The planned introduction of a 16-digit “Virtual ID” for Aadhaar may be a good security measure, but it may have been thought of a little too late. The Virtual ID is a clear response to the credibility hit the Aadhaar system and its database faced following the newspaper expose of how it could be breached with an electronic payment to agents selling a gateway for illegal access. Around 119 crore Indians have already shared a 12-digit number to establish their identity for various services, to claim government subsidies and for banking, etc. The Virtual ID may further confuse users and confound the system struggling to keep the sanctity of personal data already shared with several government departments, telecom providers, etc. The switch to need-based access to personal data now may help only prospectively.
The Aadhaar system’s progenitor seems to be nursing a grouse that the system’s credibility is being eroded by an “orchestrated campaign”. However, after several government websites published the data of welfare recipients and a serious media expose, the biometric identifier must reinvent more safeguards to convince the Supreme Court of its constitutional validity. It may be a Herculean task to reassign Aadhaar numbers to 119 crore people before bringing in Virtual ID, and also create data trusts to oversee the dissemination of information for authentication on a need-to-know basis. The government, as the sentinel of the information, has a huge task ahead — to guarantee the best possible safeguards even if it’s accepted that no databank in the world is safe from hacking as that’s just what hackers do.