A bank account cannot be opened merely on the basis of submission of a physical Aadhaar card or its photocopy without biometric or OTP authentication by the bank according to the UIDAI. Under the PML Rules and RBI circulars, to open a bank account, the bank is required to do biometric or OTP authentication and other due diligence before accepting Aadhaar for banking transaction or KYC of the customer.
So no one can open a bank account in your name without your verification through biometric/OTP etc, as per FAQs released by the authority today. If however, a bank Account is opened by accepting Aadhaar without biometric or OTP authentication and other verification,then the bank will be held responsible for any loss.
An Aadhaar holder cannot be held responsible for bank’s fault. It is just like if some fraudster opens a bank account by presenting someone else’s Voter card/Rationcard, it is the bank that would be held responsible not the voter or ration card holder. Till date no Aadhaar holder has suffered any financial loss on account of such misuse.
The above clarification was given in response to the question what happens if some fraudster who obtains a copy of my Aadhaar card andtries to open a bank account in my name without my knowledge. Will I not be harmed?
What happens if some fraudster who obtains a copy of my Aadhaar card and tries to open a bank account in my name without my knowledge. Will I not be harmed?
One must keep in mind that a bank account cannot be opened merely on the presentation or submission of a physical Aadhaar card or its photocopy. Under the PML Rules and RBI circulars, to open a bank account, the bank is required to do biometric or OTP authentication and other due diligence before accepting Aadhaar forbanking transaction or KYC. So no one can open a bank account in your name without your verification through biometric/OTP etc.
If however, a bank account is opened by accepting Aadhaar without biometric or OTP authentication and other verification, then the bank will be held responsible for any loss. An Aadhaar holder cannot be held responsible for bank’s fault. It is just like if some fraudster opens a bank account by presenting someone else’s Voter card/Rationcard, it is the bank that would be held responsible not the voter or ration card holder. Till date no Aadhaar holder has suffered any financial loss on account of such misuse.
There are many agencies that simply accept physical copy ofAadhaar and do not carry out any biometric or OTP authentication or verification. Is this a good practice?
Aadhaar is to be accepted as a proof of identity only after proper authentication under the Aadhaar Act. Also, UIDAI strongly recommends that if authentication facility is not available, the verification of Aadhaar should be done offline through QR code available on the physical Aadhaar copy. If any agency does not follow these best practices, then that agency will be fully responsible for situations or losses arising out of possible misuse or impersonation. An Aadhaar holder is not responsible for the wrongful act of or by any agency.
Recently, UIDAI has issued an advisory asking people not to share their Aadhaar number openly in the public domain especially on Social Media or other public platforms. Does this mean that I should not use Aadhaar freely?
You should use your Aadhaar without any hesitation for proving your identity and doing transactions, just like you use your bank account number, PAN card, debit card, credit card, etc., wherever required. What UIDAI has advised is that Aadhaar card should be freely used for proving identity and doing transactions, but should not be put on public platforms like Twitter, Facebook, etc.
People give their debit card or credit card details or cheque (which has bank account number) when they purchase goods, or pay school fee, water, electricity, telephone and other utility bills,etc. Similarly, you can freely use yourAadhaar to establish your identity as and when required without any fear. While using Aadhaar, you should do the same level of due diligence as you do in case of other ID cards – not more, not less.
If Aadhaar has to be freely used for proving identity and it is safe to do so, then why has UIDAI advised people not to put up their Aadhaar number in Social Media or public domain?
You use PAN card, debit card, credit card, bank cheques wherever required. But do you put these details openly on internet and social media such as Facebook, Twitter, etc.? Obviously no! You do not put such personal details unnecessarily in public domain so that there is no unwarranted invasion attempt on your privacy. The same logic needs to be applied in case of uses of Aadhaar.
I gave my Aadhaar card to a service provider for proving my identity. Can anyone harm me by knowing and misusing my Aadhaar number?
No. Just, by knowing your Aadhaar number, no one can harm you. It’s just like any other identity document such as passport, voter ID, PAN card, ration card, driving license, etc., that you have been using freely for decades with service providers. Aadhaar identity, instead, is instantly verifiable and hence more trusted.
Also, as per the Aadhaar Act 2016, the Aadhaar card is required to be verified by fingerprint, iris scan, OTP authentication, and QR code. Hence, it is near impossible to impersonate you if you use Aadhaar to prove your identity. People have been freely giving other identity documentssuch as passport, voter ID, PAN card, ration card, driving license, etc.
But did they stop using these documents for the fear that somebody would use them to impersonate? No! They continue using them and if any fraud happens, the law enforcement agencies handle them as per law. The same logic will apply to Aadhaar. In fact, Aadhaar is more secure than many other identity documents,because unlike other IDs, Aadhaar is instantly verifiable through biometric and OTP authentication and QR code. Further, under the Aadhaar Act, 2016 stringent penalties, including fines and imprisonment are provided whenever a person misuses your Aadhaar number or tries to cause any harm to you.
Can a fraudster withdraw money from my Aadhaar linked bank account if he knows my Aadhaar number or has my Aadhaar card? Has any Aadhaar holder suffered any financial or other loss or identity theft on account of impersonation or misuse?
Just like by merely knowing your bank account number, one cannot withdraw money from your account, similarly by merely knowing your Aadhaar number, no one can withdraw money from Aadhaar linked bank account. As in bank for withdrawing money, your signature, debit card, PIN, OTP, etc., is required, similarly for withdrawing money from your Aadhaar linked bank account through Aadhaar, your fingerprint, IRIS or OTP sent to your Aadhaar registered mobile will be required.
No Aadhaar holder has suffered any financial or other loss or identity theft on account of any said misuse or attempted impersonation of Aadhaar. Notably, everyday more than 3 crore Authentications are carried out on the Aadhaar platform. In the last eight years, so far more than 2,182 crore authentications (till 31st July 2018) have been successfully done. UIDAI keeps upgrading and reviewing its security systems and safety mechanisms to make Aadhaar more secure and more useable. There has not been a single instance of biometric data breach from Aadhaar database.Therefore, people should freely use and give Aadhaar to prove their identity as and when required.
Why am I asked to verify Bank account, Demat account, PAN and various other services with Aadhaar?
When you link your bank account, demat account, mutual fund account, PAN, etc., with Aadhaar, you secure yourself because no one can impersonate you to avail these services. Often the fraudsters carry out transactions and transfer money from someone else’s account to their accounts and go untraced as they generally submit their fake identities to the bank while opening their accounts. They operate bank accounts in fictitious names/companies and run shell companies’ accounts to carry out money laundering or stash black money.
Therefore, when all the bank accounts are verified with Aadhaar then it would not be possible for these unscrupulous elements to go untraced and banking as a whole would become more safe and secure as the identity of each bank account holders is established uniquely beyond doubt through eKYC. As of now 96 crore bank accounts out of total 110 crore accounts have been linked to Aadhaar.
At the same time, you also contribute to serve the vital national interests by making the system rid of bogus, fakes and duplicates who could misuse IDs to evade taxes, siphon off public money, etc. Through use of Aadhaar and other process improvements, the Government has been able to weed out more than 6 crore fakes, duplicates and ghosts beneficiaries and save more than Rs. 90,000 crore of public money.
Also, ghost and shell entities and companies used to be created for tax evasion, money laundering, terror financing, etc. Verification of identity through Aadhaar has helped curb these practices. Similarly, use of Aadhaar has checked unscrupulous elements that used to resort to impersonation in various examination and tests for college admission and jobs, etc., and thereby denying the genuine candidates of their rightful dues. There are number of other areas where verification of identity through Aadhaar has brought in fairness and transparency in the system.
Does linking my bank account, PAN, and other services with Aadhaar make me vulnerable?
No. As your bank information is not shared by the bank with anyone else, no one can have information about your bank account just by knowing your Aadhaar number. Also, UIDAI or any entity for that matter would not have any information about your bank account. For example, you give your mobile number at various places and to various authorities such as bank, passport authorities, income tax departments, etc. Would the telecom company have access to your bank information, income tax returns, etc.? Obviously no! Similarly, when you provide Aadhaar number to various service providers, your detail remains with the respective service providers and no single entity including the Government or UIDAI will have access to your personal information spread across various service providers.
