existing means of authentication +

Aadhaar website has basic security flaws, blogs Aussie expert Australian information security expert Troy Hunt on Thursday pointed out a bunch of basic security flaws with the Aadhaar website uidai.gov.in. These included a vulnerability to “man in the middle attacks,” outdated security certificates, and inadequate encryption of data.

recently introduced a 16-digit 'Virtual ID' +

NEW DELHI: The Unique Identification Authority of India UIDAI ) has decided to introduce facial authentication for Aadhaar for people encountering issues with other forms of biometric verification, like fingerprint and iris scanning.The new feature is expected to be available in fusion mode - that is, with- on registered devices by July 1 this year.Specifically, the new feature will be allowed only when combined with "one more authentication factor", like fingerprint, iris or OTP."This facility is going to help in inclusive authentication of those who are not able to biometrically authenticate due to their worn out fingerprints, old age or hard work conditions," PTI quoted UIDAI as saying.The new method will also be allowed "on need basis", PTI reported.A few days ago, law minister Ravi Shankar Prasad had assured that the fingerprint and iris data stored in the Aadhaar system was impenetrable."The (Aadhaar) system contains my finger print and iris kept in safe and secure encrypted form which cannot be broken even by billions of efforts. That is an Indian technology," he had said.His comments are significant, as they came in the backdrop of allegations of a massive Aadhaar data breach Meanwhile, UIDAIin an attempt to address privacy concerns.The 'Virtual ID' can be generated from a website and be submitted for various purposes, including SIM verification, instead of sharing the actual 12-digit biometric ID.