The September 15 deadline for telecom service providers to implement facial authentication is drawing close, but operators said there wasn’t enough time to have the necessary equipment in place.

In a recent order, the Unique Identification Authority of India (UIDAI) directed the telecom operators to ensure that at least a tenth of their monthly enrolments were done using facial authentication.

“While we acknowledge that face recognition is an added layer of security when Aadhaar is used to link mobile services, our concerns remain around the timeframe for implementing it,” Rajan Mathews, director general of the Cellular Operators Association of India, told TOI on Thursday.

He added that the implementation date of September 15 was contingent upon operators being given the necessary equipment on time. “The implementation is out of our hands otherwise,” Mathews added.

The UIDAI has allowed for a phased rollout of this feature, “as not all Aadhaar Authentication User Agencies are ready in terms of devices for Face Recognition (sic)”.

To be clear, facial verification only applies to those cases where the customer has sought a SIM card by providing an Aadhaar number. It is the second step in a two-factor verification process, with fingerprint/iris scanning being the first step.

This rule doesn’t apply to cases where the customer has opted to provide other documents of proof or even the virtual ID. In the latter case, fingerprint or iris verification will suffice.

This decision was taken to curb instances of fingerprint spoofing or cloning. Facial authentication will also make the process of eKYC more inclusive, giving the customer more choices, especially in cases where there are problems in iris or fingerprint authentication.

The recent UIDAI circular mandates that at least 10% of monthly transactions must done via the two-factor authentication. “Any shortfall in transactions using face authentication would be charged at Rs0.2 per transaction,” the circular added.

Mathews said, “The (10%) requirement is to ensure that operators comply with the directive by September 15. Operators will do their best to comply. However, we may revert to UIDAI for relief if we cannot comply due to reasons beyond our control.”