India Expands Aadhaar Digital Identity System with New App and Offline Verification Despite Privacy Concerns

India is significantly expanding the reach of Aadhaar, the world's largest digital identity infrastructure, through the deployment of a new mobile application and offline verification capabilities. The initiative, while aimed at modernizing identity verification processes, has triggered substantial debate regarding data security, user consent, and privacy implications.

Announced in late January by the Unique Identification Authority of India (UIDAI), the updates introduce a redesigned Aadhaar application alongside an offline verification framework. This architecture enables identity authentication without requiring real-time queries to the centralized Aadhaar database.

The new application implements selective disclosure functionality, allowing users to share minimal necessary information—such as age verification without exposing complete date of birth data—with various service providers including hospitality establishments, residential communities, workplace environments, digital platforms, and payment systems. The legacy mAadhaar application continues to operate concurrently during the transition period.

Key Technical Developments:

• Mobile Wallet Integration: UIDAI is expanding Aadhaar's ecosystem presence with confirmed integration into Google Wallet, ongoing discussions for Apple Wallet support, and existing functionality within Samsung Wallet.

• Law Enforcement Implementation: The Ahmedabad City Crime Branch has become the first police unit to integrate Aadhaar-based offline verification with PATHIK, a guest-monitoring platform designed for hospitality sector visitor information management.

• Professional Networking Features: UIDAI has positioned the application as a digital business card solution, enabling QR code-based selective information sharing during meetings and networking events.

Officials stated these initiatives are part of a strategic effort to replace physical document photocopies and manual identity verification processes with consent-based, offline authentication mechanisms. The approach is designed to provide users with granular control over shared identity attributes while enabling scalable verification without database queries.

Adoption Metrics and Infrastructure Scale:

Despite its recent formal launch, the new Aadhaar application underwent testing earlier in 2025. Analytics from Appfigures indicate rapid adoption, with the new application surpassing the legacy mAadhaar app in monthly downloads. Combined monthly installations of Aadhaar-related applications increased from approximately 2 million in October to nearly 9 million in December.

The system operates at massive scale: UIDAI's public dashboard reports over 1.4 billion issued identity numbers and processes approximately 2.5 billion authentication transactions monthly, alongside tens of billions of electronic KYC (Know Your Customer) verifications since inception.

The offline verification capability represents an architectural extension rather than replacement, transitioning Aadhaar from a primarily backend verification utility to a consumer-facing interface layer. UIDAI officials indicated this shift addresses security risks associated with physical photocopies and screenshots of Aadhaar documents, which have historically been collected, stored, and distributed with minimal oversight.

Privacy and Security Concerns:

Civil liberties organizations and digital rights advocates have raised substantial concerns regarding the expansion's timing and implementation.

Raman Jit Singh Chima, Senior International Counsel and Asia Pacific Policy Director at Access Now, highlighted that the expansion into offline and private-sector contexts introduces new threat vectors, particularly as India's data protection framework remains under development. Chima criticized the deployment timeline, arguing that implementation should have been deferred until India's Data Protection Board establishment, enabling independent review and broader stakeholder consultation.

"The fact that this has gone ahead at this point of time seems to indicate a preference to continue the expansion of the use of Aadhaar, even if it is unclear in terms of the further risks that it might pose to the system, as well as to the data of Indians," Chima stated.

Prasanth Sugathan, Legal Director at New Delhi-based digital rights organization SFLC.in, noted that while UIDAI frames the application as an empowerment tool, it fails to address persistent systemic issues including database inaccuracies, security vulnerabilities, and inadequate redress mechanisms that disproportionately impact vulnerable populations. He referenced a 2022 report by India's Comptroller and Auditor General identifying UIDAI compliance failures.

"Such issues can often result in disenfranchisement of people, especially those who were meant to be benefited by such systems," Sugathan explained, questioning how data shared through the new application would prevent breaches or unauthorized disclosures.

Campaigners from Rethink Aadhaar, a civil society initiative focused on accountability, argue that offline verification risks reintroducing private-sector Aadhaar usage previously prohibited by judicial rulings. Shruti Narayan and John Simte characterized the development as "Aadhaar creep," normalizing its deployment across social and economic domains despite a 2018 Supreme Court judgment that invalidated provisions permitting private entity verification.

They emphasized that consent mechanisms in contexts involving hospitality services, residential communities, or delivery workers are frequently coercive, while India's data protection legislation remains largely untested in practice.

Strategic Implications:

The combined effect of the new application, regulatory modifications, and expanding ecosystem is transforming Aadhaar from a background identity utility into an increasingly unavoidable layer of daily digital interaction. As India intensifies its Aadhaar deployment, international governments and technology corporations are monitoring the initiative closely, attracted by the potential of population-scale identity verification infrastructure.

The Indian IT Ministry and UIDAI CEO did not respond to requests for comment.

Sources:

Press Information Bureau - UIDAI Announcement

Google Blog - Aadhaar on Google Wallet

UIDAI Public Dashboard

UIDAI Offline Verification Framework (PDF)