India’s top telecom giants, Airtel and Reliance Jio, have been routinely using facial authentication as the sole method for Aadhaar verification during SIM card purchases and replacements without seeking customer consent. The silent shift not only violates UIDAI guidelines but also raises pressing concerns over digital rights and informed consent.
Face First, Consent Later: A Practice in the Shadows
Telecom majors Airtel and Reliance Jio, which together serve over 75% of India’s mobile subscribers, have reportedly made facial authentication the sole mode of Aadhaar verification for new SIM cards and replacements. More troublingly, this practice ongoing for over a year has been implemented without informing or obtaining consent from consumers, as required under UIDAI guidelines.
A field survey in Chennai, including visits to outlets in Mogappair, Korattur, Anna Nagar, Adyar, and Ayanavaram, revealed that customers were routinely subjected to face scans without being told what was happening. The process was often disguised as a photograph for ID purposes, with no mention of face authentication, its implications, or alternative options like OTP, fingerprint, or iris scan.
In each case, customers were asked to blink before a phone camera while standing under proper lighting. This face scan, as it turned out, was a covert Aadhaar-based facial authentication and failure to clear it resulted in SIM denial.
UIDAI Rules Flouted: Face Authentication Is Consent-Based, Not Mandatory
The Unique Identification Authority of India (UIDAI), which governs Aadhaar, has explicitly stated that face authentication is strictly optional and consent-based, not mandatory. It is only one of multiple methods of Aadhaar authentication others being OTP, fingerprint, or iris scan.
The Department of Telecommunications (DoT) confirmed this, stating that while Aadhaar authentication is mandatoryfor new SIM issuance as of January 2025, the method of authentication is flexible, and no individual should be denied service for failing face authentication.
In contrast, both Airtel and Jio had effectively eliminated user choice at the ground level. No fingerprints were offered as alternatives, and users who questioned the process were either misled or ignored.
Telcos Respond Amid Outcry: ‘Communication Gap’ and Unanswered Questions
Faced with public scrutiny, Airtel acknowledged what it called a “communication gap” among showroom staff and claimed that fingerprint authentication had been reinstated in Chennai from July 30. A company spokesperson added that showroom employees have been told not to deny SIMs based on failed face scans.
Reliance Jio, however, took a more defensive stance, saying face authentication was “mandatory” for SIM replacements and merely “advisory” for new purchases. The company did not explain why consent was not being sought or why customers were not offered alternative authentication modes.
Government sources have said the DoT is open to investigating complaints, particularly in cases where customers were misled or denied service. But so far, no formal action has been initiated against the two telecom firms for violating digital privacy norms.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Human Stories Behind the Tech: Confusion, Denial, and No Choice
Behind the policy violations are real people who were subjected to opaque practices:
- Neha Varnika, a resident of Anna Nagar, said her photo was taken without any explanation. Only after it failed was her SIM request denied without offering fingerprint verification, which she regularly uses at fair price shops.
- Revant Dasari, a lecturer, recounted how a cousin was asked to blink into a phone for a scan they assumed was just a photo. No one explained it was Aadhaar face authentication.
- A government employee Kaivan Luthra from Padi only realized the truth when asked to “unlock” Aadhaar via the app during the process. “I thought they were taking a photograph,” he said.
These are not isolated incidents but part of a broader trend that may affect millions of subscribers across India, unknowingly submitting to a biometric process they didn’t consent to.
Key Takeaways:
- Violation: Face authentication made mandatory without consent by Airtel and Jio
- Regulatory Breach: Violates UIDAI and DoT guidelines that mandate consent-based and optional authentication methods
- Customer Impact: SIMs denied upon failed face scans; no fingerprint or OTP options offered
- Telco Response: Airtel acknowledges miscommunication; Jio claims partial mandate
- Government Position: Aadhaar required, but no mode is mandatory; complaints to be probed.