: Start Paying Rs20 for Each eKYC, 50 paisa for Yes/No Authentication Now!
Unique Identification Authority of India (UIDAI), the authority tasked for the Aadhaar scheme, has now decided to levy charges for authentication service from requesting entities. 
 
Since, none of the entities, including private players and government owned, who want to use this authentication from UIDAI, would pay the charges from their own pockets, it would be passed on the all Aadhaar holders. 
 
So every time an Aadhaar number holder wants to do an eKYC or even yes or no authentication, she will have to pay the money. And this includes paying charges for availing ration from the public distribution system (PDS) shops as well since the buyer is required to undergo biometric-based Aadhaar authentication. This is because these shops, which are part of the PDS are still private entities, who are mandated to use Aadhaar authentication.  
 
In a gazette notification issued on 6 March 2019, UIDAI says, "Aadhaar authentication services shall be charged @ Rs20 (including taxes) for each e-KYC transaction and Rs0.50 (including taxes) for each yes/ no authentication transaction from requesting entities; and government entities and the department of posts shall be exempt from authentication transaction charges."
 
 
As rightly predicted by Dr Usha Ramanathan, an independent law researcher, Aadhaar has become an attempt by technocrats (and politician and bureaucrats) to turn everyone into a customer for financial technology-related products that are based on the UID data of over 1.21 billion Indian residents. 
 
UIDAI already charges Rs100 for successful generation of Aadhaar, Rs100 mandatory biometric update, Rs50 for updating demographic or biometric and Rs30 for Aadhaar search using eKYC and colour printout on A4 sheet. These charges were paid by the users to registrant entities.
 
 
UIDAI, in the latest gazette notification also appears to be playing a role of regulator for banks. It says those banks who are providing Aadhaar enrolment and update facilities would be exempt from the authentication transaction charges. "However, such banks, which fall short of the Aadhaar enrolment and update targets, as communicated from time to time, will be charged in proportion to the shortfall in achieving the target."
 
In addition, Ajay Bhushan Pandey, who is chief executive of UIDAI as well as revenue secretary, through this notification mandates entities who are using eKYC and yes/no authentication to deposit transactions charges within 15 days from the invoice issued.
 
“The delay in payment beyond 15 days shall attract interest compounded @1.5% per month and discontinuation of authentication and e-KYC services,” he warns. 
 
Those who does not want to pay authentication charges to UIDAI are asked to inform the authority and surrender their access. 
 
The ‘paid’ scheme from UIDAI, however is not new. In fact, as early as in January 2011 a report from the Nandan Nilekani-chaired Technology Advisory Group on Unique Projects (TAG-UP) elaborated and explained framework for private ownership of databases. (Read: Aadhaar: Private ownership of UID data- Part I https://www.moneylife.in/article/aadhaar-private-ownership-of-uid-data-part-i/32430.html
 
The 2011 report had brought out true intentions of the Nilekani led TAG-UP and UIDAI. For example, it says, 
 
  • Governmental data and databases are to be privatised through the creation of National Information Utilities (NIUs), which will then `own’ the data;

 

  • NIUs will be natural monopolies;

 

  • NIUs will use the data and the database to be profit-making and not profit-maximising, and the definition of these terms may, of course, vary;

 

  • Government will support the NIUs through funding them till they reach a steady state, and by doing what is needed to gather the data and create the database using governmental authority;

 

  • Once the NIU reaches steady state, the government will reappear as the customer of the NIU;

 

  • Government officers will be deployed in NIUs and be paid 30% over their salaries, which, even if the report does not say it explicitly, is expected to forge loyalties and vested interests;

 

  • The notion of holding citizens’ data in a fiduciary capacity cedes place to the vesting of ownership over citizens’ data in an entity, which will then have the government as their customer.
 
In short, what is happening today regarding levying charges for authentication has been in the pipeline for long. After the Supreme Court explicitly prohibited use of Aadhaar by private parties by declaring Section 57 of the Aadhaar Act, 2016, as unconstitutional, the government had tried to bring a new amendment in the Act for this. 
 
The government introduced an amendment in the Aadhaar Bill to allow private entities to use Aadhaar. In January 2019, the Aadhaar and Other Laws (Amendment) Bill was passed in the Lok Sabha with very little debate or scrutiny. However, with the Rajya Sabha adjourned sine die, the Bill could not go through and has now lapsed. 
 
This is when the government decided to bring an ordinance to allow private entities use Aadhaar for e-KYC and other purposes. The ordinance, “Allows the use of Aadhaar number for authentication on voluntary basis as acceptable KYC document under the Telegraph Act, 1885 and the Prevention of Money-laundering Act, 2002.”
 
The truth is the government seems to be under pressure from private entities, especially from finance and telecom sector to allow them use of Aadhaar eKYC for onboarding of customers.
 
The Supreme Court, in its judgement dated 26 September 2018, in Justice KS Puttaswamy vs Union of India (the Aadhaar judgement) in WP Civil No. 494 of 2012 explicitly prohibited use of Aadhaar by private parties by declaring Section 57 of the Aadhaar Act, 2016, as unconstitutional. This Section had provided grounds for Aadhaar-based authentication by private entities like telecom and insurance companies. 
 
At that time, legal scholar Dr Ramanathan had pointed out that after the judgement of the apex court, the use of the Aadhaar system by private and business interests should be prohibited. "Using 'voluntary' and 'consent' as a cover does not make it right. In Para 367 of the majority judgment, the judges had only said, 'if such a person voluntary wants to offer Aadhaar card as a proof of his/her identity, there may not be a problem'. That does not allow the use of the Aadhaar system, not even voluntarily," Dr Ramanathan had said. 
 
However, before being banned by the apex court, when private entities were using Aadhaar-based e-KYC, there were several reports of fraudulent transactions and scamming of citizens' personal data as well as their money. 
 
In fact, last month, even the Insurance Regulatory and Development Authority of India (IRDAI) has directed insurance companies not to mandatorily ask for the Aadhaar details for know-you-customer (KYC) requirement or carry out authentication using e-KYC from UIDAI. 
 
In a circular (IRDAI/SDD/ClR/MISC/020/01/2019) issued on 29 January 2019, the insurance regulator had said, "The proposer or policyholder voluntarily offers Aadhaar as one of the documents for KYC purpose. This includes physical copy of e-Aadhaar, masked Aadhaar and offline Aadhaar XML. However, the insurers will under no circumstances do the authentication either using e-KYC facility or yes/no authentication facility of UIDAI. Insurers should ensure that the first 8 digits of the Aadhaar number are properly/appropriately masked. At no point in time, more than last four digits of the Aadhaar number of any individual should be stored by the insurers in physical or digital form". (Read: Aadhaar: Insurance Companies Cannot Ask for the UID for KYC, Says IRDAI  https://www.moneylife.in/article/aadhaar-insurance-companies-cannot-ask-for-the-uid-for-kyc-says-irdai/56356.html)
 
Earlier while speaking at Moneylife Foundation event on “Why We Need to Worry about the UID (Aadhaar) Project", Dr Ramanathan had termed Aadhaar as an attempt to turn every one into a customer. “These days, we often hear the term ‘disruptive change’. However, in the case of UID, this is disruption for destruction, where ambitious persons are using every means to allot a random number to every Indian citizen whose profiles, once created, can be exploited for offering a number of services or products,” she had said. (Read: “Aadhaar is an attempt to turn everyone into a customer”
 
Last year in April, Siddharth Sekhar Singh and Ashwini Chhatre from Indian School of Business (ISB) did a study to find out Aadhaar authentication failure in PDS of Andhra Pradesh. "It should be understood that the Aadhaar authentication system is not a 100% accurate system, irrespective of the modality selected for authentication. Aadhaar authentication attempts may result in failure due to several reasons. Several reasons were identified for the failure of Aadhaar authentication, including biometric mis-match, invalid Aadhaar number, invalid biometric status and missing biometric data in Central Identity Data Repository (CIDR). Among these, about 92% of the authentication failures were caused solely due to biometric mismatch(92%), placing it as the leading cause of authentication failure in the state," the study says.
 
You may also want to read...
 
 
 
 
 
 
 
 
 
 
 
 
 
  • Like this story? Get our top stories by email.

    User

    COMMENTS

    Aditya G

    9 months ago

    This is absolutely bollocks! Why isn't there outrage over this?

    Aadhar not mandatory for second installment of PM-KISAN
    In a measure to woo farmers ahead of the Lok Sabha polls, the Union Cabinet, chaired by Prime Minister Narendra Modi, on Thursday approved waiving, in the interim, Aadhaar seeding for farmers to receive the second instalment of the income support scheme under the Pradhan Mantri Kisan Samman Nidhi (PM-KISAN).
     
    Union Minister Ravi Shankar Prasad said the one-time waiver of the mandatory quoting of Aadhaar to avail benefits under PM-KISAN was made due to paucity of time as the second instalment is to be given on April 1 as promised by the Modi government. 
     
    "The PM-KISAN was launched in Gorakhpur (Uttar Pradesh) on February 24 by the Prime Minister and the first instalment of the income to the tune of Rs 2,021 crore has already been transferred to the beneficiaries. 
     
    "For the second instalment which is to be paid on April 1, the cabinet has decided that Aadhaar quoting will not be mandatory," said Prasad. 
     
    The PM-KISAN entailing a direct cash support of Rs 6,000 for farmers was announced in the Interim Budget 2019. 
     
    The cabinet also approved promulgation of the Aadhaar and Other Laws (Amendment) Ordinance, 2019. The Aadhaar and Other Laws (Amendment) Bill, 2018 was passed by the Lok Sabha in its sitting held on January 4. However, before the bill could be considered and passed by the Rajya Sabha, the House was adjourned sine die. 
     
    Prasad also said the voluntary use of Aadhaar will be considered in either electronic or physical form. 
     
    "Any entity that takes Aadhaar will follow the privacy standards. Aadhaar can be used on voluntary basis for KYC documents for Telegraph Act and the Prevention of Money Laundering Act," he said
     
    Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
  • User

    Aadhaar Data Breach Largest in the World, Says WEF’s Global Risk Report and Avast
    During 2018, the secret and sensitive data of literally hundreds of millions of people has been torn open and exposed, then aggregated on various dark web lists for sale. Malicious cyber-attacks and lax cyber-security protocols again led to massive breaches of personal information in 2018, the largest being Aadhaar from India, say two reports.
     
    The World Economic Forum's (WEF's) Global Risks Report 2019, says, "The largest (data breach) was in India, where the government ID database, Aadhaar, reportedly suffered multiple breaches that potentially compromised the records of all 1.1 billion registered citizens. It was reported in January 2018 that criminals were selling access to the database at a rate of Rs500 for 10 minutes, while in March a leak at a state-owned utility company allowed anyone to download names and ID numbers."
     
     
    WEF's Global Risks Perception Survey (GPRS) finds around two-thirds of respondents expect the risks associated with fake news and identity theft to increase in 2019, while three-fifths said the same about loss of privacy to companies and governments. But more about it later.
     
    In a blogpost, 'Top 10 Biggest Data Breaches in 2018', Avast Software says data breaches are a terrifying top trend in the cyber-crime world that shows no sign of slowing any time soon. 
     
     
    "While some data breaches are deliberate attacks, others are simply neglected databases that security auditors find lying around the web like unguarded, unlocked safes," the blog says.
     
    According to Avast, between August 2017 and January 2018, Aadhaar numbers, names, email and physical addresses, phone numbers, and photos of almost 1.1 billion Indians were found susceptible to data breach. 
     
    Anonymous sellers over WhatsApp charged Rs500 and lower for a portal into UIDAI where the records of virtually every citizen was at the payer’s fingertips, as reported by Rachna Khaira for The Tribune
     
    Investigations by The Tribune reveal that the racket may have started around six months ago, when some anonymous groups were created on WhatsApp. These groups targeted over 300,000 village-level enterprise (VLE) operators hired by the ministry of electronics and information technology (ME&IT) under the common service centres scheme (CSCS) across India, offering them access to UIDAI data.
     
    Interestingly, last year, digital security firm Gemalto had also mentioned 1.2 billion data breaches in Aadhaar database in its Breach Level Index report. However, later, it retracted its own study on Aadhaar data breaches and tendered an unconditional apology through a half-page advertisement in a leading newspaper. 
     
    But the retraction by Gemalto was not totally unexpected as the firm has been a partner of UIDAI since the inception of Aadhaar in 2009. Gemalto has been supplying biometric scanners, including 10-finger fingerprint scanners and iris scanner. Gemalto also provides digital tokenisation solution to UIDAI. (Read: Aadhaar Data Breach: Gemalto Publishes Abject Apology; Was It To Protect Business?)
     
    In such scenario, we wonder if WEF and Avast are also made to retract from their reports.
     
    Coming back to the WEF's GPRS report, there were further massive data breaches in 2018, new hardware weaknesses were revealed, and research pointed to the potential uses of artificial intelligence to engineer more potent cyberattacks. 
     
    Last year also provided further evidence that cyber-attacks pose risks to critical infrastructure, prompting countries to strengthen their screening of cross-border partnerships on national security grounds.
     
     
    In the GRPS, 'massive data fraud and theft' was ranked the number four global risk by likelihood over a 10-year horizon, with 'cyber-attacks' at number five. This sustains a pattern recorded last year, with cyber-risks consolidating their position alongside environmental risks in the high impact, high-likelihood quadrant of the Global Risks Landscape. 
     
    A large majority of respondents expected increased risks in 2019 of cyber-attacks leading to theft of money and data (82%) and disruption of operations (80%). The survey reflects how new instabilities are being caused by the deepening integration of digital technologies into every aspect of life.
     
    Cyber vulnerabilities can come from unexpected directions, as shown in 2018 by the Meltdown and Spectre threats, which involved weaknesses in computer hardware rather than software. They potentially affected every Intel processor produced in the past 10 years.
     
    Last year also saw continuing evidence that cyber-attacks pose risks to critical infrastructure. In July, the US government stated that hackers had gained access to the control rooms of US utility companies.
     
    The potential vulnerability of critical technological infrastructure has increasingly become a national security concern. The second most frequently cited risk interconnection in this year’s GPRS was the pairing of cyber-attacks with critical information infrastructure breakdown.
     
    Talking about increasing use of biometrics, the report says, we are moving into a world in which everything about us is captured, stored and subjected to artificial intelligence (AI) algorithms. 
     
    It says, "If humans are increasingly replaced by machines in crucial decision loops, the result may lead not only to greater efficiency but also to greater societal rigidity. Global politics will be affected as authoritarianism is easier in a world of total visibility and traceability, while democracy may turn out to be more difficult—many societies are already struggling to balance threats to privacy, trust and autonomy against promises of increased security, efficiency and novelty. Geopolitically, the future may hinge in part on how societies with different values treat new reservoirs of data."
     
     
    "Strong systems of accountability for governments and companies using these technologies could help to mitigate the risks to individuals from biometric surveillance. This will be possible in some domestic contexts, but developing wider global norms with any traction will be a struggle," the WEF report says.
  • Like this story? Get our top stories by email.

    User

    COMMENTS

    NerurTwelve

    10 months ago

    There is information available on tap in respect of aadhar, pan, bank account details, passport...with names if you are willing to spend resources..It is not that sources are necessarily leaky but we are sloppy and every system which rely on Ids
    banking, Telecom, travel.. and the people working there dealing with info like this are equally so. So, when you make this news appear as breaking news, I just say good luck. Privacy, data security.. they are a passe' in a country where open defecation is not a shame.

    P M Ravindran

    10 months ago

    "Strong systems of accountability for governments and companies using these technologies could help to mitigate the risks to individuals from biometric surveillance. This will be possible in some domestic contexts, but developing wider global norms with any traction will be a struggle," the WEF report says.

    Let us not forget that ours is a government that has not only failed totally to implement the so called sunshine Act-Right to Information Act- but has actually subverted it to such an extent that any body trying to use it will end up losing the money, time and effort invested in gaining information that the Act itself claims to be 'vital to its (democracy's) functioning and also to contain corruption and to hold Governments and their instrumentalities accountable to the governed'. Worse, the judiciary has been in the forefront of subversion of this law too.

    Often the ordinary citizens are criticised for being uninformed, if not illiterate, for the sordid state of affairs. But what such critics fail to take cognisance of is the experience of those who are adequately literate, knowledgeable and articulate. Even in the case of Sabarimala , where the constitutional bench of the apex court actually delivered a verdict that is in total violation of Article 26 of the Constitution, I have not heard a single critic of the verdict actually say it in so many terms. It is the same platitudes of the court not been appraised of the correct facts, case laws etc.

    The same goes with the Adhaar verdict too.

    Readers may like to go through my blog at https://www.scribd.com/document/124887823/Democracy-East-is-East-and-West-is-West

    We are listening!

    Solve the equation and enter in the Captcha field.
      Loading...
    Close

    To continue


    Please
    Sign Up or Sign In
    with

    Email
    Close

    To continue


    Please
    Sign Up or Sign In
    with

    Email

    BUY NOW

    online financial advisory
    Pathbreakers
    Pathbreakers 1 & Pathbreakers 2 contain deep insights, unknown facts and captivating events in the life of 51 top achievers, in their own words.
    online financia advisory
    The Scam
    24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
    Moneylife Online Magazine
    Fiercely independent and pro-consumer information on personal finance
    financial magazines online
    Stockletters in 3 Flavours
    Outstanding research that beats mutual funds year after year
    financial magazines in india
    MAS: Complete Online Financial Advisory
    (Includes Moneylife Online Magazine)
    FREE: Your Complete Family Record Book
    Keep all the Personal and Financial Details of You & Your Family. In One Place So That`s Its Easy for Anyone to Find Anytime
    We promise not to share your email id with anyone