Multi-factor & Risk-based Authentication , Next-Generation Technologies & Secure Development

Security and Privacy Challenges of Aadhaar-based Authentication

Na. Vijayashankar Reviews the Risks Inherent in Aadhaar
Cyber law expert Na. Vijayashankar

Because the Aadhaar identification system is now being used for many purposes for which it was not designed, such as transaction authentication, the risks involved are growing, says cyberlaw expert Na. Vijayashankar, who's known as Naavi.

See Also: OnDemand | Understanding Human Behavior: Tackling Retail's ATO & Fraud Prevention Challenge

"Originally a person's Aadhaar number was supposed to be confidential, and not to be reduced to a printable item or card. This is where risks started coming into the Aadhaar system," Naavi says. "Today the Aadhaar ID is being used at hundreds of locations by an individual, and the risks are coming in at the usage points." (see: India's Banks Must Move to Aadhaar-Based Biometric Authentication)

The Aadhaar-enabled payments system is amplifying these risks because it was not designed to support transactions, he adds (see: Aadhaar Authentication for Banking: Is It Premature?).

In an exclusive video interview with Information Security Media Group in Bengaluru, Vijayashanka discusses:

  • The Aadhar-enabled authentication and payments system;
  • How Aadhaar risks need to be addressed;
  • Data protection and privacy in India.

Vijayashanka is a cyber law and information assurance consultant based in Bengaluru. He is the author of the first book and e-book on cyber laws in India. He has also written "Cyber Laws, Corporate Mantra for the Digital Era" and "Cyber Laws Demystified". Vijayashanka is the founder of, a cyber law portal, where he blogs regularly. He has conducted training of Tamil Nadu and Karnataka police on several cyber law courses.

About the Author

Varun Haran

Varun Haran

Managing Director, Asia & Middle East, ISMG

Haran has been a technology journalist in the Indian market for over six years, covering the enterprise technology segment and specializing in information security. He has driven multiple industry events such as the India Computer Security Conferences (ICSC) and the first edition of the Ground Zero Summit 2013 during his stint at UBM. Prior to joining ISMG, Haran was first a reporter with TechTarget writing for SearchSecurity and SearchCIO; and later, correspondent with InformationWeek, where he covered enterprise technology-related topics for the CIO and IT practitioner.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.