What is DigiLocker and who uses it?
The DigiLocker platform, launched in 2015, operates as an app to store users’ digital records.
The app can be used when applying for a passport, reviewing marksheets, or proving one’s identity during travel.
The app is part of the Indian government’s paper-free initiative aimed at letting users access, verify, and store essential documents in a digital wallet so that they are easy to retrieve and present to officials when required.
As of early May, the app has over 270 million registered users, while nearly 6.7 billion documents — like Aadhaar, insurance policy papers, PAN records, and driving licences — have been retrieved through it.
As per DigiLocker’s website: “The issued documents in DigiLocker system are deemed to be at par with original physical documents as per Rule 9A of the Information Technology (Preservation and Retention of Information by Intermediaries providing Digital Locker facilities) Rules, 2016 notified on February 8, 2017 vide G.S.R. 711(E).”
How secure is DigiLocker?
DigiLocker is a flagship initiative of the Ministry of Electronics & IT (MeitY) under the Digital India programme, meaning it is a government approved application and is ideally maintained with strict security protocols framed by officials.
As per the MEITY website: “DigiLocker ties into Digital India’s vision areas of providing citizens a secure document access platform on a public cloud.”
According to DigiLocker’s own website, it has standard security measures in place including 2048 Bit RSA SSL encryption, multi-factor authentication (OTP verification), consent systems, timed log outs, and security audits.
However, any government database that stores citizens’ information and documents is inevitably an attractive target for hackers who steal user data and sell it on the dark web.
On June 2, 2020, DigiLocker posted a notice about a “potential vulnerability in the sign-up flow,” that could have led to accounts being compromised.
However, due to a CERT-In alert and another independent researcher, DigiLocker said that the vulnerability was patched within a day of getting the alert, and that user data was safe.
As per Google Play Store, no DigiLocker data is shared with third parties and data is encrypted in transit.
Examples of data collected include files and documents (optional), your name, email (optional), and user IDs
What are some issues with DigiLocker?
People who are not used to smartphones or those find it difficult to navigate apps may struggle to download DigiLocker, use OTPs, and fetch their credentials unless they have assistance.
Those who cannot read are also at a disadvantage.
Another hurdle is that people with multiple names, aliases, inconsistent spellings, or even slightly mismatched certificates may not be able to smoothly fetch their documents via DigiLocker as the app needs the submitted details to match the issuer’s data exactly.
Users have in the past complained that even subtle changes such as capitalised letters and initials can lead to failure.
Furthermore, there is no uniformity in how different government authorities and law enforcement bodies in India review official documents.
While some insist on being shown virtual documents through DigiLocker, others claim the original hard copies are mandatory.
Do I need DigiLocker in order to get a new passport?
Some officials says that only the original hard copy of the documents and xerox copies were required, and that the DigiLocker was not mandatory.
By contrast, officials have in the past urged passport applicants to use the DigiLocker app in order to speed up the application process.
There have also been instances where passport office authorities insisted on seeing documents through the DigiLocker app, in addition to inspecting the originals in paper form.
Since the implementation of this policy varies wildly across the country, those who wish to complete administrative processes without hassle can come prepared with their original documents, physical copies of the same, and the needed documents/credentials on DigiLocker as well.
COMMENTS