The Unique Identification Authority of India (Aadhaar) Service

No Keeping a record of a VID is pointless because it is only used temporarily and is subject to change by the owner of an Aadhaar number. Agencies shouldn't keep VID in any logs or databases.

A new VID will be generated and the old one will be deactivated after the minimum validity period (currently set as 1 calendar day) has elapsed, provided the holder of the Aadhaar number requests regeneration. If a resident requests a new VID, they will receive the most recently used VID associated with their Aadhaar number.

For VID-based authentication, yes, Aadhaar holder permission is required. Aadhaar number holders must be informed of the authentication's purpose and give their consent before the agency can proceed with the process.

Yes In the Authentication API, a VID can be used instead of an Aadhaar number. By May 31, 2019, various organizations will have updated their Aadhaar authentication software to accept VID as an input for authentication.

The only person who can make a VID is the one who has an Aadhaar number. UIDAI has established a minimum validity period for VIDs, which is currently 1 calendar day, after which they can be replaced (a new VID generated) at any time. e a new VID be generated after 00:00 hrs on the next day) Only one VID can be associated with a given Aadhaar number at any given time. UIDAI will give those with an Aadhaar number multiple ways to create a VID, retrieve a forgotten VID, or get a new VID issued. You can access these through the UIDAI's resident portal, the eAadhaar download, an Aadhaar Enrolment center, the mAadhaar mobile app, and more. UIDAI's resident portal now has the ability to create a VID. Residents will have their VID sent to their registered mobile number via SMS whenever it is needed.

Sending a text message to the Aadhaar support number 1947 will also generate a VID. The resident must use their registered mobile number to send the text "GVIDLast 4 digits of Aadhaar Number" to the number 1947.

UIDAI will, indeed, offer a variety of options for creating and retrieving VIDs. UIDAI will provide access to these features via the resident portal, eAadhaar, Aadhaar Enrollment centers, the mAadhaar mobile app, and other channels. UIDAI's resident portal now has the ability to create a VID. The VID number will be sent to the resident's registered mobile number via text message whenever it is needed.

You can also get your VID by texting the Aadhaar support number, 1947, with your UID. The resident must use their registered mobile number to send the text "RVIDLast 4 digits of Aadhaar Number" to the number 1947.

Android and iOS users in India can download the mAadhaar app. The app can be installed by following the instructions below.

If an individual registers the same Aadhaar number in more than one mobile device, the first number will be deactivated. Only one device at a time can have an Aadhaar number added to it.

The save password feature was removed from the app to protect the security and privacy of Aadhaar cardholders. Because of this, a password is now required whenever a user accesses their profile or My Aadhaar.

mAadhaar is more than just a replacement for the Aadhaar card. The local can receive the following advantages by downloading the mAadhaar app:

1. Download Aadhaar, or find a way to get your lost or forgotten Aadhaar number back.
2. It is important for residents to be able to view and show their Aadhaar even when they are not connected to the internet.
3. You can change your address in Aadhaar with or without providing proof.
4. One mobile device can store and manage the Aadhaar numbers for up to five people in a family.
5. Distribute a QR code or electronic proof of identity to service providers.
6. Locking down Aadhaar or biometrics is an effective way to keep it safe.
7. For users who have locked their Aadhaar or who do not wish to share their Aadhaar, the service can generate or retrieve a VID that can be used in place of Aadhaar to access Aadhaar services.
8. Obtain Aadhaar SMS support even when you're not online.
9. Residents can use the app to monitor the progress of their service requests, such as Aadhaar enrollment, reprint orders, and data updates.
10. Share your common services with those who don't have smartphones so they can use Aadhaar.
11. Obtain a log of all authentication attempts and updates.
12. The Aadhaar Seva Kendra requires an appointment.
13. After an update request has been processed successfully, residents can use the Aadhaar Sync feature to retrieve their updated Aadhaar profile information.
14. The UIDAI website now supports Time-based One-Time Passwords in addition to SMS-based OTPs for accessing the Aadhaar online services.
15. Find your local enrollment center with the help of Locate Enrollment Center (EC).
16. The mAadhaar App's More section contains helpful resources like the app's contact information, usage guidelines, terms and conditions, and more.
17. The Aadhaar enrolment or Aadhaar update/correction forms are available for download in the More section alongside the frequently asked questions and the link to the Chatbot.

The mAadhaar app is usable 24/7 throughout India. mAadhaar is more than just a replacement for the Aadhaar card. Airports and railways accept mAadhaar profiles as proof of identity, and the app's features allow residents to easily share their eKYC or QR code with businesses that require Aadhaar verification before providing services.  

The mAadhaar app works with Apple's latest mobile operating system. From zero on up

No The mAadhaar App can be downloaded and used by any resident of India who owns a smartphone.

Only a subset of Aadhaar-related services (such as Order Aadhaar reprint, Locate Enrolment Center, Verify Aadhaar, Scanning QR code, etc.) will be accessible to residents without a mobile number registered in the system.

All the other Aadhaar services and Aadhaar Profile services available through My Aadhaar require a registered mobile number, though. Anyone with a smartphone can create a profile and register to vote. On the other hand, the OTP will only be sent to their registered phone number.

The mAadhaar app is only usable by those who already have an Aadhaar number associated with a mobile phone. Any user with access to a smartphone can create a profile and submit it for review. In any case, the OTP will only be sent to their registered mobile number. Here are the steps you need to follow to create an Aadhaar profile:

1. Open the program
2. Locate the Register Aadhaar button on the main dashboard's menu bar.
3. Make up a 4-digit password (you'll need to remember this one) to access your profile.
4. Authenticate with a valid Aadhaar and Captcha.
5. Fill in the OTP and submit the form.
6. It is necessary to register the profile.
7. When you click the registered button, your registered Aadhaar Name will appear.
8. Select the "My Aadhaar" option from the drop-down menu.
9. Put in your 4-digit passcode here.
10. The Aadhaar Dashboard has appeared in My Account

Unfortunately, the mAadhaar app does not allow users to change their personal information, such as their name, date of birth, or phone number. Currently, the only option for changing your address is through a document-based system.  

Future updates may include the demographics-related features, though.

No In India, the mAadhaar App is available for download on any smartphone.

Fewer services, including those that require residents to scan a QR code or enter their Aadhaar number, will be available to those who do not have one.

All the other Aadhaar services and Aadhaar Profile services available through My Aadhaar require a registered mobile number, though. Anyone with a smartphone can create a profile and register to vote. However, only their registered mobile number will receive the OTP.

Both iOS and Android users have access to all of mAadhaar's features. All devices (iOS, Android) have the same functionality and user experience.

Profile summaries (including photo, name, and Aadhaar number) are accessible from the main dashboard by selecting the corresponding button. Aadhaar profile access procedure:

1. Open the program
2. To access your Aadhaar profile, select it from the main dashboard's sidebar.
3. Type in the 4-digit PIN you selected when you set up your profile.
4. The Aadhaar is shown here with its front face up. The reverse can be seen by sliding to the left.
5. Additional profiles can be viewed by continuing to slide to the left.

Please note that the Aadhaar Profile page and its services can be accessed by tapping the My Aadhaar tab located at the bottom of the Dashboard screen.

Detailed List of Error Messages

One Hundred: No Match Found In Submitted Demographic Information

"200" - Inconsistency found between individual address and demographic data

"300" - Incompatible biometric data

"310" — Employed Finger Duplication

"311" - Used Irises in Duplicate

"312" - FMR and FIR are incompatible in the same deal.

"313" - Multiple Fingerprints Found in One FIR Record

The "314" rule states that no more than 10 FMR/FIRs are allowed.

"315" - Maximum of 2 IIRs allowed.

A maximum of 1 FID is allowed (code 316).

Locked biometrics require Aadhaar card

"400" - Invalid One-Time Password

Not the same "txn" value was used in the Request OTP API (error code: 402)

Error Code 500: Session Key Encryption Failure

Error 501: "ci" attribute of "Skey" contains an invalid certificate identifier.

Invalid PID encryption (502 error)

Invalid Hmac encryption (503).

Restarting the session is necessary because the key has expired or is out of sync (504).

Synchronized Key Use Prohibited by the AUA (505).

Error Code 510: Invalid Authorization XML

XML PID format error (511).

The "rc" attribute of the "Auth" object has invalid Aadhaar holder consent.

Invalid "tid" value ("520")

Meta tag error: "521" for invalid "dc" code

Meta tag "mi" code invalid (524).

Mistaken "mc" code in Meta tag (527)

The authenticator code was invalid (530).

Invalid Authorization XML Version "540"

A PID XML version of 541 is not valid.

AUA not permitted for ASA (542). If AUA and ASA are not linked in the portal, this error will be returned.

Sub-AUA 543 that isn't officially part of the AUA. If the portal does not have the "Sub-AUA" added for the Sub-AUA specified in the "sa" attribute, this error will be returned.

Error code 550: Invalid attributes on the "Uses" element

Unacceptable "tid" value (551).

"553" - Currently unsupported registered devices The rollout of this feature is happening in stages.

"554" - No use of electronic devices in public spaces

Error 555: rdsId not in certification registry

Error "556" - rdsVer is not a valid certification registry entry.

The dpId you entered (557) is not a valid certification body identifier.

The value 558 indicates an invalid dih.

"559" - Certificate for this Device has Expired

DP Master Certificate has expired (560)

"561" - The time limit on the request has passed ("Pid->ts" value is older than N hours, where N is a configured threshold in the authentication server).

Value specified in "Pid->ts" is too far in the future compared to the time on the authentication server ("562").

The error code "563" indicates that AUA has sent the same authentication request twice.

HMAC Validation Failed with Error 564

The AUA's license has expired (565).

"566" - Unusable license key because it cannot be decrypted

"567" - Invalid input (occurs when Indian language values, "lname" or "lav," contain characters not supported by the system).

"568" - Language Not Supported

Error 569 indicates that the digital signature verification failed, which indicates that the signed authentication request XML was tampered with.

Error 570: Invalid key information in digital signature (the certificate used to sign the authentication request is invalid because it has expired, does not belong to the AUA, or was not issued by a trusted Certification Authority).

571 Resetting the PIN is necessary.

Biometric position '572' is invalid.

"573" - License prohibits use of Pi

No use of "574" in Pa. is permitted by license.

License restrictions prohibit "575"-PFA use.

"576" - License prohibits FMR use.

License restrictions prohibit "577" use in a FIR context.

"578" - License prohibits its use in IIR applications.

License restrictions prohibit OTP use (579).

"580" - License prohibits PIN use.

License restriction forbids the use of fuzzy matching (581).

"582" - License prohibits the use of the local language.

License restrictions prohibit FID use (586). This update is being rolled out gradually.

"587" - No such namespace "

"588" - Device registration is prohibited by license.

"590" — Devices in the public domain are prohibited by law

"710" - Pi information not present where required by "Uses"

"720" - Insufficient "Pa" information per "Uses" requirements.

"721" - Insufficient "Pfa" data, per "Uses" requirements.

"730" - Insufficient PIN data, as per "Uses."

"740" - OTP information is missing as per "Uses."

Code 800: Incorrect biometric information

"810" - Insufficient biometric information, per "Uses."

"811" - The provided Aadhaar number is missing biometric data in CIDR format.

There was a failure to detect the "Best Finger" in 812 of the Aadhaar holders. The best fingers of an Aadhaar holder should be determined through an application that triggers BFD.

The "bt" attribute in the "Uses" element is either undefined or has an empty value (820).

"821" - The "bt" attribute of the "Uses" element has an invalid value.

Error 822: The "bs" attribute of the "Bio" element in the "Pid" definition is missing a valid value.

"901" - No authentication data was found in the request (this would happen if neither the Demo nor the Pv or Bios auth data were included).

"902" - Invalid "dob" value in the "Pi" element (this corresponds to scenarios where the "dob" attribute is not in the format "YYYY" or "YYYYMM-DD," or the age is outside the valid range).

'910' - Pi element's mv attribute has an invalid value

"911" - The "Pfa" element has an invalid "mv" value.

Invalid "ms" value: "912."

The authentication request contains the ambiguous terms "Pa" and "Pfa" (913).

"930 to 939" — Internal authentication server technical error

"940" – Illegal ASA Frequency

Channel 941 of the ASA is not specified.

"950" - Technical error in the OTP store

Error code 951 indicates a problem with the biometric lock.

Invalid value (980)

"995" - The competent authority has suspended Aadhaar.

Cancellation of Aadhaar (996); Aadhaar is no longer valid for authentication.

Aadhaar is not in authenticatable status (error code 997).

Aadhaar Number Invalid, Error Code: 998

Error 999: Unknown cause

The following are the UIDAI services that Aadhaar number holders can use to complete Aadhaar Authentication:

• Service providers and Aadhaar number holders will be able to confirm the Aadhaar number is active and active by using this feature.
• Service providers and Aadhaar number holders can check the validity and activation status of an Aadhaar number by using the email or mobile number associated with the number.
• Users with an Aadhaar number can lock their biometric authentication for added security. Once the same is locked, it can no longer be used for authentication. Before conducting any transaction requiring biometric authentication, locals have the option to unlock their biometrics.
• To see if your Aadhaar number has been linked to your bank account, visit the UIDAI website. The NPCI Server's Aadhaar Linking Status is Queried. UIDAI assumes no responsibility or liability for the accuracy of the status information provided under any circumstances. UIDAI also does not save any data that it retrieves from the NPCI server. The Supreme Court ruled on December 26 that linking a bank account with an Aadhaar number is not obligatory. 9 2018
• Users with an Aadhaar number can check their Aadhaar Authentication history to see every time they've authenticated their number.
• Aadhaar holders can make a 16-digit Virtual ID (VID) using a Virtual ID Generator.

Information about a person's past Aadhaar authentication attempts can be accessed through a service hosted on the UIDAI website.

UIDAI offers multiple methods of authentication, including demographic, biometric (fingerprint or iris), and One-Time-Password (OTP) verification. The Auth Modality field reveals the method of authentication that was employed for this particular authentication procedure.

Error codes are assigned to each record of an authentication transaction that was unsuccessful. In order to determine the cause of an unsuccessful authentication attempt, please compare the error code with the specifics of the failed transaction.

Residents can get more information from the appropriate Authentication User Agency (AUA) if they need to perform any of the aforementioned authentication transactions using a different identifier.

By entering his or her Aadhaar Number/VID and following the on-screen instructions, a resident can view his or her complete Aadhaar Authentication history on UIDAI websites.

Please be aware that in order to use this service, a valid phone number must be on file.

UIDAI creates a unique code for each authentication transaction performed by an Aadhaar number holder and sends it to the Authentication User Agency (AUA) together with the response. This Response Code is useful for uniquely identifying the transaction by AUA and UIDAI, and the Aadhaar number holder may use it for any follow-up enquiry with AUA.

In the Aadhaar Authentication history, residents can view the following details about each authentication they've performed:

Modality of Authorship 2 Time and Date of Verification 3 Code returned from UIDAI 4 AUA Name5 ID (With Code) for an AUA Transaction6 Success/Failure of Authentication7 Code d'erreur UIDAI

Every authentication record made in the last six months, whether by an AUA or the holder of the Aadhaar number, can be viewed by the holder of the Aadhaar number. However, only 50 records at a time can be viewed.

As part of the authentication request sent to UIDAI, AUA creates a unique Transaction ID for each authentication transaction performed by an Aadhaar number holder. The owner of an Aadhaar number can use the associated Transaction ID and Response Code to inquire further about their account with AUA.

Password is the first four letters of the user's name in all capitals and the user's birth year (YYYY).

Case in point:
First Example: SURESH KUMARY's Birth Year is 1990, So the Password Is:

Example 2

Example 3

Example 4

Hashing is most often used to check two files for equality. The calculated hash values of these files will allow the owner to know instantly if they are different without opening two document files to compare them word-for-word.

File backup software like SyncBack uses hashing to ensure that copies of files are identical after being moved from one location to another. Users can check the integrity of the transferred file by comparing their hash values. If they match, the transferred file is an exact replica of the original.

For security reasons, some encrypted files (such as virtual drive container files) are created with a hardcoded size and last modification time. It would be impossible to tell at a glance if two seemingly identical files are actually different, but the hash values would make it clear if they were.

Name, address, date of birth, gender, and a scrambled Aadhaar number are all included in both e-Aadhaar QR codes. e Aadhaar's final four digits The larger QR code also includes a photograph.

To decipher the newly digitally signed QR code and verify its authenticity, you must use the UIDAI Windows app. The uidai application is available for download. gov in A high-quality, STQC-approved QR Code scanner is also required.

You should only use a LaserJet printer for printing your e-Aadhaar with the secure QR code.

The secure e-Aadhaar QR code must be scanned using the physical scanner after the UIDAI QR code reader application has been installed, per UIDAI Specifications. Once the e-Aadhaar QR code has been digitally verified by UIDAI at the backend, the application will display the resident's demographic information. The reader will show the QR Code not verified GUI Screen if the digital signature could not be validated.

This service allows for the offline verification of e-Aadhaar data and can be used by anyone, including Aadhaar Holders and User/Service Agencies like Banks, AUAs, KUAs, etc.

A new QR Code was implemented for e-Aadhaar on February 20, 2018, and a client for reading these codes can be found on uidai. gov starting March 27th, 2018

The Aadhaar secure QR code is included in the UIDAI e-Aadhaar letter. The UIDAI has switched out the QR code on e-Aadhaar that previously contained a resident's demographic information for a new one that is encrypted and contains digitally signed data, including the last four digits of the holder's Aadhaar number, their name, address, gender, and date of birth, as well as a photograph of themselves. A small QR Code containing only demographic information will be placed on the front of the cutaway portion, and a larger QR Code containing both demographic information and a photo will be placed on the top portion of the front and rear of the cutaway portion. In addition, a digital signature from UIDAI will be applied, making this data even more secure and impossible to alter. UIDAI's Windows-based Custom client for PCs and Macs is required to read and verify the authenticity of the QR code's digital signature. Thus, any attempt at e-Aadhaar fraud can be easily uncovered with the aid of a QR code scanner.

Hashing is an algorithm that takes a file and returns a value encoded as a string of bits. Data is organized into blocks within a file. Using a process known as hashing, this information is reduced to a much more manageable fixed-length value or key. Essentially, the hash value is a condensed version of the contents of the file.

The avalanche effect is a characteristic of a good hashing algorithm in which the hash output shifts drastically or completely when even a single bit or byte of data within a file is modified. Any hash function that doesn't do this is thought to have insufficient randomization and is therefore vulnerable to attack.

A hash is typically a long string of hexadecimal digits. Furthermore, hashing is a one-way process; the original data can never be recovered by using it.

A hash is typically a long string of hexadecimal digits. Since hashing is a one-way process, it is impossible to recover the original information.

If the downloaded client is the official UIDAI client, this can be verified by comparing the HASH. For authentication purposes, UIDAI will supply SHA-1 and SHA-256.

It's a safe, transferable file that anyone with an Aadhaar number can use to confirm their identity in person.

Anyone living in India who wants to take advantage of this service must first create a digitally signed copy of their Aadhaar information through the UIDAI resident portal. Information will be provided in a digitally signed XML file, including name, address, photo, gender, date of birth, hash of registered mobile number, hash of registered email address, and reference id consisting of last 4 digits of Aadhaar Number followed by time stamp. Without requiring them to collect or store Aadhaar numbers, it will allow service providers/Offline Verification Seeking Entity (OVSE) to use the Offline Aadhaar Verification facility.

How Service Providers Perform Offline Aadhaar e-KYC Verification

Providing the service provider with a valid form of identification such as a PAN card, Passport, etc. is sufficient for identity verification. It may or may not be possible to verify these documents instantly offline due to the ease with which they can be forged or faked. The verifier of documents must rely on the producer's word alone because no technological means exist to confirm the document's or information's veracity. Aadhaar Paperless Offline e-KYC, on the other hand, generates an XML file that is digitally signed by the UIDAI. By confirming the file's demographic information during the offline verification process, the service provider can attest to the file's authenticity.

Providers may not disclose, distribute, or exhibit the contents of the XML file or the Share Code. Acts under Sections 17 and 25 of The Aadhaar (Authentication) Regulation, 2016, Sections 4 and 6 of The Aadhaar (Sharing of Information) Regulation, 2016, and Sections 29(2), 29(3), and 37 of The Aadhaar Act, 2016 will be taken against anyone who does not comply with these requirements.

Whenever convenient for both parties, a resident can send the service provider an XML ZIP file accompanied by a Share Code.

Following is a description of how to generate Aadhaar Offline e-KYC:

• For more information, please visit https://resident.uidai.gov.in/offlineaadhaar.
• Click the "Send OTP" or "Enter TOTP" button after entering your "Aadhaar Number" or "VID" and the "Security Code" that the screen prompts you to enter. Your Aadhaar or VID-linked mobile number is where we'll send the OTP. The UIDAI mobile application, m-Aadhaar, will soon feature TOTP. Fill in the received OTP/TOTP. The password for the compressed file is the "Share Code," which you can enter before clicking the "Download" button.
• Once the aforementioned procedures have been completed, the Zip file containing the digitally signed XML will be downloaded to the device.

In order to verify their identity with an OVSE, Aadhaar cardholders can use digitally signed XML downloaded from the UIDAI website. This Aadhaar paperless offline e-KYC must be provided by the service provider at their location, where offline verification must also take place.