Insurance Regulatory and Development Authority of India (IRDAI) has clarified that authentication of policyholders or clients by insurance companies using Aadhaar number will be on a voluntary basis and with their consent.
Through two circulars in 2013 and 2015, the insurance regulator had allowed Aadhaar based e-KYC service offered by Unique Identification Authority of India (UIDAI) for the know-your- customer (KYC) verification.
“It is hereby clarified that for accessing the details of the client from UIDAI for identification and authentication shall be with the consent of the client on a voluntary basis,” said IRDAI in a circular.
Last week, Last week, a nine-judge bench of the Supreme Court, headed by former Chief Justice of India JS Khehar (succeeded by Dipak Misra), unanimously declared Right to Privacy as part of Right to Life and Liberty assured by the Article 21 of the Indian constitution.
UIDAI has issued Aadhaar (Authentication) Regulations, 2016 inter alia prescribing the procedure for e-KYC authentication of Aadhaar Number. IRDAI said that insurers can perform the verification of the client through ‘e-KYC authentication facility’ provided by UIDAI i.e. authentication through biometric authentication (fingerprint or iris scanning) and/or through one-time password (OTP) received on client’s mobile number or on e-mail address registered with UIDAI.
The regulator also said that the information downloaded from UIDAI should be considered as sufficient information for the purpose of KYC verification.
However, in case material difference is observed either in the name or photograph in Aadhaar is not clear, the insurer can carry out additional due diligence and maintain a record of the additional documents sought pursuant to such due diligence.
These norms are applicable for all category of insurers, including life,general and standalone health.