Home

Internal

Global

Contact

de|en|it

RÖDL Italy cooperates with Venturia S.p.A., the Italian venture builder that connects start-ups and SMEs to create high-growth businesses |

Worldwide

We use cookies to personalise the website and offer you the greatest added value. They are, among other purposes, used to analyse visitor usage in order to improve the website for you. By using this website, you agree to their use. Further information can be found in our data privacy statement.

Aadhaar's Big Privacy Upgrade: You Control Your Data Now!

published on 23 January 2026 | reading time approx. 3 minutes

India's unique identification system for validation and verification of personal data for various use cases just received a major update.

On December 9, 2025, Unique Identification Authority of India (UIDAI) unveiled amendments to the Aadhaar (Authentication and Offline Verification) Regulations, 2021 (“Offline Verification Rules”), aligning with the Digital Personal Data Protection Act, 2023 (“DPDPA”). Now, Aadhaar holders decide exactly what personal/ demographic data to share, like name, address and/or photo—slashing identity theft risks. This revamp looks promising to make everyday verifications safer and smarter for everyone.

Why Aadhaar Matters in Everyday India?

Aadhaar is an identification document, bearing a twelve-digit number issued by India's UIDAI to Indian residents. Introduced in September 2010, Aadhaar serves as a widely accepted proof of identity and address, linked to biometric (fingerprints, iris scans) and demographic data for secure, online verification, essential for accessing government benefits and services in India.

Aadhaar's primary use cases revolve around identity verification for seamless, transparent, and efficient delivery of government subsidies, benefits (like Direct Benefit Transfer), and services, reducing fraud and leakage, alongside enabling e-KYC for banking/SIMs, financial inclusion, access control (airports, exams), and digital record management (land, education). It acts as a unique digital ID, simplifying processes like opening bank accounts or tracking attendance, using biometrics (fingerprints, iris) or one-time password (OTP) for authentication. Over 1.4 billion people use it daily, making it the world's largest biometric ID system.

The Big Update: Aadhaar (Authentication and Offline Verification) Amendment Regulations, 2025

Under the 2021 Offline Verification Rules, offline verification was basic and data-heavy, i.e., Banks/NBFCs completed verification through physical formats of Aadhaar; scanned QR codes from printed Aadhaar letters, PVC cards, e-Aadhaar, or m-Aadhaar apps; validated digital signatures; or processed XML files. As a result, entities hoarded demographic data of millions, risking leaks from photocopies shared via WhatsApp or unchecked storage. An Aadhaar holder had no choice over the data they wished to share for the specific purpose, and there was minimal oversight.

The Aadhaar (Authentication and Offline Verification) Amendment Regulations, 2025 (“2025 Amendment”) flip the script by introducing consent-driven verification, selective sharing and user-friendly upgrades via an official UIDAI "Aadhaar App." Key changes include:

Aadhaar App: The 2025 Amendment now designates UIDAI's official mobile or web app as the main hub for Aadhaar holders to access and manage services;
Aadhaar Verifiable Credential (AVC): This new tool lets users select precisely which details to reveal—from the Aadhaar number alone to targeted info like name, address, date of birth, gender, or photo. The goal is to empower individuals to control exactly what reaches Offline Verification Seeking Entities (OVSEs). OVSE’s are entities that verify an individual's Aadhaar identity offline without connecting to UIDAI's central database i.e., the Central Identities Data Repository (CIDR), which supports quick identity checks for services like banking or KYC without online authentication;
Formalized registration and closure framework for OVSE’s;
Offline Face Verification: A novel feature that captures a real-time facial photo of the Aadhaar holder and matches it against the image saved in their Aadhaar App.

Why This is a Game-Changer for Businesses and Private Players?

Verification stays offline, but now it's consent-based and precise, like sharing a puzzle piece instead of the whole picture. These updates bring boosted data portability and user empowerment for hassle-free sharing. They modernize formats too, ditching outdated XML files for sleeker, safer options. Plus, high-volume players like government bodies, fintechs, NBFCs, telecoms, and digital platforms can scale Aadhaar verifications effortlessly, without jamming the central authentication system/ database. It also ties neatly into RBI's new One-Time Password (OTP) guidelines, kicking in April 1, 2026 (which we covered previously in the October 2025 edition of DP Bites) that mandate Two-Factor Authentication (2FA) for digital payments, ditching SMS-only OTPs for biometrics, app tokens, or hardware keys.

What it means for You and India?

These changes echo DPDPA principles of data minimization, purpose limitation and storage limitation. Yet, the real test is ahead. The regulations are live, but we are waiting on the new Aadhaar App's full launch. More guidelines will clarify practical rollout of the app. Until then, it's a promising peek into user-first verification. In a nutshell, this 2025 Amendment hands Aadhaar holders more control over their personal data, formalizes business practices, and fortifies India's digital defenses.

India's data protection regulatory landscape is firing on all cylinders. While 2025 was a blockbuster year that brought DPDPA rules in motion, RBI’s 2FA authentication safeguards and Aadhaar updates; 2026 is already shaping up to be a year packed with even bolder updates, practical rollouts, and more comprehensive frameworks set to revolutionize India's data protection landscape.

Tech & Data Bites

Read all releases »

author

Contact Person Picture

Prarthana Vasudevan

+91 80 44784 803

Send inquiry

Rödl INDIA

Discover more about our offices in India. Read more »