The Central government has issued a set of guidelines to Offline Verification Seeking Entities (OVSEs), highlighting several usage hygiene issues, better safety mechanisms at the user level, and ways to further enhance residents’ trust while using Aadhaar voluntarily for lawful purposes.
Entities have been informed to perform verification of the Aadhaar after explicit consent of the Aadhaar number holder. These entities need to be courteous to residents and assure them about the security and confidentiality of their Aadhaar while conducting offline verification.
”Entities must maintain the log/record of the explicit consent received from residents for any future audit by UIDAI or any other legal agency thereof,” the Unique Identification Authority of India (UIDAI) said.
The UIDAI has also asked OVSEs to verify Aadhaar via the QR Code present on all four forms of Aadhaar (Aadhaar letter, e-Aadhaar, m-Aadhaar and Aadhaar PVC card) instead of accepting Aadhaar in physical or electronic form, as proof of identity.
Offline verification is the use of Aadhaar for carrying out identity verification and KYC processes locally, without connecting to the Central Identities Data Repository of UIDAI. The organisations conducting offline verification of an Aadhaar number holder for a lawful purpose are called OVSEs.
Entities have been urged to ensure that no services are denied to any resident for refusing to or being unable to undergo offline verification of Aadhaar, provided the resident is able to identify himself/ herself through other viable alternatives. It has been underlined that OVSEs need to provide residents with viable alternative means of identification in addition to Aadhaar, for rendering service.
Verification entities, generally should not collect, use or store the Aadhaar number of the resident after having conducted offline verification of the Aadhaar, UIDAI has informed OVSEs. Post verification, if the OVSE finds it necessary for any reason, to store a copy of the Aadhaar, the OVSE must ensure that the Aadhaar number is redacted/masked and irretrievable.
Any Aadhaar can be verified using the QR code available on all forms of Aadhaar (Aadhaar letter, e-Aadhaar, Aadhaar PVC card, and m-Aadhaar) using the mAadhaar App, or Aadhaar QR code Scanner. Tampering with Aadhaar documents can be detected by offline verification, and tampering is a punishable offence and is liable for penalties under Section 35 of the Aadhaar Act.
In case, they notice any misuse of information, verification entities need to inform UIDAI and the concerned resident within 72 hours. UIDAI has cautioned OVSEs not to perform offline verification on behalf of any other entity or person and ensure full cooperation with the Authority or law enforcement agencies in case of any investigation involving the misuse of Aadhaar.