(Now withdrawn: https://pib.gov.in/PressReleseDetailm.aspx?PRID=1829162)
A thread on the history of how this has changed over time. https://twitter.com/PIBTvpm/status/1530174793118384128
> Only YES/NO response, no details - no invasion of privacy.
The same presentation voids this claim by mentioning eKYC
- Name, UID, DOB, Gender, Phone, Email, Address
- Address in local language
- Digitally signed e-Aadhaar PDF
Aadhaar went from a "YES/No" system to a surveillance API in a span of years.
https://uidai.gov.in/images/aadhaar_ekyc_api_2_0.pdf (Section 3.4.1)
In 2013, UIDAI claimed:
>the cut away portion of Aadhaar letter is as an officially valid document
(This is wrong, the law says "subject to authentication") https://economictimes.indiatimes.com/news/politics-and-nation/cut-away-portion-e-aadhaar-valid-proofs-of-identity-address-uidai/articleshow/20860633.cms
According to the UIDAI, the e-Aadhaar document is digitally signed, using certificate issued by NIC as per the IT Act.https://economictimes.indiatimes.com/news/politics-and-nation/cut-away-portion-e-aadhaar-valid-proofs-of-identity-address-uidai/articleshow/20860633.cms
It needs to be digitally authenticated to be worth anything, but not everyone could do so.
You can scan the QR and read the information on the QR code.
April 2017, from a UIDAI Circular:
> "downloaded e-Aadhaar should be treated at par with printed Aadhaar"
So photo were added into the e-Aadhaar QR code (which got signed). So, you could scan an Aadhaar, and match the photo.
> UIDAI has recently replaced existing QR code on eAadhaar having resident’s demographic details now with a secured digitally-signed QR Code which contains demographics along with photograph of the Aadhaar holder
Unauthorized printing of Aadhaar cards could render the QR (quick response) code dysfunctional or even expose personal data without an individual's informed consent, UIDAI sayshttps://www.livemint.com/Politics/5Gr7j4bgNoLRVtf10cjrzK/To-protect-data-dont-opt-for-plastic-or-laminated-Aadhaar.html
What about "PVC cards"?
> The print out of the downloaded Aadhaar card, even in black and white form, is as valid as the original Aadhaar letter sent by UIDAI. There is absolutely no need to print it on plastic/PVC card or get it laminated.
eg: Captchas are fallible, but its an economic barrier to what they protect.
Common security guidelines include things like holograms, watermarks (costly to forge). UIDAI decided against these by saying no to PVC cards.
It costs 50 INR.
The world's largest Identity Program has ever-shifting security and privacy guarantees, but there's no accountability from UIDAI.