Today UIDAI suspended Airtel and Airtel Payments Bank’s e-KYC licence for Aadhaar misuse. UIDAI, in an interim order, “suspended e-KYC licence key of Bharti Airtel Ltd and Airtel Payment Bank Ltd with immediate effect,” Economic Times reported
The ban effectively bars Airtel from linking its customer’s with their 12-digit Aadhaar numbers with thier mobile number over internet – even in their stores. While the ban is a result of Airtel’s sly attempt to use the Adhaar identification as KYC for opening Airtel Payment bank account, without explicit/informed customer consent the dame to the mother brand would have had been immense if the Supreme Court had not increased the deadline for such verification.
We are quite sure that within next week Vodafone, Jio and Idea will launch campaigns to lure High ARPU Airtel Post Paid users with their easy portability and the fact that they can ensure the continuity of their precious phone numbers. As of today in present government rules if UIDAI dispute is not resolved, Airtel does not have a valid and effective way to verify its millions of customers and that their services will be shout down on March 31, 2018. However this shut down date was earlier in Feb 2018 and now Airtel would be able to put up some defense that extension of these deadlines happens and is possible and that its customers should not panic.
This also brings up another question of corporate responsibility. While UIDAI is indicting Airtel for its terms breach, the Banking regulator doesn’t even have a point of view with millions of Customers unknowingly opening accounts with a bank. These accounts can be used for all sorts of illegal activities and RBI is not even asking the right question. The same is true for TRAI, which is not asking the questions regarding the sanctity of Airtel’s database. If Aadhar were illegally used for opening a bank account, what stops Airtel employees from illegally registering new SIM cards in false names, specially when the employee is directly handling customer’s original linked SIM card and is able to receive OTPs in that small time window.
The fact that our regulatory framework is weak and that regulators ill educated to understand the implication of data breach is very scary in a country where every thing is going to be lnked to a single large database.