Unique Identification Authority of India Issues Amendments to Aadhaar (Authentication and Offline Verification) Regulations, 2021

Key Takeaways:

1. Introduction of crucial changes to authentication processes.

2. Emphasis on the importance of agreements with the Authority for performance of authentication.

3. Enhanced security and efficiency in Aadhaar-related transactions.

4. Stakeholders and entities involved should stay informed to ensure compliance with the updated regulations.

Synopsis:

The Unique Identification Authority of India (UIDAI) has introduced new regulations amending the Aadhaar (Authentication and Offline Verification) Regulations, 2021, effective from January 31, 2024. These amendments, known as the Aadhaar (Authentication and Offline Verification) Amendment Regulations, 2024, bring about significant changes to the authentication process, with a focus on enhancing security and efficiency in Aadhaar-related transactions.

Key Changes Introduced by the Amendments:

1. Introduction of New Authentication Facilities:

The amendments introduce two new types of authentication facilities: e-KYC authentication facility and Yes/No authentication facility. These facilities involve the secure submission of biometric information, OTP, and Aadhaar number, matched against the data available in the CIDR (Central Identities Data Repository), with the Authority returning digitally signed responses containing relevant data and technical details related to the authentication transaction.

2. Emphasis on Agreements with the Authority:

The amendments emphasize the importance of entering into a Memorandum of Understanding or agreement with the Authority for the performance of authentication. This requirement is crucial for entities engaging in authentication processes, ensuring compliance with the updated regulations.

3. Process for Performance of Authentication:

Regulation 9 of the principal regulations has been amended to specify the process for the performance of authentication. It outlines the steps involved in the authentication request, verification of input parameters against the information of the Aadhaar number available in the CIDR, and the subsequent digitally signed responses provided by the Authority.

4. Clarification of Authentication Failure Scenarios:

Regulation 10 has been updated to include specific scenarios related to authentication failure, such as “Aadhaar cancelled,” “Aadhaar deactivated,” “Aadhaar locked,” “Aadhaar omitted,” “Aadhaar suspended,” and “Biometrics locked.” These definitions provide clarity on the various states of Aadhaar numbers and biometric records in the context of authentication.

Stakeholder Considerations:

Stakeholders and entities involved in Aadhaar-related transactions should stay informed about these amendments to ensure compliance with the updated regulations. It is essential for them to understand the new authentication facilities, the requirement for agreements with the Authority, and the revised processes for authentication performance.

FAQ:

Q1: What are the key changes introduced by the Aadhaar (Authentication and Offline Verification) Amendment Regulations, 2024?

A1: The amendments introduce crucial changes to the authentication processes, emphasizing the importance of agreements with the Authority for the performance of authentication. They aim to enhance security and efficiency in Aadhaar-related transactions.

Q2: When do the amendments come into force?

A2: The amendments come into force on the date of their publication in the Official Gazette, which is January 31, 2024.

Q3: What should stakeholders and entities do in response to these amendments?

A3: Stakeholders and entities involved should stay informed about the changes and ensure compliance with the updated regulations to effectively manage Aadhaar-related transactions.