Facts about Aadhaar

Aadhaar data is collected by private agencies/operators and is sold in open

market. Is this true?

Fact:
1. This is completely a false allegation. There is not even a single credible
complaint or proof of this happening.
2. Usage of private agencies is commonplace in most Government
systems including that of Passport system of India which also collects
demographic and biometrics data.
3. Usage of private agencies/companies in itself is not against any Government
practices.
4. As long as strong security measures are implemented, there is no reason for
such blanket typecasting and opposition.
5. UIDAI has taken strong security and data protection measures
which makes it impossible to steal data from field computers by
operators.
a. Enrolment Client software is written, maintained, and provided by
UIDAI to all Enrolment Agencies.
b. UIDAI has mandated all operators and supervisors to have a
Aadhaar. This ensures that all operators and supervisors are uniquely
identified and their performance analyzed.
c. Since Aadhaar number is the operator unique identifier, when an operator
is blacklisted, he/she can never become an operator again under any
other agency in any part of the country.
d. Enrolment software provided for field work ensures that ONLY approved
and authentic operators can sign-in to the enrolment software
system to perform enrolment.
e. Enrolment data packets (individual electronic file containing resident
demographics and biometrics) are strongly encrypted by the Enrolment

Page 1 of 16
 Client software at the time of enrolment even before saving any data
to any hard disk.
f. Encryption uses highest available public key cryptography
encryption (PKI-2048 and AES-256) with each data record having a built-
in mechanism to detect any tampering.
g. Even if someone attempts to decrypt, due to the use of strongest available
encryption (2048-bit asymmetric encryption), even with millions of
computers, it will take billions of years to break such encryption.1 2
h. Every enrolment record is biometrically signed by operator
ensuring traceability and non-repudiation.
i. This biometric signature is validated in CIDR before even processing the
enrolment ensuring ONLY those packets from authentic and
approved operators are processed.
j. All audits during field enrolment are captured electronically. This means
every enrolment is fully traceable in terms of “who”, “when”, “which
agency”, “who reviewed”, “any exceptions”, etc.
k. Every enrolment data packet is “always” stored on disk in PKI encrypted
form and is never decrypted or modified during transit making it
completely inaccessible to any system/person.
6. No human being or computer system within these private agencies
or intermediate Government setup can access, modify, or steal this
heavily encrypted Aadhaar enrolment data collected on the field.
7. Aadhaar system uses best-in-class encryption to protect resident data from
the time of enrolment in the field all the way within its data centers. Aadhaar system
is one of the few systems in the world implementing this level of
security, traceability, and data protection.

1 https://www.digicert.com/TimeTravel/
2 https://www.digicert.com/TimeTravel/math.htm

Page 2 of 16
Who does de-duplication? Does UIDAI give biometric data to 3rd party
companies for the purpose of de-duplication? Some claim that biometric data
is given to American companies with CIA connection.

Fact:
1. De-duplication is completely managed by UIDAI within its data centers.
2. UIDAI built application software does de-duplication using software
(biometric matching algorithm software) procured via open tender. Currently,
UIDAI uses 3 different biometric algorithm software procured from 3 different
vendors to ensure highest matching accuracy.
3. It is important to note that ALL Aadhaar data is managed completely
by UIDAI in its secure data centres located within India.
4. All application software is installed and run within these data centers.
5. NO enrolment data (including biometrics) are sent outside the
country or given to any 3rd party vendor outside data centers to process
de-duplication.
6. Like any government system, UIDAI buys hardware (servers, storage, etc)
and software (operating systems, databases, biometric matching systems, etc)
through open tender process adhering to all government procurement norms.
7. UIDAI procured biometric software (quite like procuring Oracle database or
Microsoft operating system) and installed within UIDAI's data centers (located
within India and managed by UIDAI).
8. During de-duplication, UIDAI software application (running within
UIDAI managed data centers within India) simply "uses" the biometric
software (procured from market) to de-duplicate.
a. Interestingly, even within the UIDAI data centers, demographic data
and biometric data are partitioned into different databases to
ensure no single database has both these information.
b. That means, even within the UIDAI data centers, the biometric de-
duplication sub-system does not get any resident demographic
details, and the data it sees is fully anonymized.
c. This is done precisely to further protect anonymity within UIDAI's
own databases inside CIDR.

Page 3 of 16
 d. Such elegant and advanced design techniques are not seen in most systems
even today.
9. It is important to note that all of India‟s critical systems such as those
used by banks, passport department, railways, including systems used
in courts use hardware and software from global companies such as IBM,
HP, CISCO, EMC, Microsoft, Oracle, etc, many of them American companies.
10. Just because all these systems use software and hardware
provided by 3rd party companies does not mean those companies and
foreign governments have access to all our banking data, court data, and
passport data!
11. Such silly arguments are made by opponents of Aadhaar simply to create
confusion and gain attention!

Aadhaar is a privacy risk since it collects lots of data about people. Is this
claim true?

Fact:
1. „Privacy by design‟ has been a core philosophy of Aadhaar.
2. UIDAI's mandate is to provide unique identity to all. For this, it was
imperative that the system is designed to be minimalistic to ensure inclusion of
millions of marginalized people in India.
3. in 2009, DDSVP committee3 chaired by Shri. N. Vittal, decided that
Aadhaar system ONLY collects and stores minimal demographic data.
a. Only name, gender, date of birth, address, are always captured
b. Optionally mobile and email are also captured for providing notifications and
mobile authentication.
4. In addition, Aadhaar system uses multi-modal biometrics data to
ensure one person only gets one ID (hence unique identity).
a. Multi-modal biometrics (fingerprints and iris) was implemented
to get better accuracy and increase inclusion.

3 http://uidai.gov.in/UID_PDF/Committees/UID_DDSVP_Committee_Report_v1.0.pdf

Page 4 of 16
 5. Aadhaar system collects NO other information such as religion, caste,
economic status, bank account details, etc about residents; has no linkage to any
other systems such as PAN, Passport, Driver’s License, etc; and has no data
about any day to day transactions of individuals such as banking
transactions, travel, hospital visits, etc.
6. Either during enrolment or during authentication, Aadhaar system DOES
NOT collect, store, link to any other personal data (other than described
above) and hence designed specifically to protect privacy.

Does Aadhaar system know about my medical data when I authenticates at a

hospital or know about my banking data when I withdraw money using
Aadhaar authentication?

Fact:
1. This is completely false allegation.
2. Aadhaar authentication simply validates the identity with a yes/no response with
input to authentication just being one of the 6 demographic fields (name, date of
birth, gender, address, mobile, email) and/or biometrics/OTP. NO other
transaction data is available to Aadhaar system.
3. Authentication is designed in such a way that neither the "purpose" of
authentication nor any other transaction context is known to Aadhaar
system. This design was precisely to create a "zero-knowledge" system to protect
privacy.
a. E.g., when an Aadhaar holder goes to bank and opens an account or
withdraws money from ATM using Aadhaar authentication, all Aadhaar
system knows is that that Aadhaar holder authenticated at this time by that
agency.
b. That means Aadhaar system absolutely does not know if it is a bank
employee using Aadhaar authentication to do attendance or account being
opened or money being sent, etc.

Page 5 of 16
 c. Authentication Operating Model4 allows agencies to also work as sub-agency
providing a layer of anonymity while still preserving strong end-
to-end data security.
d. For example, RTO or MNREGA or Govt attendance system could
authenticate as sub-agency under NIC (as the main Authentication User
Agency).
e. When any authentication happens in RTO system or MNREGA system, only
information Aadhaar system knows is that "Aadhaar holder has
authenticated via NIC at this time"
f. Whether it is MNREGA worker, Govt official, or a person applying for
license, etc is NOT KNOWN to Aadhaar system.
g. THE PURPOSE and kind of transaction and its details are NOT
KNOWN to Aadhaar system.
4. Aadhaar authentication and its operating model is built to be zero-
knowledge system and automatically lends itself to transaction
anonymity to protect privacy of an individual without any compromise on
security.

How long authentication data is retained by UIDAI? Can various agencies

obtain bulk authentication data of Aadhaar holders?

Fact:
1. UIDAI retains authentication data (only the fact that Aadhaar holder is
authenticated by an agency at a particular date and time, NOTHING ELSE) for 6
months in online audit database and offline for 7 years.
2. This is to provide the information to the Aadhaar holder and to help in
dispute resolution. This is very similar to a bank keeping credit card authentication
data for dispute and fraud analytics purposes.
3. UDIAI never shares bulk authentication data with any other
agencies.

4 http://uidai.gov.in/images/authentication/d3_1_operating_model_v1.pdf

Page 6 of 16
 4. Note that, Aadhaar authentication system has NO knowledge about the
purpose of transaction, had no transaction details, and has no understanding of the
relationship of the Aadhaar holder with authentication agency.

When Aadhaar number is seeded in various systems, are all that information
is available in UIDAI's central database?

Fact:
1. Completely false.
2. When an Aadhaar holder provides his/her Aadhaar number in a bank,
all it means is that the bank account database now has customer
Aadhaar number.
a. This is similar to providing DL (driving license) or PAN card to bank during
account opening or during SIM card purchase.
b. That does not mean DL/PAN system knows everything about banking data.
3. Aadhaar system DOES NOT know if the bank or any other system has seeded
the data.
4. NO DATA is shared by any of these agencies with UIDAI and Aadhaar
system DOES NOT store any data from any of these agencies.
5. UIDAI central system ONLY has minimal demographic data (6 attributes) and
biometrics. It neither has any external department/application data nor
has any awareness of the PURPOSE of the usage of Aadhaar.
6. Seeding simply refers to various applications (banking, telcos, etc) adding the
identity number (based on the Proof of Identity used) in their customer/beneficiary
database. No information from these applications are ever sent to
Aadhaar system.

Heard that biometrics is untested and does not work. Is this true?

Fact:
1. This is not at all true.

Page 7 of 16
2. Today many systems in India and various countries use biometrics as the means to
uniquely identify a person.
3. In India, many systems have been collecting and using biometrics (not
using Aadhaar). Some of them are listed here:
a. Passport system
b. Property registration systems in many states
c. National Health Service (RSBY)
d. Several Government and private attendance systems
e. PDS systems in some states (with or without smart cards)
f. Banking systems and micro-ATMs
4. When applying for Visa or when entering many countries including EU, use
biometrics during immigration (US5, EU6, Australia7, etc.).
5. Biometric authentication is now becoming standard in smart phones –
touch-ID in Apple, fingerprint sensor in Google Android phones, iris scanner in
Microsoft, Samsung and Hitachi phones, etc. are all examples.
6. Users of these smart phone systems and people who travel abroad are
already providing their biometrics which is stored and used in foreign
systems! That is the choice people make based on their need.
7. Within Aadhaar system, it is shown that biometrics work very accurately across
enrolment and authentication.
a. UIDAI's report8 published in December 2011 has true and tested statistics
computed from real operational system using the enrolment database of 8.4
crore which sowed the de-duplication accuracy being 99.965%!
b. UIDAI reports9 10 on authentication showed that authentication accuracy
can be above 99%.

5 http://www.dhs.gov/obim-biometric-identification-services
6 http://ec.europa.eu/dgs/home-affairs/what-we-do/policies/borders-and-visas/visa-information-
system/index_en.htm
7 https://www.border.gov.au/Trav/Visa/Biom
8
http://uidai.gov.in/images/FrontPageUpdates/role_of_biometric_technology_in_aadhaar_jan21_
2012.pdf
9
http://www.uidai.gov.in/images/role_of_biometric_technology_in_aadhaar_authentication_0204
12.pdf
10 http://www.uidai.gov.in/images/iris_poc_report_14092012.pdf

Page 8 of 16
 8. Mass adoption of biometrics in millions of phones across the
globe and many Government and private systems shows that biometrics
is now mainstream for identity authentication.

Can biometrics can be copied and used to cheat Aadhaar authentication?

Fact:
1. One can never say never in any security systems. But, idea is to ensure various
measures are taken to protect misuse.
2. Just because ATM cards can be easily cloned or 4-digit PIN can be easily guessed,
do we abandon ATMs and go back in time to passbooks?
3. Since Aadhaar authentication is always used as part of some system (such as
banking), it amounts to breaking in to those systems.
a. Most service providers have additional security mechanisms for their specific
needs.
b. For example, in a bank ATM, users typically swipe the card and then use the
biometrics.
c. Similarly when entering airport using Aadhaar authentication, a security
personnel is also watching the screen.
d. So, just having biometrics is not generally useful.
4. UIDAI system has put in many measures to protect against misuse. These are:
a. Registered devices specification11 which prevents any stored biometrics
from being used within any network.
b. Biometric sensor implementations are increasingly implementing liveness
detection to ensure any attempt at making fake fingers/iris etc are
prevented. Algorithms are getting smarter every day in terms of liveness
(movement of eye, dilation detection, blood flow and moisture level, etc.).
c. Biometric locking feature allowing Aadhaar holders to lock their
biometrics and unlock only when needed. So, no one else but the
Aadhaar holder can use his/her biometrics!

11 http://uidai.gov.in/images/aadhaar_registered_devices_1_0.pdf

Page 9 of 16
 d. UIDAI already supports two-factor authentication. So, simply having
a copy of the biometrics is not useful for any high value transactions.
e. Resident notifications are turned on for every biometric/OTP
authentication (email and/or SMS notification) to notify the Aadhaar
holder (this is like bank sending SMS when ATM card is used).
f. All transactions are digitally signed to ensure calling agencies are
authenticated. This means NO unauthorized agency can access
Aadhaar authentication.
g. Authentication is NOT exposed via Internet. All connections are
ONLY over secure private network with layers of network security.
h. All authentication user agencies who are allowed to access Aadhaar
authentication are Indian legal entities under contract with UIDAI.
i. In addition, all agencies must IT audit certificate to UIDAI.
j. Since Aadhaar authentication IS NOT available via Internet, no
unauthorized entity can ever access UIDAI authentication service
in any other way.

Doesn't a central authentication system means Aadhaar system can be used

for surveillance?

Fact:
1. This is purely an extreme view point.
2. Let us look at examples:
a. Not too long ago, we Indians were standing in line physically in a particular
train station to book train ticket from that station.
b. Now with online and central train ticketing system, anyone in India can book
a train from any station to any station in the convenience of our homes.
c. Similarly, when banking systems went digital and central, the need to
physically go to the same branch and stand in line is gone.
d. Without building online, central systems, none of these changes would have
been possible.

Page 10 of 16
 3. Portability and anytime/anywhere access to services and
entitlements is critical for a highly migrant India as we move towards digitally
connected systems.
4. When the ID is portable, it also enables entitlements to become
portable – rice from any PDS shop, money withdrawal from any BC etc.
5. Apart from huge convenience, it also eliminates corruption, as
bargaining power moves from supplier to consumer.
6. Aadhaar ID gives nationwide portability as it can be authenticated
anywhere on-line. this is critical as India‟s millions migrate from North
to South, rural to urban etc.
7. Central online systems can monitor and notify the user of any
misuse attempt and hence protect the data much better than decentralized
systems.
8. Aadhaar authentication, while providing full value of national, anytime,
anywhere, identity authentication system, is also designed to be minimalistic,
no-knowledge system.
9. During authentication, THE PURPOSE and kind of transaction and its
details are NOT KNOWN to Aadhaar system.
10. A well designed system like Aadhaar having only minimal data can
actually protect the privacy strongly, while various applications using
Aadhaar can provide convenience of anytime/anywhere access to
services and entitlements to 100's of millions of marginalized people.
11. Aadhaar authentication, hence provides a strong national authentication
platform while fully protecting privacy of the Aadhaar holder WITHOUT
creating a central all-knowing database.
12. Since Aadhaar is the only system in the world that can do 100's of millions
instant on-line biometric authentications a day, India can build a next
generation electronic consent system that puts the person in charge of
his own data, and actually increases privacy.

Once Aadhaar number is added to various databases, isn't it easy combine all
databases at will?

Page 11 of 16
Fact:
1. This is not true. Most systems today have their own rules that protect their data.
2. Just because voter ID systems have Aadhaar number and banks have
Aadhaar number does not mean anyone can collect all that data without
following due course of law and processes governing those systems.
3. Aadhaar is designed to be zero-knowledge system and most data is stored in a
federated model across various systems governed by their own rules and processes.
4. None of these data (banking, health, education, etc) are available
in Aadhaar system.
5. Speculating that some agency can, in future, break all laws and combine all data
from various systems is purely theoretical to instill fear among people.

Does the claim of Aadhaar being issued to non-citizens and illegal immigrants
and hence being a national risk have any merit?

Fact:
1. Purpose of Aadhaar12 is to provide a unique identity number to all “legal residents”
of India and clearly stated in the original strategy document.
2. This is very similar to many national identity systems across the world.
a. In USA, social security number is issued to all legal residents including
foreigners with valid visa, but, it does not imply US citizenship.
3. Having an Aadhaar number is not a “proof of birth”, it is simply a
“proof of identity” which is basic requirement for all services.
4. There is absolutely no factual evidence of any large scale enrolments of illegal
immigrants other than odd news paper reports.
5. If any such incident is brought to notice of the UIDAI, processes are in place to
cancel his/her Aadhaar. Once cancelled, neither any authentication can
work nor that person can ever enrol again to get another number.

12 http://uidai.gov.in/all-about-uidai/uidai-background.html

Page 12 of 16
 6. Because of this strength, once all Indian residents are covered in next couple
of years, having a instantly verifiable identity, Aadhaar only helps in curbing
such illegal activities!
7. In fact, Aadhaar enrolment data verification procedure was created by a high power
external committee in 2009, headed by Shri. N. Vittal, having senior members from
Registrar General of India, RBI, Banks, India Post, Depart of Information
Technology, and many other Government departments.
8. Aadhaar enrolment process strictly adheres to the recommendations13
of this committee.

Aadhaar system will cost Rs.50,000 crores to Government. Some even

claimed it will cost Rs.150,000 crores! Is this true?

Fact:
1. Since 2009, UIDAI has totally spent14 Rs.6678 crores until August 2015, to
cover more than 90 crores Aadhaar numbers.
2. That means Government spends less than Rs.70 per Aadhaar number
which is multi-fold cheaper that many similar national ID systems in the world!
3. Just in one year, for LPG DBT scheme alone, it is estimated that
Government has saved more than 15000 crores!
4. As per the Planning Commission study15 (carried out by the National Institute of
Public Finance and Policy), the Aadhaar program will allow Government to
save several thousands of crores of taxpayer money every year while
allowing better benefits delivery directly to beneficiaries!

Some claim that Aadhaar does not provide true identity because people can
provide whatever name and address as they want. Is this true?

Fact:

13 http://uidai.gov.in/UID_PDF/Committees/UID_DDSVP_Committee_Report_v1.0.pdf
14 http://uidai.gov.in/finance-budgets.html
15 http://planningcommission.nic.in/reports/genrep/rep_uid_cba_paper.pdf

Page 13 of 16
 1. In fact, Aadhaar is the only true identity system since it is unique to an
individual using his/her biometrics. Unlike identity systems based on physical
cards, in the case of Aadhaar, no one else can claim their identity!
2. Aadhaar system adheres to recommendations16 of the committee for
data collection and verification process.
3. When running a program to cater to more than a billion people with extreme social
diversity, it is possible that odd examples of wrong name being recorded happen.
4. It is critical to note that one person can get only one Aadhaar due to use
of biometrics and hence it is NOT in most people‟s interest to purposely
record wrong name and address!
a. The demographic data is self-cleansing, as when you have only one real
identity, the incentive is for that person to keep it genuine and up
to date.
5. Aadhaar system balances verification rigour with need for inclusion very well and
uses biometrics ensures one person only gets one ID.

There are several other ID systems in India. Aadhaar is not the only nationally
accepted ID system. Why can't existing IDs be used?

Fact:
1. Other than Passport and PAN card, there are no national level identity documents
that can be used across the country.
2. All of these IDs are created for a purpose. DL gives one the right to drive, a passport
is used for foreign travel, PAN is used for tax purposes, and so on.
3. Aadhaar is the only system that is designed to be minimal, DOES NOT have any
other data stored in central systems, and works purely as an identity system.
4. This reduces the requirement for newer Government systems to build their own
identity systems, avoids the need for using biometrics across those systems (as they
do today), and hence significantly enhances security.
5. Most other identity documents are limited to specific geographies and mostly in
local language and cannot be used in other parts of country.

16 http://uidai.gov.in/UID_PDF/Committees/UID_DDSVP_Committee_Report_v1.0.pdf

Page 14 of 16
 6. Less than 15% of people have PAN card and less than 7% of people have
passports. Passport is a “travel” document while PAN card is a tax identification
number.
7. Reality is that, there is no general purpose national identity that is designed to be
given at birth and valid throughout life.
8. Small percentage of educated and socially well of people claiming that they have
PAN card, credit cards, passport and arguing why they need one more identity
simply demonstrates their lack of understanding of ground reality!
9. More than 85% (more than 1 billion people!) of this country lacks a
strong national level identity that can be used anywhere in India and
accepted by many service agencies.
10. So, claiming that existing national level identities are good enough is an argument
for continued “exclusion” of marginalized people.

How does Aadhaar system handle security and privacy?

Fact:
1. Aadhaar enrolment software on the field uses highest strength encryption
available (2048-bit encryption) to ensure all data is encrypted at the time of capture
before even storing on any disk.
2. No operators or systems can ever open and tamper with this data. Even if
attempted, it will take several billions of years to decrypt one packet!
3. Aadhaar system ONLY captures minimal data and DOES NOT store or link
to ANY OTHER data of any other applications.
4. UIDAI manages its own data centers within India and NO BIOMETRIC
DATA is ever sent out of country or to any vendor outside the perimeters of
data center.
5. Biometric de-duplication is fully done by UIDAI's own application software
running fully within the data centers located in India and managed by UIDAI.
6. Raw biometric data IS ALWAYS stored in encrypted form even within
UIDAI data cenetrs and are kept isolated with highly controlled access.

Page 15 of 16
7. UIDAI does not trak any transaction details or the purpose of Aadhaar number
usage during authentication and seeding. Aadhaar system ONLY knows the
fact that a specific Aadhaar holder has been authenticated by an agency
at a particular time.
8. UIDAI does not share any bulk authentication data with any other agencies.
9. Aadhaar authentication is NOT EXPOSED via Internet and ONLY
authorized agencies under contract can access it, that too, ONLY via
private secure network.
10. Aadhaar system supports multi-factor authentication to increase strength of
authentication for high-value transactions.
11. Since Aadhaar is the only system in the world that can do 100's of million instant
on-line biometric authentications a day, using Aadhaar India can build a next
generation electronic consent system that puts the person in charge of
his own data, and actually increases privacy.
12. In addition, Aadhaar holders can lock their biometrics from being used in
authentication.
13. This design of having minimal data of the resident with zero-
knowledge authentication is precisely to protect privacy and avoid any
data pooling at a central location.
14. Aadhaar system is being acknowledged as one of the best systems in the
world that has baked security and privacy into the whole system.

Page 16 of 16