The UIDAI will release the necessary software by 1 March. All agencies that are registered to authenticate identities are required to start shifting to the new system by 28 March. By 1 June, all these agencies have to fully migrate to the new system or risk losing their registration and fines.

Once the new system kicks in, people will be able to generate their Virtual ID from the website run by the Unique Identification Authority or UIDAI, Aadhaar enrolment centre and the Aadhaar application on their mobile phone. This will be a 16-digit number and will be valid only for a limited duration.

This 16-digit number can be provided by people for various services, say at airline or railway counters once it is made mandatory, instead of revealing their Aadhaar number. This 16-digit number will be transmitted to Aadhaar servers which will link the token to the individual's Aadhaar number and confirm the person's identity.

If a person forgets the Virtual ID number issued, he or she retrieve the number or generate a new one. The older ID gets automatically cancelled once a fresh one is generated.

The announcement comes amid concerns of privacy concerns after a newspaper bought login credentials to access details of individuals on feeding the Aadhaar number.

In a rare move, Wednesday's circular recognised concerns around multiple agencies storing Aadhaar number of their customers. "While it is important to ensure that Aadhaar number holders can use their identity information to avail many products and services, the collection and storage of Aadhaar numbers by various entities has heightened privacy concerns," the order said.

In this context, the Unique Identification Authority, or UIDAI, decided to restrict most private firms from retaining Aadhaar numbers of their customers or others.

The Aadhaar authority has introduced the concept of global authentication agencies, mostly government bodies, which will have access to e-Know Your Customer (e-KYC) information about people who avail their services. They can store Aadhaar number in their system.

Every other agency would be classified as local authentication agency and would be prohibited from storing Aadhaar numbers in their database.