India makes Aadhaar more ubiquitous, but critics say security and privacy concerns remain

India is pushing Aadhaar, the world’s largest integer individuality system, deeper into mundane backstage beingness done a caller app and offline verification support, a determination that raises caller questions astir security, consent, and the broader usage of the monolithic database.

Announced successful precocious January by the Indian government-backed Unique Identification Authority of India (UIDAI), the changes present a caller Aadhaar app alongside an offline verification model that allows individuals to beryllium their individuality without real-time checks against the cardinal Aadhaar database. 

The app allows users to stock a constricted magnitude of information, specified arsenic confirming that they are implicit a definite property alternatively than revealing their afloat day of birth, with a scope of services, similar hotels and lodging societies to workplaces, platforms, and outgo devices, portion the existing mAadhaar app continues to run successful parallel for now.

Alongside the caller app, UIDAI is besides expanding Aadhaar’s footprint successful mobile wallets, with upcoming integration with Google Wallet and discussions underway to alteration akin functionality successful Apple Wallet, successful summation to existing enactment connected Samsung Wallet. 

The caller Aadhaar app with selective information sharingImage Credits:Google Play

The Indian authorization is besides promoting the app’s usage successful policing and hospitality. The Ahmedabad City Crime Branch has go the archetypal constabulary portion successful India to integrate Aadhaar-based offline verification with PATHIK, a guest-monitoring level launched by the constabulary department, aimed astatine hotels and impermanent accommodations to grounds visitors’ information.

UIDAI has besides positioned the caller Aadhaar app arsenic a digital visiting card for meetings and networking, allowing users to stock selected idiosyncratic details via a QR code.

Officials astatine the motorboat successful New Delhi said these latest efforts are portion of a broader effort to regenerate photocopies and manual ID checks with consent-based, offline verification. The approach, they argued, is meant to springiness users much power implicit which circumstantial individuality accusation they privation to share, portion enabling verification astatine standard without having to query Aadhaar’s cardinal database.

Early uptake connected apical of monolithic scale

While UIDAI formally launched the caller Aadhaar app past month, it had been successful investigating since earlier successful 2025. Estimates from Appfigures amusement that the app, which appeared successful app stores toward the extremity of 2025, rapidly overtook the older mAadhaar app successful monthly downloads. 

Combined monthly installs of Aadhaar-related apps roseate from adjacent to 2 cardinal successful October to astir 9 cardinal successful December.

The caller app is being layered onto an individuality strategy that already operates astatine tremendous standard considering India’s population. Figures published on UIDAI’s nationalist dashboard amusement that Aadhaar has issued much than 1.4 cardinal individuality numbers and handles astir 2.5 cardinal authentication transactions each month, alongside tens of billions of physics “know your customer” checks since its launch. 

The displacement toward offline verification does not regenerate this infrastructure truthful overmuch arsenic extending it, moving Aadhaar from a mostly backend verification instrumentality into a much disposable and mundane interface.

At the app’s launch, UIDAI officials said the determination toward offline verification was intended to code long-standing risks associated with carnal photocopies and screenshots of Aadhaar documents, which person often been collected, stored, and circulated with small oversight.

The enlargement comes astatine a clip of regulatory changes, easing restrictions, and a caller framework (PDF), with UIDAI present allowing immoderate nationalist and backstage organizations to verify Aadhaar credentials without querying the cardinal database. 

Consent, accountability, and unresolved risks

Civil liberties and integer rights groups accidental those ineligible changes bash not resoluteness Aadhaar’s deeper structural risks. 

Raman Jit Singh Chima, elder planetary counsel and Asia Pacific argumentation manager astatine Access Now, said the enlargement of Aadhaar into offline and private-sector settings introduces caller threats, peculiarly astatine a clip erstwhile India’s information extortion framework is inactive being enactment successful place.

Chima questioned the timing of the rollout, arguing that the national authorities should person waited for India’s Data Protection Board to beryllium established first, and let for autarkic reappraisal and wider consultation with affected communities.

“The information that this has gone up astatine this constituent of clip seems to bespeak a penchant to proceed the enlargement of the usage of Aadhaar, adjacent if it is unclear successful presumption of the further risks that it mightiness airs to the system, arsenic good arsenic to the information of Indians,” Chima told TechCrunch.

Indian ineligible advocacy groups besides constituent to unresolved implementation failures. 

Prasanth Sugathan, ineligible manager astatine New Delhi-based integer rights radical SFLC.in, said that portion UIDAI has framed the app arsenic a instrumentality for national empowerment, it does small to code persistent problems, specified arsenic inaccuracies successful the Aadhaar database, security lapses, and mediocre mechanisms for redress, which person disproportionately impact susceptible populations. 

He besides cited a 2022 report by India’s Comptroller and Auditor General, which recovered UIDAI had failed to conscionable definite compliance standards.

“Such issues tin often effect successful disenfranchisement of people, particularly those who were meant to beryllium benefited by specified systems,” Sugathan told TechCrunch, adding that it remains unclear however information shared done the caller app would forestall breaches oregon leaks.

Campaigners associated with Rethink Aadhaar, a civilian nine run focused connected Aadhaar-related rights and accountability, reason that the offline verification strategy risks reintroducing private-sector usage of Aadhaar successful ways the Supreme Court has already explicitly barred. 

Shruti Narayan and John Simte of the radical said enabling backstage entities to routinely trust connected Aadhaar for verification amounts to “Aadhaar creep”, normalizing its usage crossed societal and economical beingness contempt a 2018 judgment that struck down provisions allowing backstage actors to usage Aadhaar to verify people’s information. They warned that consent successful specified contexts is often illusory, peculiarly successful situations involving hotels, lodging societies, oregon transportation workers, portion India’s information extortion instrumentality remains mostly untested.

Together, the caller app, regulatory changes, and expanding ecosystem are shifting Aadhaar from a inheritance individuality inferior into a disposable furniture of regular beingness that is progressively hard to avoid. As India doubles down connected Aadhaar, governments and tech companies are watching closely, attracted by the committedness of population-scale individuality checks.

The Indian IT ministry and UIDAI CEO did not respond to requests for comments.