Aadhaar Face Authentication: All You Need To Know About New Rules
The new rules will also provide clear guidelines for private entities to access the system legally.
The Centre has approved new Aadhaar rules, permitting face authentication and reinforcing consent and purpose-limitation requirements, aligning with the Digital Personal Data Protection (DPDP) Act. The rules are expected to be notified soon, news agency PTI reported.
These changes mark a significant shift, expanding Aadhaar use beyond government services. The new rules will provide clear guidelines for private entities to access the system legally.
The changes coincide with UIDAI’s plans to launch a redesigned Aadhaar app, Moneycontrol reported. The movie is likely aimed at expanding Aadhaar’s applicability in daily life, while also ensuring privacy protection.
According to the report, the new rules officially recognise face authentication as a valid Aadhaar verification method. This will be followed alongside existing biometric and OTP-based options. Previously, facial verification was largely restricted to select government use cases.
The regulations also enhance offline Aadhaar verification. This move is aimed at enabling individuals to share digitally signed credentials with third parties without accessing UIDAI’s central database, the report added.
How Face Authentication Will Work Under New Aadhaar Rules?
Face authentication remains a vital source of confirming data in circumstances where fingerprints or iris scans are impractical or for entities not registered as Aadhaar Authentication User Agencies (AUAs).
On-device facial verification will be able to confirm the Aadhaar holder’s physical presence without sending biometric data to UIDAI. This can help in enabling secure access to events, gated communities or ticketed venues, the report added.
The new rules also emphasise strong privacy controls for Aadhaar use. Authentication must be purpose-specific and require explicit consent. Moreover, entities must only collect the minimum necessary data, in line with the DPDP Act.
The rules give Aadhaar holders the power to approve or deny requests and share only selected details, like age or photo. They will not be required to share their complete profile, ensuring enhanced data privacy.
The new rules also clarify private-sector Aadhaar use, addressing illegal OTP-based workarounds, according to the report. By enabling offline verification, the government aims to replace informal methods with a secure, compliant way for businesses to verify identities.
