Centre for Internet & Society

Did you know that UIDAI provides a facility that allows users to lock/unlock their Aadhaar biometric data online?

The blog post by Vidya Raja was published in the Better India on January 24, 2019. Pranesh Prakash was quoted.

Imagine someone hacking into your Netflix account – all you have to do is change the password. However, if there is a security breach with respect to your biometric details, there is no reversing it. So think carefully about how and where you submit your details. While the Supreme Court has said that it is no longer mandatory to link Aadhaar with your bank accounts or your telecom service provider, it does not lessen the importance of Aadhaar.

Pranesh Prakash, Policy Director, The Centre for Internet & Society, in a report published in The Mint, says, “Biometric devices are not hack-proof. It depends on the ease with which this can be done. In Malaysia, thieves who stole a car with a fingerprint-based ignition system simply chopped off the owner’s finger. When a biometric attendance system was introduced at the Institute of Chemical Technology (ICT) in Mumbai, students continued giving proxies by using moulds made from Fevicol.” Over the last year, there has been so much chatter about the Aadhaar number and how one can protect one’s information.

Did you know that UIDAI provides a facility that allows users to lock/unlock their Aadhaar biometric data online?

In this article, we explain how you can do that.

Locking biometrics online:

  1. Visit UIDAI’s online portal to lock or unlock your biometrics
  2. Once there, you will need to click on ‘My Aadhaar’ and under the Aadhaar Services tab, click on Lock/Unlock Biometrics
  3. You will then be redirected to a new page and prompted to enter the 12-digit Aadhaar number and the security code
  4. Once the details have been entered, click on ‘Send OTP’
  5. You will receive an OTP on your registered mobile number
  6. Enter this and click on the Login button
  7. This feature will allow you to lock your biometrics
  8. Enter the 4-digit security code mentioned on the screen and click on the ‘Enable’ button
  9. Your biometrics will be locked, and you will have to unlock it in case you want to access it again

Unlocking biometrics online:

  1. To unlock your biometrics, click on the ‘Login’ button
  2. Enter your Aadhaar number and the security code in the designated spaces
  3. Now click on ‘Send OTP’
  4. An OTP will be sent to your registered mobile number
  5. Enter it in the space provided and click on ‘Login’
  6. In case you want to temporarily unlock the biometrics, enter the security code and click on the unlock button
  7. Your biometrics will be unlocked for 10 minutes
  8. The locking date and time is mentioned on the screen after which biometrics will be automatically locked
  9. When you do not want to lock your biometrics, you can disable the lock permanently.

Using mAadhaar to lock/unlock biometrics:

mAadhaar is the official mobile application developed by the Unique Identification Authority of India (UIDAI). Presently, it is available on the Android platform.

  1. Once the mAadhaar app has been downloaded, the user must use their Aadhaar card registered mobile number to login.
  2. You will then be sent an OTP that you are required to enter for authentication. Do remember to change your password once registered.
  3. On the top right side, tap on ‘Biometric lock’, and enter your password to lock the biometrics. Once locked, it will show a small lock icon next to your profile.
  4. To unlock, tap on the same icon followed by your password. The information will unlock for 10 minutes. After that, it will be locked again.
  5. Once you lock this information, it ensures that even the Aadhaar holder will not be able to use their biometric data (iris scan and fingerprints) for authentication, until unlocked.
  6. If you try to use this information without unlocking, it will show you an error code 330.

Remember to lock and unlock your biometrics through a trusted channel. The fact that there is no fee involved in either exercise will make this easier. Also, even with the biometric locked, you can continue to use the OTP-based authentication process for transactions, where you will receive the OTP on your registered mobile number and e-mail address.

(Edited by Shruti Singhal)