Aadhaar privacy: Key issues that all Aadhaar card holders should bear in mind

As the Supreme Court hears petitions whether the right to privacy is a fundamental right, there are some key aspects that Aadhar Card holders should bear in mind, especially, because the government has made Aadhaar mandatory for a number of schemes and official purposes, including the filing of income tax returns.

Linking of PAN with Aadhaar: What it means

The government claims that by linking the Aadhaar with PAN, authorities will be able to crack down on people with multiple PAN cards, and those who are escaping the tax net. The government has also made it clear that all bank accounts will have to be linked to Aadhar by the end of this year. This, essentially, implies that the government will be able track financial transactions.

Amit Maheshwari, Partner, Ashok Maheshwary & Associates LLP, says, “As the bank accounts of the person would already have PAN as his/her KYC requirement, once Aadhaar is linked with PAN, it will certainly lead to automatic link with the bank accounts as well.”

“Since Aadhaar is based on biometrics, the chances of duplication are much less as compared to PAN, which is not based on biometrics,” Maheshwari adds.

According to the latest data, there are more than 24.37 crore PANs registered in the country, while Aadhaar card has been issued to 113 crore people. Against this, only 2.87 crore individuals filed income tax returns (in the assessment year 2012-2013), out of which 1.62 crore did not pay any tax – leaving the number of taxpayers at just one per cent of the country’s total population. Given the abysmally low number of tax payers in the country, the government intends to keep a close watch on tax evaders with this move.

Although the judgment is awaited, here’s a low-down on how to link your PAN card with Aadhaar:

  • Register on the e-Filing portal of the Income Tax Department, www.incometaxindiaefiling.gov.in
  • Enter log-in ID, password and date of birth
  • After logging in, go to your profile setting which has the option of linking your Aadhaar Card. Generally, a pop-up window appears, prompting you to link your PAN card with Aadhaar card.
  • Check if the details such as name, date of birth and gender appearing on screen match with those on your Aadhaar card.
  • Enter your Aadhaar card number and click on the ‘link now’ button. If details on both the cards match, your card will be linked instantly.

Aadhaar prone to financial frauds

Many civil rights activists have raised concerns about privacy and security of data under Aadhar. Bangalore-based civil society group, The Centre for Internet and Society (CIS), has expressed concerns over the lack of security features associated with Aadhaar-linked financial transactions.

Authored by Amber Sinha and Srinivas Kodali, the CIS report pointed out that unless sufficient security features are added, the system is prone to financial frauds.

“The availability of large datasets of Aadhaar numbers along with bank account numbers and phone numbers on the Internet increases the risk of financial fraud,” the report said.

According to the authors, social engineering is often used to find out bank account details, credit card numbers and passwords to steal money from people’s accounts.

“One of the prime examples is individuals receiving phone calls from someone claiming to be from the bank. Aadhaar data makes this process much easier for fraud and increases the risk around transactions. In the US, the ease of getting Social Security Numbers from public databases has resulted in numerous cases of identity theft. These risks increase multifold in India due the proliferation of Aadhaar numbers and other related data available,” the report pointed out.

How secure is Aadhar Pay?

In May, when malicious ransomware (in which the attacker locks down your computer and demands money to unlock it) infected hundreds of computers in different countries, questions were raised on how safe are we from cyber attacks, especially when digital transactions are increasing by leaps and bounds?

The government launched Aadhaar Pay, a platform that allows you to make payments using Aadhaar number-linked bank accounts. It is a merchant version of Aadhaar-enabled payment system which lets you make payments without a smartphone. One just requires the fingerprint of the payer for authentication; there is no need for a POS machine to swipe the card.

However, when passwords are fallible, how reliable can biometric authentication from Aadhaar Pay be, particularly when there have been cases of leakage of Aadhaar data? According to some experts, Aadhaar authentication is pretty strong because you cannot connect to the Aadhaar database except through secured APIs.