Banks told to be vigilant on Aadhaar

Use OTPs only in the presence of customers: UIDAI

March 25, 2018 11:00 pm | Updated March 26, 2018 02:31 pm IST - Mumbai

An Indian visitor gives a thumb impression to withdraw money from his bank account with his Aadhaar or Unique Identification (UID) card during a Digi Dhan Mela, held to promote digital payment, in Hyderabad on January 18, 2017.
The Digi Dhan mela is a government initiative aimed at digital transformation in the country following the recent demonetization. / AFP PHOTO / Noah SEELAM

An Indian visitor gives a thumb impression to withdraw money from his bank account with his Aadhaar or Unique Identification (UID) card during a Digi Dhan Mela, held to promote digital payment, in Hyderabad on January 18, 2017. The Digi Dhan mela is a government initiative aimed at digital transformation in the country following the recent demonetization. / AFP PHOTO / Noah SEELAM

The Unique Identification Authority of India (UIDAI) has asked banks to provide Aadhaar-based onetime password (OTP) for opening of bank accounts only in the presence of the customer, in a banking outlet.

In a letter addressed to commercial banks, UIDAI Chief Executive Officer Ajay Bhushan Pandey cited instances of misuse of Aadhaar while opening accounts.

The direction is a huge blow to the banks that are heavily dependent on Aadhaar-based OTP authentication process for account opening (where the customers do not have to visit branches) or use tab banking to open accounts by visiting the customer’s residence.

“Banks may provide authentication and e-KYC facility (fingerprint, iris, OTP) at all banking outlets so that authentication/e-KYC can be done then and there in front of the customers,” the letter — a copy of which has been reviewed by The Hindu — said. The letter further noted that while banks are using various channels for collection of Aadhaar number from their customers, it was found by the UIDAI that the authentication of Aadhaar numbers was not carried out or authentication best practices were not followed.

“It has come to the notice of the UIDAI that there has been instances wherein: Aadhaar of person A got seeded with person B’s account to carry out fraudulent transaction,” the letter said.

“Stolen Aadhaar copy was used to open a bank account and obtain credit, debit card,” the letter said while citing another example.

The UIDAI said a fabricated Aadhaar card provided to a bank may result in fraud and loss of money, if the bank does not authenticate with finger print or OTP to adequately identify the Aadhaar holder.

According to RBI norms, there are limits for accounts that are opened through Aadhaar-based OTP authentication process, like deposits cannot exceed ₹1 lakh and full KYC requirements, which is submission of documents and giving biometric details, were needed to be made in 1 year.

Private sector lender Kotak Mahindra Bank, which had launched Aadhaar-based OTP authentication process for opening of accounts in March 2017, said last Tuesday that its customer base swelled from 8 million to 12 million within nine months of introducing the scheme. Since many other banks also offer similar schemes, bankers said account opening is likely to be hit following the UIDAI’s directions.

Top News Today

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.