What is Aadhaar? – Unique Identification Authority of India

Combination of the first 4 letters of name in CAPITAL and the year of birth (YYYY) as password. For Example: Example 1 Name: SURESH KUMAR Year of Birth: 1990 Password: SURE1990 Example 2 Name: SAI KUMAR Year of Birth: 1990 Password: SAIK1990 Example 3 Name: P. KUMAR Year of Birth: 1990 Password: P.KU1990 Example 4 Name: RIA Year of Birth: 1990 Password: RIA1990

Resident needs 'Adobe Reader' to view e-Aadhaar. You have 'Adobe Reader' installed in your System. To install Adobe Reader in the System visit https://get.adobe.com/reader/

Resident can download e-Aadhaar by following two ways. By Using Enrollment Number:Resident can download e-Aadhaar using 28 digit enrolment no. along with Full Name and Pin code. In this download process OTP is received on registered mobile no. Resident can also use TOTP to download e-Aadhaar instead of OTP. TOTP can generated using mAadhaar mobile Application. By Using Aadhaar No:Resident can download e-Aadhaar by using 12 digits Aadhaar No. along with Full Name and Pin code. In this download process OTP is received on registered mobile no. Resident can also use TOTP to download e-Aadhaar instead of OTP. TOTP can generated using mAadhaar mobile Application.

Resident can download e-Aadhaar by visiting UIDAI websites - https://uidai.gov.in/ or by visiting https://eaadhaar.uidai.gov.in

Mask Aadhaar option allows you to mask your Aadhaar number in your downloaded e-Aadhaar. Masked Aadhaar number implies replacing of first 8 digits of Aadhaar number with some characters like “xxxx-xxxx” while only last 4 digits of the Aadhaar Number are visible.

As per Aadhaar Act, e-Aadhaar is equally valid like Physical Copy of Aadhaar for all purposes. For UIDAI circular on validity of e Aadhaar, please visit https://uidai.gov.in/images/uidai_om_on_e_aadhaar_validity.pdf

e-Aadhaar is a password protected electronic copy of Aadhaar, which is digitally signed by the competent Authority of UIDAI.

At this time there is no expiry period defined for VID. VID will be valid till the time a new VID is generated by the Aadhaar number holder.

After the minimum validity period (currently set as 1 calender day), on Aadhaar number holder requests regeneration, a new VID will be generated and the previous VID will be deactivated. In case resident opts for retrieval of VID, the last active VID will be sent to the Aadhaar number holder

No. Since VID is temporary and can be changed by the Aadhaar number holder, storing VID has no value. Agencies should not store VID in any database or logs.

Yes, Aadhaar number holder consent is necessary for VID based authentication. Agency is required to inform the Aadhaar number holder the purpose for authentication and collect explicit consent for performing authentication.

Yes. VID can be used in lieu of Aadhaar number in Authentication API input. Various entities will update their Aadhaar authentication application by 31st May 2019 to accept VID as an input for authentication.

Yes, UIDAI will provide multiple ways to generate new and/or retrieve current VID. These options will be made available via UIDAI’s resident portal, eAadhaar, Aadhaar Enrolment centre, mAadhaar mobile application etc. Presently, VID generation facility is available on UIDAI's resident portal. Whenever required, VID number will be sent to residents via SMS on registered mobile number. VID can also be retrieved by sending an SMS to the Aadhaar helpline number 1947. Resident will have to type “RVIDLast 4 digits of Aadhaar Number” and send it to 1947 through the registered Mobile Number.

No other entity like AUA/KUA can generate VID on behalf of Aadhaar number holder.

VID can be generated only by the Aadhaar number holder. They can also replace (generate a new VID) their VID from time to time after UIDAI set minimum validity period (currently set as 1 calender day, i.e. a new VID be generated after 00:00 hrs on the next day) . At any given time only one VID will be valid for an Aadhaar number. UIDAI will provide various options to Aadhaar number holders to generate their VID, retrieve their VID in case they forget, and replace their VID with a new number. These options will be made available via UIDAI’s resident portal, eAadhaar download, Aadhaar Enrolment centre, mAadhaar mobile application etc. Presently, VID generation facility is available on UIDAI's resident portal. Whenever required, VID will be sent to residents via SMS on registered mobile number. VID can also be generated by sending an SMS to the Aadhaar helpline number 1947. Resident will have to type “GVIDLast 4 digits of Aadhaar Number” and send it to 1947 through the registered Mobile Number.

VID is a temporary, revocable 16-digit random number mapped with the Aadhaar number. VID can be used in lieu of Aadhaar number whenever authentication or e-KYC services are performed. Authentication may be performed using VID in a manner similar to using Aadhaar number. It is not possible to derive Aadhaar number from VID.

You can update your Address online in Self Service Update Portal (SSUP). For other details updates such as Demographic details (Name, Address, DoB, Gender, Mobile Number, Email) as well as Biometrics (Finger Prints, Iris & Photograph) in Aadhaar you will have to visit Permanent Enrolment Center.

If you are using online Self Service Update Portal (SSUP) for update, your mobile number must be registered with Aadhaar otherwise you can visit nearest Permanent Enrolment centre with Supporting Documents.

You can update your mobile number by visiting a Permanent Enrolment Center.

You will be required to upload original scanned (with color scanner) copies of PoA document as per the Valid Documents List. Refer Link for valid documents.

Relationship details are a part of address field in Aadhaar. This has been standardized to C/o (Care of). Filling this is optional.

In addition to English you can update/do correction in your address in any of the following languages: Assamese, Bengali, English, Gujarati, Hindi, Kannada, Malayalam, Marathi, Odia, Punjabi, Tamil, Telugu and Urdu.

On successful submission of an online address update request, you receive a URN (Update Request Number) of the format 0000/00XXX/XXXXX. This is shown on screen and also sent via SMS to your registered mobile number. Use this URN and your Aadhaar number to track status of your Aadhaar update from: https://ssup.uidai.gov.in/checkSSUPStatus/checkupdatestatus

The document you use for Online Address Update should be: Valid document as per https://ssup.uidai.gov.in/ssup/instruction In the name of the resident requesting the update Image uploaded should be clear and colored scan of original document Ensure that you follow the above before you create a new update request.

Aadhaar Authentication history service hosted on UIDAI Website provides details of authentication performed by the individual resident in past.

Authentication History service is hosted on UIDAI Website at URL https://resident.uidai.gov.in/aadhaar-auth-history.

Resident can check his/her Aadhaar Authentication history from UIDAI Websites by using his/her Aadhaar Number/VID and following the directions on website. Note: Registered mobile number is mandatory to avail this service.

Resident can get the following information in Aadhaar Authentication history against every Authentication done by resident. 1. Auth Modality. 2. Date & Time of Authentication. 3. UIDAI Response code. 4. AUA Name 5. AUA Transaction ID (With Code) 6. Authentication Response (Success/Failure) 7. UIDAI Error code

Aadhaar number holder can view details of all authentication records performed by any Authentication User Agency (AUA) or by him/her in the last 6 months. However, maximum of 50 records can be viewed at one point of time.

For every failed authentication transaction record, specific error code is assigned. Please check the details of error code number against that failed authentication transaction to know the reason of failure.

If the listed authentication transaction is not performed by the Aadhaar number holder, resident may contact the respective Authentication User Agency (AUA) for further details.

For every authentication transaction performed by an Aadhaar number holder, UIDAI generates a unique code to identify the transactions and sends the same to Authentication User Agency (AUA) along with the response. This Response Code is helpful to uniquely identify the transaction by AUA as well as UIDAI and may be used for any further enquiry from AUA by the Aadhaar number holder.

For every authentication transaction performed by an Aadhaar number holder, AUA generates a unique Transaction ID to identify the transaction and sends the same to UIDAI as part of the authentication request. This Transaction ID along with Response Code can be used for any further enquiry from AUA by the Aadhaar number holder.

UIDAI provides authentication facility with different modes such as demographic, biometric (fingerprint or iris) or One Time Password (OTP). Auth Modality shows the mode of authentication used to perform that specific authentication transaction.

Below are the UIDAI services which are used by Aadhaar number holder to perform Aadhaar Authentication: Verify Aadhaar Number: This will enable service providers and Aadhaar number holders to verify if the Aadhaar number is valid and is not deactivated Verify Email/Mobile Number: This will enable service providers and Aadhaar number holders to verify if the Aadhaar number is valid and is not deactivated Lock/Unlock Biometrics: Aadhaar number holders can secure their biometric authentication by locking their biometrics. Once locked, same cannot be used by anyone for authentication. Residents can unlock their biometrics before any biometric authentications transaction. Check Aadhaar & Bank Account Linking Status : Aadhaar holders can check if their Aadhaar is linked to their bank account. Aadhaar Linking status is fetched from NPCI Server. Under any circumstance, UIDAI shall not be responsible or liable for the correctness of the displayed status. Further, UIDAI is not storing any information fetched from NPCI server. However, it may be noted that Bank account and Aadhaar linking is not mandatory as per the SC Judgment dated 26.9.2018. Aadhaar Authentication History : Aadhaar number holders can view the details of Aadhaar Authentication hey have done. Virtual ID Generator: Aadhaar Number holders can generate their 16 Digit Virtual ID (VID).

Below are Error Code List - “100” – Personal information demographic data did not match. “200” – Personal address demographic data did not match. “300” – Biometric data did not match. “310” – Duplicate fingers used. “311” – Duplicate Irises used. “312” – FMR and FIR cannot be used in same transaction. “313” – Single FIR record contains more than one finger. “314” – Number of FMR/FIR should not exceed 10. “315” – Number of IIR should not exceed 2. “316” – Number of FID should not exceed 1. “330” – Biometrics locked by Aadhaar holder. “400” – Invalid OTP value. “402” – “txn” value did not match with “txn” value used in Request OTP API. “500” – Invalid encryption of session key. “501” – Invalid certificate identifier in “ci” attribute of “Skey”. “502” – Invalid encryption of PID. “503” – Invalid encryption of Hmac. “504” – Session key re-initiation required due to expiry or key out of sync. “505” – Synchronized Key usage not allowed for the AUA. “510” – Invalid Auth XML format. “511” – Invalid PID XML format. “512” – Invalid Aadhaar holder consent in “rc” attribute of “Auth”. “520” – Invalid “tid” value. “521” – Invalid “dc” code under Meta tag. “524” – Invalid “mi” code under Meta tag. “527” – Invalid “mc” code under Meta tag. “530” – Invalid authenticator code. “540” – Invalid Auth XML version. “541” – Invalid PID XML version. “542” – AUA not authorized for ASA. This error will be returned if AUA and ASA do not have linking in the portal. “543” – Sub-AUA not associated with “AUA”. This error will be returned if Sub-AUA specified in “sa” attribute is not added as “Sub-AUA” in portal. “550” – Invalid “Uses” element attributes. “551” – Invalid “tid” value. “553” – Registered devices currently not supported. This feature is being implemented in a phased manner. “554” – Public devices are not allowed to be used. “555” – rdsId is invalid and not part of certification registry. “556” – rdsVer is invalid and not part of certification registry. “557” – dpId is invalid and not part of certification registry. “558” – Invalid dih. “559” – Device Certificate has expired. “560” – DP Master Certificate has expired. “561” – Request expired (“Pid->ts” value is older than N hours where N is a configured threshold in authentication server). “562” – Timestamp value is future time (value specified “Pid->ts” is ahead of authentication server time beyond acceptable threshold). “563” – Duplicate request (this error occurs when exactly same authentication request was re-sent by AUA). “564” – HMAC Validation failed. “565” – AUA license has expired. “566” – Invalid non-decryptable license key. “567” – Invalid input (this error occurs when unsupported characters were found in Indian language values, “lname” or “lav”). “568” – Unsupported Language. “569” – Digital signature verification failed (means that authentication request XML was modified after it was signed). “570” – Invalid key info in digital signature (this means that certificate used for signing the authentication request is not valid – it is either expired, or does not belong to the AUA or is not created by a well-known Certification Authority). “571” – PIN requires reset. “572” – Invalid biometric position. “573” – Pi usage not allowed as per license. “574”– Pa usage not allowed as per license. “575”– Pfa usage not allowed as per license. “576” - FMR usage not allowed as per license. “577” – FIR usage not allowed as per license. “578” – IIR usage not allowed as per license. “579” – OTP usage not allowed as per license. “580” – PIN usage not allowed as per license. “581” – Fuzzy matching usage not allowed as per license. “582” – Local language usage not allowed as per license. “586” – FID usage not allowed as per license. This feature is being implemented in a phased manner. “587” – Name space not allowed. “588” – Registered device not allowed as per license. “590” – Public device not allowed as per license. “710” – Missing “Pi” data as specified in “Uses”. “720” – Missing “Pa” data as specified in “Uses”. “721” – Missing “Pfa” data as specified in “Uses”. “730” – Missing PIN data as specified in “Uses”. “740” – Missing OTP data as specified in “Uses”. “800” – Invalid biometric data. “810” – Missing biometric data as specified in “Uses”. “811” – Missing biometric data in CIDR for the given Aadhaar number. “812” – Aadhaar holder has not done “Best Finger Detection”. Application should initiate BFD to help Aadhaar holder identify their best fingers. “820” – Missing or empty value for “bt” attribute in “Uses” element. “821” – Invalid value in the “bt” attribute of “Uses” element. “822” – Invalid value in the “bs” attribute of “Bio” element within “Pid”. “901” – No authentication data found in the request (this corresponds to a scenario wherein none of the auth data – Demo, Pv, or Bios – is present). “902” – Invalid “dob” value in the “Pi” element (this corresponds to a scenarios wherein “dob” attribute is not of the format “YYYY” or “YYYYMM-DD”, or the age is not in valid range). “910” – Invalid “mv” value in the “Pi” element. “911” – Invalid “mv” value in the “Pfa” element. “912” – Invalid “ms” value. “913” – Both “Pa” and “Pfa” are present in the authentication request (Pa and Pfa are mutually exclusive). “930 to 939” – Technical error that are internal to authentication server. “940” – Unauthorized ASA channel. “941” – Unspecified ASA channel. “950” – OTP store related technical error. “951” – Biometric lock related technical error. “980” – Unsupported option. “995” – Aadhaar suspended by competent authority. “996” – Aadhaar cancelled (Aadhaar is no in authenticable status). “997” – Aadhaar suspended (Aadhaar is not in authenticatable status). “998” – Invalid Aadhaar Number. “999” – Unknown error.

UIDAI e-Aadhaar letter contains a QR code. UIDAI has replaced existing QR code, on e-Aadhaar, having Resident’s demographic details with a secured QR Code which contains demographics along with photograph of the Aadhaar holder. There will be two QR Codes – Small one on front side of cutaway portion with demographic data only; and a large one on top portion of front side and rear side of cutaway portion, with demographic data and photo. Further, to make this Information more secured and tamper-proof, it will be signed with UIDAI digital signature. This new digitally signed QR code can be read ONLY using UIDAI’s windows based Custom client for desktops/laptops and validate it against UIDAI digital signatures in real time. Therefore, any fraud attempted on e-Aadhaar can be easily detected by using QR Code scanner.

Both QR codes of e-Aadhaar contain demographic details of resident like Name, Address, Date of Birth, Gender and Masked Aadhaar Number. In addition, the larger QR code contains photograph also.

The new digitally signed QR code can be read by ONLY using UIDAI’s windows based application and validate it against UIDAI digital signatures. Application can be downloaded from uidai.gov.in. Additionally, a good quality STQC certified QR Code scanner will be required. Important: It is recommended to print e-Aadhaar having this secure QR code using LaserJet printer only.

Post installation of UIDAI’s QR code reader application, secure QR code of e-Aadhaar need to be scanned using the physical scanner in line with UIDAI Specifications. The application will display the demographic details of resident once the QR Code of e-Aadhaar is digitally verified by UIDAI at backend and give scan QR Code verified. In case the digital signature is not verified the reader displays QR Code not verified GUI Screen.

Post installation of UIDAI’s QR code reader application, secure QR code of e-Aadhaar need to be scanned using the physical scanner in line with UIDAI Specifications. The application will display the demographic details of resident once the QR Code of e-Aadhaar is digitally verified by UIDAI at backend and give scan QR Code verified. In case the digital signature is not verified the reader displays QR Code not verified GUI Screen.

Hashing is an algorithm that calculates a fixed-size bit string value from a file. A file basically contains blocks of data. Hashing transforms this data into a far shorter fixed-length value or key which represents the original string. The hash value can be considered the distilled summary of everything within that file. A good hashing algorithm would exhibit a property called the avalanche effect, where the resulting hash output would change significantly or entirely even when a single bit or byte of data within a file is changed. A hash function that does not do this is considered to have poor randomization, which would be easy to break by hackers. A hash is usually a hexadecimal string of several characters. Hashing is also a unidirectional process so you can never work backwards to get back the original data. A hash is usually a hexadecimal string of several characters. Hashing is also a unidirectional process so you can never work backwards to get back the original data.

One main use of hashing is to compare two files for equality. Without opening two document files to compare them word-for-word, the calculated hash values of these files will allow the owner to know immediately if they are different. Hashing is also used to verify the integrity of a file after it has been transferred from one place to another, typically in a file backup program like SyncBack. To ensure the transferred file is not corrupted, a user can compare the hash value of both files. If they are the same, then the transferred file is an identical copy. In some situations, an encrypted file may be designed to never change the file size nor the last modification date and time (for example, virtual drive container files). In such cases, it would be impossible to tell at a glance if two similar files are different or not, but the hash values would easily tell these files apart if they are different.

Comparing HASH will ensure that the client that has been downloaded is the one that was provided by UIDAI. UIDAI will provide SHA-1 and SHA-256 for verification.

Public certificate for Digital signature validation can be downloaded from here.

It is a secure sharable document which can be used by any Aadhaar number holder for offline verification of Identification. A resident desirous of using this facility shall generate his/her digitally signed Aadhaar details by accessing UIDAI resident portal. The details will contain Name, Address, Photo, Gender, DOB, hash of registered Mobile Number, hash of registered Email Address and reference id which contains last 4 digits of Aadhaar Number followed by time stamp in a digitally signed XML. It will provide Offline Aadhaar Verification facility to service providers/Offline Verification Seeking Entity (OVSE) without the need to collect or store Aadhaar number.

The process of generating Aadhaar Offline e-KYC is explained below: Go to URL https://resident.uidai.gov.in/offlineaadhaar Enter ‘Aadhaar Number’ or ‘VID’ and mentioned ‘Security Code’ in screen, then click on ‘Send OTP’ or ‘Enter TOTP’. The OTP will be sent to the registered Mobile Number for the given Aadhaar number or VID. TOTP will be available on m-Aadhaar mobile Application of UIDAI. Enter the OTP received/TOTP. Enter a Share Code which be the password for the ZIP file and click on ‘Download’ button The Zip file containing the digitally signed XML will be downloaded to device wherein the above mentioned steps have been performed.

Any Aadhaar number holder who desires to establish his/her identity to any service provider (OVSE) using digitally signed XML downloaded from UIDAI website can be a user of this service. The service provider should have provisions of providing this Aadhaar Paperless Offline e-KYC at their facility and do the offline verification