India has recently made changes to its Aadhaar authentication service, which is a digital identity verification system linked to the biometrics of over 1.4 billion individuals. These updates now allow businesses in various sectors such as e-commerce, travel, hospitality, and healthcare to use the verification system to authenticate their customers. However, concerns about privacy have been raised as the Indian government has not yet specified measures to prevent misuse of individuals’ biometric IDs.
The Indian IT ministry introduced the Aadhaar Authentication for Good Governance (Social Welfare, Innovation, Knowledge) Amendment Rules, 2025, which amends the legislation introduced in 2020 following a Supreme Court ruling that restricted private entities’ access to Aadhaar data. The amendment comes after a two-year public consultation process, the details of which have not been disclosed.
The update aims to expand the scope of Aadhaar authentication for better service delivery and allow both government and non-government entities to use the system for public interest services. Previously, Aadhaar authentication was primarily used by banking and telecom operators, but the amended rules now extend the service to various public and private sectors.
According to the UIDAI website, Aadhaar authentication transactions reached 129.93 billion in January. Entities such as the National Informatics Center, National Health Agency, and major banks like State Bank of India and Bank of Baroda are among the top users of Aadhaar-based authentication.
To enable Aadhaar authentication, entities must apply to the relevant government ministry or department for approval. The government, along with UIDAI and MeitY, will evaluate these applications based on UIDAI’s recommendations.
Policy experts have raised concerns about the potential misuse of Aadhaar and have called for clearer criteria and transparency in the evaluation process to prevent abuse. Section 57 of the Aadhaar Act, which allowed private entities to use Aadhaar for identity verification, was struck down by the Supreme Court in 2018. The recent amendment has been criticized for attempting to re-introduce provisions similar to Section 57.
TechCrunch is awaiting a response from the Indian IT ministry regarding these concerns and the measures in place to safeguard against Aadhaar misuse.
