New offline ID tool for Aadhaar, entities using it to have stricter checks

The Unique Identification Authority of India (UIDAI) has notified amendments to the Aadhaar (Authentication and Offline Verification) Regulations, 2021, introducing a new digital identity document called the Aadhaar Verifiable Credential (AVC) and tightening rules for entities that conduct offline Aadhaar verification (that is, verification not done in real time using UIDAI servers). The changes were published in the Gazette on December 9, and on the UIDAI website on Friday.

The most significant amendment is the introduction of AVC, a new digitally signed document that Aadhaar holders can share for identity verification without revealing their full Aadhaar number. Its definition so introduced in the amendment states it is “a digitally signed document issued by the Authority to the Aadhaar number holder which may contain last 4 digits of Aadhaar number, demographic data, like, name, address, gender, date of birth, and photograph of Aadhaar number holder… which may be shared by Aadhaar number holder in full or part with an OVSE [Offline Verification Seeking Entity]… for verifying the demographic information or photograph of the Aadhaar number holder.”

One immediate question is how users choose what information to share. A UIDAI official told HT that the new Aadhaar app, yet to be officially launched, will let users pick exactly which details in their Aadhaar card they want to share with an OVSE.

AVC verification has now been formally added to UIDAI’s list of offline Aadhaar verification methods. Others include QR code verification, paperless offline e-KYC, e-Aadhaar verification, paper-based verification, and any additional methods the Authority may introduce in the future.

The step has been taken to reduce photocopying of Aadhaar cards when used in public places like when checking in to hotels. UIDAI CEO Bhuvnesh Kumar had earlier told HT that electronic sharing would also prevent tampering. “When people take physical copies, they don’t generally verify. They just take the physical copy, and there is always a possibility that someone can make manipulations. People do photoshopping, and can change the name or photo and can become somebody else. How does one check on the physical copy that it is genuine? So this is to avoid the misuse of Aadhaar,” he said.

The amendments also introduce an official definition of ‘Aadhaar Application’ to cover UIDAI’s apps and portals. At the same time, older references specifically mentioning ‘mAadhaar’ in other sections have been deleted. This comes as UIDAI prepares to launch a new Aadhaar app and plans to merge the existing mAadhaar app with it. The new app is currently in the testing stage.

The new app would allow paperless electronic ID sharing, as part of the authority’s effort to curb misuse of physical Aadhaar cards and strengthen the offline verification ecosystem. UIDAI CEO Bhuvnesh Kumar had earlier told HT that the new app is meant to shift Aadhaar usage away from physical cards, which are frequently photocopied and, in many cases, improperly stored or misused by OVSE.

The amendment also adds the definition of ‘Offline Face Verification,’ which allows an entity to verify someone’s identity by matching a live face image with the photograph stored in the Aadhaar application. The notification defines it as “a mode of offline verification in which the live facial image of an Aadhaar number holder is captured and is verified against the photograph… stored within the Aadhaar application.”

UIDAI CEO Bhuvnesh Kumar tells HT that for Offline Face Verification, a user will first need to complete a one-time online authentication through UIDAI servers to establish their identity. Once this initial check is done, all subsequent face verifications will be done offline as and when required.

He added that the new Aadhaar app, which is currently in testing phase, will be made available in beta mode on January 1, 2026. The official launch of the app has been planned for January 28, 2026 — which is also the UIDAI Day.

Registration of OVSEs

The amendments also lay out a detailed process for how any organisation that wants to conduct offline Aadhaar verification or OVSEs must register with UIDAI. The new regulation 13A says that an entity “desirous of undertaking Aadhaar Paperless Offline e-KYC verification or Aadhaar Verifiable Credential verification… shall apply to the Authority for registration.”

“This does not make anything mandatory, but will enable interested entities to use Aadhaar verification in electronic mode instead of the physical copies,” said Kumar, who told HT that the new regulation has been brought in to operationalise Section 8A of the Aadhaar Act, which governs OVSEs. While the Act recognised OVSEs, there was no mechanism to register them, until now.

For OVSEs, UIDAI may seek additional information, verify submissions, approve or reject applications, and charge fees for registration and transactions. If an application is rejected, UIDAI must inform the applicant within 15 days and specify the reasons. Entities may also seek reconsideration within 30 days.

A new rule also explains how an OVSE can give up its access to offline verification services. UIDAI will allow this only after the entity clears documentation and record-keeping requirements.

The regulation states that UIDAI may require the OVSE to show arrangements for “maintenance and preservation of verification logs and other documents,” provide verification records to Aadhaar holders upon request, share complaint records, and complete “settlement of accounts with the Authority.”

The amendments also give UIDAI powers to act against OVSEs that misuse offline verification or do not follow procedures. UIDAI may impose penalties if an entity “fails to comply with any of the processes, procedures, standards, specifications or directions issued by the Authority,” uses offline verification for unlawful purposes, withholds required information, or does not cooperate with inspections or audits.