India has expanded Aadhaar through a new application and offline verification framework, raising questions about security, consent, and database usage.
The Unique Identification Authority of India (UIDAI) announced the changes in late January 2026. The new Aadhaar app enables users to share limited information, such as age verification without full date of birth disclosure, with services including hotels, housing societies, workplaces, and payment platforms. The existing mAadhaar app continues operating in parallel.
UIDAI is integrating Aadhaar with mobile wallet platforms, with upcoming Google Wallet support and discussions underway for Apple Wallet functionality, alongside existing Samsung Wallet integration.
Offline verification extends system reach
The offline verification framework allows individuals to prove identity without real-time checks against the central Aadhaar database. The Ahmedabad City Crime Branch became India's first police unit to integrate Aadhaar-based offline verification with PATHIK, a guest-monitoring platform for hotels and accommodations.
UIDAI positions the app as a digital business card for meetings and networking, enabling users to share selected personal details via QR codes. Officials stated the approach aims to replace photocopies and manual ID checks with consent-based verification, giving users control over shared identity information.
The app entered testing in early 2025 before its formal launch in January 2026. Combined monthly installs of Aadhaar-related apps rose from approximately two million in October 2025 to nearly nine million in December 2025, according to Appfigures data.
System operates at population scale
Aadhaar has issued more than 1.4 billion identity numbers and processes roughly 2.5 billion authentication transactions monthly, alongside tens of billions of electronic Know Your Customer checks since launch, according to UIDAI's public dashboard.
The offline verification expansion follows regulatory changes allowing some public and private organisations to verify Aadhaar credentials without querying the central database. UIDAI officials stated the move addresses risks associated with physical photocopies and screenshots of Aadhaar documents, which have been collected, stored, and circulated with limited oversight.
Privacy advocates identify structural risks
Civil liberties and digital rights organisations argue that the legal changes do not resolve Aadhaar's structural security concerns. Raman Jit Singh Chima, senior international counsel and Asia Pacific policy director at Access Now, questioned the expansion timing, suggesting the government should have waited for India's Data Protection Board establishment before rollout.
Prasanth Sugathan, legal director at SFLC.in, noted that while UIDAI frames the app as citizen empowerment, it does not address persistent database inaccuracies, security lapses, and poor redress mechanisms disproportionately affecting vulnerable populations. He cited a 2022 Comptroller and Auditor General report finding UIDAI failed to meet certain compliance standards.
Neither the Indian IT ministry nor the UIDAI CEO responded to requests for comment on the matter.
