Introducers are individuals (for example, Registrar’s employees, elected local body members, members of local administrative bodies, postmen, influencers such as teachers, health workers & doctors, Aanganwadi / ASHA workers, representative of local NGO’s etc.) identified by a Registrar and registered in UIDAI’s CIDR as “Introducers”.
In certain cases, the UIDAI Regional Office may itself take the initiative to identify a pool of Introducers for the convenience of the Registrars.
Introducer must be above the age of 18 years and Introducer must not have a criminal record.
Introducers will be linked to a Registrar. The same Introducer may be used by more than one Registrar as long as they are identified by the concerned Registrar and registered in UIDAI’s CIDR as “Introducers” for the particular Registrar. Therefore, the Introducer can only introduce people within the Registrar’s jurisdiction. In addition, a Registrar can further limit the operations of an Introducer by administrative boundaries (State, district level).
Under the PML Rules Aadhaar is one of the officially valid documents accepted for opening bank account and the bank is required to do other due diligence for banking transaction or KYC. If at all some fraudster tries to open bank account using Aadhaar and bank doensn’t carry any due diligence then in such case an Aadhaar holder cannot be held responsible for bank’s fault. It is just like if some fraudster opens a bank account by presenting someone else’s Voter card/Ration card, it is the bank that would be held responsible not the voter or ration card holder. Till date no Aadhaar holder has suffered any financial loss on account of such misuse.
You use PAN card, debit card, credit card, bank cheques wherever required. But do you put these details openly on internet and social media such as Facebook, Twitter, etc.? Obviously no! You do not put such personal details unnecessarily in public domain so that there is no unwarranted invasion attempt on your privacy. The same logic needs to be applied in case of uses of Aadhaar.
As per the Supreme Court Judgement in the Aadhaar case (494 of 2012), residents are no longer required to mandatorily verify Bank account with Aadhaar. PAN Aadhaar linking is mandatory. A resident can voluntarily use his Aadhaar number in physical or electronic form by way of authentication or offline verification, or in such other form as may be specified by UIDAI. Mandatory Aadhaar authentication can be performed if the purpose is backed by law or it is in State interest. However, for availing subsidies, benefits, services beneficiaries are required to undergo mandatory Aadhaar authentication. when you link your bank account, demat account, mutual fund account, PAN, etc., with Aadhaar, you secure yourself because no one can impersonate you to avail these services. Often the fraudsters carry out transactions and transfer money from someone else’s account to their accounts and go untraced as they generally submit their fake identities to the bank while opening their accounts. They operate bank accounts in fictitious names/companies and run shell companies’ accounts to carry out money laundering or stash black money. Therefore, when all the bank accounts are verified with Aadhaar then it would not be possible for these unscrupulous elements to go untraced and banking as a whole would become more safe and secure as the identity of each bank account holders is established uniquely beyond doubt through eKYC. As of now 96 crore bank accounts out of total 110 crore accounts have been linked to Aadhaar.
At the same time, you also contribute to serve the vital national interests by making the system rid of bogus, fakes and duplicates who could misuse IDs to evade taxes, siphon off public money, etc. Through use of Aadhaar and other process improvements, the Government has been able to weed out more than 6 crore fakes, duplicates and ghosts beneficiaries and save more than Rs. 90,000 crore of public money. Also, ghost and shell entities and companies used to be created for tax evasion, money laundering, terror financing, etc. Verification of identity through Aadhaar has helped curb these practices. Similarly, use of Aadhaar has checked unscrupulous elements that used to resort to impersonation in various examination and tests for college admission and jobs, etc., and thereby denying the genuine candidates of their rightful dues. There are number of other areas where verification of identity through Aadhaar has brought in fairness and transparency in the system.
No. Just, by knowing your Aadhaar number, no one can harm you. It’s just like any other identity document such as passport, voter ID, PAN card, ration card, driving license, etc., that you have been using freely for decades with service providers. Aadhaar identity, instead, is instantly verifiable and hence more trusted. Also, as per the Aadhaar Act 2016, the Aadhaar card is required to be verified either by in physical or electronic formby way of authentication or offline verification, or in such other form as may be specified. Verification is done through fingerprint, iris scan, OTP authentication, and QR code etc. Hence, it is near impossible to impersonate you if you use Aadhaar to prove your identity. People have been freely giving other identity documents such as passport, voter ID, PAN card, ration card, driving license, etc. But did they stop using these documents for the fear that somebody would use them to impersonate? No! They continue using them and if any fraud happens, the law enforcement agencies handle them as per law. The same logic will apply to Aadhaar. In fact, Aadhaar is more secure than many other identity documents, because unlike other IDs, Aadhaar is instantly verifiable through biometric and OTP authentication and QR code. Further, under the Aadhaar Act, 2016 stringent penalties, including fines and imprisonment are provided whenever a person misuses your Aadhaar number or tries to cause any harm to you.
No. As your bank information is not shared by the bank with anyone else, no one can have information about your bank account just by knowing your Aadhaar number. Also, UIDAI or any entity for that matter would not have any information about your bank account. For example, you give your mobile number at various places and to various authorities such as bank, passport authorities, income tax departments, etc. Would the telecom company have access to your bank information, income tax returns, etc.? Obviously no! Similarly, when you provide Aadhaar number to various service providers, your detail remains with the respective service providers and no single entity including the Government or UIDAI will have access to your personal information spread across various service providers.
Aadhaar authentication can be performed for availing benefits, services and benefits falling under Section 7 of the Aadhaar Act, 2016 and if the purpose for which Aadhaar authentication is intended to be used is either backed by law made by parliament or is in the State interest. The verification of Aadhaar can be done offline through QR code available on the physical Aadhaar copy. If any agency does not follow these best practices, then that agency will be fully responsible for situations or losses arising out of possible misuse or impersonation. An Aadhaar holder is not responsible for the wrongful act of or by any agency.
You should use your Aadhaar without any hesitation for proving your identity and doing transactions, just like you use your bank account number, PAN card, debit card, credit card, etc., wherever required. What UIDAI has advised is that Aadhaar card should be freely used for proving identity and doing transactions, but should not be put on public platforms like Twitter, Facebook, etc. People give their debit card or credit card details or cheque (which has bank account number) when they purchase goods, or pay school fee, water, electricity, telephone and other utility bills, etc. Similarly, you can freely use your Aadhaar to establish your identity as and when required without any fear. While using Aadhaar, you should do the same level of due diligence as you do in case of other ID cards – not more, not less.
Just like by merely knowing your bank account number, one cannot withdraw money from your account, similarly by merely knowing your Aadhaar number, no one can withdraw money from Aadhaar linked bank account. As in bank for withdrawing money, your signature, debit card, PIN, OTP, etc., is required, similarly for withdrawing money from your Aadhaar linked bank account through Aadhaar, your fingerprint, IRIS or OTP sent to your Aadhaar registered mobile will be required. No Aadhaar holder has suffered any financial or other loss or identity theft on account of any said misuse or attempted impersonation of Aadhaar. Notably, everyday more than 3 crore Authentications are carried out on the Aadhaar platform. In the last eight years, so far more than 3,012.5 crore authentications (till 28th May 2019) have been successfully done. UIDAI keeps upgrading and reviewing its security systems and safety mechanisms to make Aadhaar more secure and more useable. There has not been a single instance of biometric data breach from Aadhaar database. Therefore, people should freely use and give Aadhaar to prove their identity as and when required under the provisions of the Aadhaar Act, 2016.
Mask Aadhaar option allows you to mask your Aadhaar number in your downloaded e-Aadhaar. Masked Aadhaar number implies replacing of first 8 digits of Aadhaar number with some characters like “xxxx-xxxx” while only last 4 digits of the Aadhaar Number are visible.
Resident can download e-Aadhaar by following two ways.
By Using Enrollment Number:Resident can download e-Aadhaar using 28 digit enrolment no. along with Full Name and Pin code. In this download process OTP is received on registered mobile no. Resident can also use TOTP to download e-Aadhaar instead of OTP. TOTP can generated using mAadhaar mobile Application.
By Using Aadhaar No:Resident can download e-Aadhaar by using 12 digits Aadhaar No. along with Full Name and Pin code. In this download process OTP is received on registered mobile no. Resident can also use TOTP to download e-Aadhaar instead of OTP. TOTP can generated using mAadhaar mobile Application.
Computer must be connected to internet while validating digital signature.
Right click on the 'validity unknown' icon and click on 'Validate Signature'
You will get the signature validation status window, click on 'Signature Properties'.
Click on 'Show Certificate.'
Verify that there is a certification path named 'NIC sub-CA for NIC 2011, National Informatics centre'. This identifies 'NIC sub-CA for NIC 2011, National Informatics centre' as the owner of the digital certificate that has been used when signing the document.
Mark the certification path named 'NIC sub-CA for NIC 2011, National Informatics centre', click the 'Trust' tab and then 'Add to Trusted Identities'.
Answer 'OK' to any security question that follows.
Check (✔) the field for 'Use this certificate as a trusted root' and click 'OK' twice to close this and the next window.
Click 'Validate Signature' to execute the validation.
Note: - Once 'NIC sub-CA for NIC 2011, National Informatics centre' has been as a Trusted Identity, any subsequent documents with digital signatures from CCA will be validated automatically when opened.
mAadhaar app can be used anywhere anytime within India. mAadhaar is more than Aadhaar card in a wallet. On one hand the mAadhaar profile is accepted as a valid ID proof by Airports and Railways on the other resident can use the features in the app to share their eKYC or QR code with service providers who sought Aadhaar verification of their customers before providing Aadhaar services.
No, the facility to update demographic details such as Name, DoB, Mobile number aren’t not available in the mAadhaar app. Only address update via document or without document (+with Address Validation letter) facility is currently available.
However the demographics updates features may be included in future releases.
Only someone with an Aadhaar linked to a registered mobile number can create Aadhaar profile in the mAadhaar App. They can register their profile in an App installed in any smartphone. However the OTP will be sent to only their registered mobile. Steps to register Aadhaar profile are given below:
Launch the app.
Tap on the Register Aadhaar tab on the top of main dashboard
Create a 4 digit Pin/Password(memorize this password, as it will be required to access profile)
Provide Valid Aadhaar & enter valid Captcha
Enter Valid OTP and submit
The profile should get registered
The registered tab would now display the registered Aadhaar Name
Keeping the security and privacy of the Aadhaar holders in mind the app does not provide save password feature in the app. Hence the user will be required to enter password every time they wish to access profile or My Aadhaar.
No. Anyone in India with a smartphone can install and use mAadhaar App.
Without an Aadhaar registered mobile number resident will be able to avail only a few of the services such as Order Aadhaar reprint, Locate Enrolment Center, Verify Aadhaar, Scanning QR code etc.
However registered mobile number is mandatory to avail all other Aadhaar services and Aadhaar Profile services listed under My Aadhaar. Resident can register their profile in an App installed in any smartphone. However the OTP will be sent to only their registered mobile.
It is a secure sharable document which can be used by any Aadhaar number holder for offline verification of Identification.
A resident desirous of using this facility shall generate his/her digitally signed Aadhaar details by accessing UIDAI resident portal. The details will contain Name, Address, Photo, Gender, DOB, hash of registered Mobile Number, hash of registered Email Address and reference id which contains last 4 digits of Aadhaar Number followed by time stamp in a digitally signed XML. It will provide Offline Aadhaar Verification facility to service providers/Offline Verification Seeking Entity (OVSE) without the need to collect or store Aadhaar number.
Service Providers shall not share, publish or display either Share Code or XML file or its contents with anyone else. Any non-compliance of these actions shall invite actions under Sections 17 and 25 of The Aadhaar (Authentication) Regulation, 2016, Sections 4 and 6 of The Aadhaar (Sharing of Information) Regulation, 2016 and Sections 29(2), 29 (3) and 37 of The Aadhaar Act, 2016.
Any Aadhaar number holder who desires to establish his/her identity to any service provider (OVSE) using digitally signed XML downloaded from UIDAI website can be a user of this service. The service provider should have provisions of providing this Aadhaar Paperless Offline e-KYC at their facility and do the offline verification
The process of Aadhaar Offline e-KYC Verification by Service Provider is:
Once service provider obtains the ZIP file, it extracts the XML file using the password (share code) provided by the resident.
The XML file will contain the demographic details such as Name, DOB, Gender and Address. Photo is in base 64 encoded format which can be rendered directly using any utility or plane HTML page. Email Address and Mobile number are hashed.
Service Provider has to collect Email Address and Mobile number from residents and perform below operations in order to validate the hash:
Hashing logic: Sha256(Sha256(Mobile+ShareCode))*number of times of last digit of Aadhaar Number
Example : Mobile number: 9800000002 Aadhaar Number: 123412341234 Share Code: Abc@123 Sha256(Sha256(9800000002+ Abc@123))*4 In case if Aadhaar Number ends with Zero or 1 (123412341230/1) it will be hashed one time. Sha256(Sha256(9800000002+ Abc@123))*1
Hashing Logic: This is a simple SHA256 hash of the email without any salt
Enter ‘Aadhaar Number’ or ‘VID’ and mentioned ‘Security Code’ in screen, then click on ‘Send OTP’ or ‘Enter TOTP’. The OTP will be sent to the registered Mobile Number for the given Aadhaar number or VID. TOTP will be available on m-Aadhaar mobile Application of UIDAI. Enter the OTP received/TOTP. Enter a Share Code which be the password for the ZIP file and click on ‘Download’ button
The Zip file containing the digitally signed XML will be downloaded to device wherein the above mentioned steps have been performed.
Identity verification can simply be accomplished by providing an identity document like PAN card, Passport etc to the service provider. However, all these documents, which may be used for identification can still be forged and faked which may or may not be possible to verify offline instantaneously. The document verifier has no technological means to verify the authenticity of the document or the information it contains and has to trust the document producer. Whereas, the XML file generated by the Aadhaar number holder using Aadhaar Paperless Offline e-KYC is digitally signed document using UIDAI digital signature. Thus, the service provider can verify the demographic contents of the file and certify it to be authentic when doing the offline verification