India ramps up Aadhaar verification for businesses, sparking privacy worries

India has relaxed restrictions on its Aadhaar authentication service, a digital identity verification system connected to the biometrics of over 1.4 billion people. Businesses in sectors like e-commerce, travel, hospitality, and healthcare can now use this system to authenticate their customers. However, concerns about privacy have been raised as New Delhi has yet to establish clear guidelines to prevent misuse of individuals’ biometric IDs.

The Indian IT ministry recently introduced the Aadhaar Authentication for Good Governance (Social Welfare, Innovation, Knowledge) Amendment Rules, 2025. This update aims to expand the use of Aadhaar for service delivery and allow both government and non-government entities to utilize Aadhaar authentication for various public interest services.

The amended rules now broaden the scope of Aadhaar authentication beyond preventing the leakage of public funds. Entities interested in enabling Aadhaar authentication must apply with their requirements to the relevant ministry or department of the Central or State government for approval by UIDAI and MeitY.

Policy experts have raised concerns about potential misuse and exclusion with the expansion of Aadhaar authentication. The Supreme Court had previously struck down Section 57 of the Aadhaar Act in 2018, which permitted private entities to use Aadhaar numbers for identity verification. The current amendment has been challenged in the Supreme Court for attempting to reintroduce aspects of this section.

As the Indian government expands Aadhaar authentication, the focus must be on preventing misuse and ensuring citizens have autonomy in accessing digital services. TechCrunch has reached out to the IT ministry for clarification on these concerns and measures in place to safeguard against Aadhaar misuse.