Skip to main content

Is the documents uploaded to DigiLocker fully secure - Some concerns about Digilocker security

India's National Digital Locker System - DigiLocker

In 2015 Govt of India had launched an Aadhaar based, centralized secured National Digital Locker System. With this a user can store the digitally formatted documents and agencies can verify this in a fast and easy manner. Those having an Adhar card can login to and upload their scanned copies of all important documents like education certificates, bills, marklists, Id Proofs etc.

 You can upload pdf, JPG, JPEG, png, gif types of files. So when ever you will need those documents for verification by Government / recruitment agencies while applying for servcie or job, you can directly give your DigiLocker number.

Recently I created a Digilocker account and uploaded some docs. It was simple and easy process. One time Password (OTP) security is implemented in several steps to improve the security of the system. Storing documents digitally in a central store is really cool idea, it will really save papers. 

Along with this some concerns disturbed me. It was with the files we share through email using the "Share" option associated with each uploaded documents. When clicking the share link we are asked to enter an Email Id to which a Url to access our digital document is sent. Suppose if we unknowingly share document links to a person who is a fraudster, he can simply forward that link to other people and they can easily view and download our document and can use it for any illegal activities. For example they can use our aadhar document for getting SIM cards. How can we track that?

Security issue with Email sharing option for sharing digilocker documents

I think the simple email share option with out any verification is not at all secure.   One thing you can do is to allow the access of the documents only to a person or institution registered with digilocker, by this we can atleast track  the user who had accessed that document.  Instead of simply sharing the document link, a user should be given an option to select the registered receiver and allow the receiver to access the document. After allowing the access send a notification to the receiver via mobile or email regarding the access privilege. Also the owner of the user should have the option to revoke the access permission.

Water Marking and login check

If you are sharing a link via email, then the received should first login to the  digilocker portal (  and then only they should view or download the document.

Also on the docs displayed / downloaded at receiving end, please add a DigiLocker water mark and also put the user id or any other identification data of receiving end user .

If you have any queries related to DigiLocker system, please contact at the address given at   DigiLocker Contact Page or send email to  support[at]digitallocker[dot]gov[dot]in.

DigiLocker Address
DigiLocker Project
National E-Governance Division,
Ministry of Electronics & Information Technology,
4th Floor, Electronics Niketan, 6, CGO Complex,
New Delhi -110003, INDIA
Email :

There a lots of things you should take care of before giving your Personal ID proof copies to a service provider.Check Remember this before passing copies of your KYC documents to others to know more about safe guarding your documents.

Please comment your suggestions to make the digilocker system more secure.

Popular posts from this blog

Payback Points - How to redeem - How to merge multiple payback accounts - Block Payback card - Payback customer care

Your SBI Debit card ending with XX0000 is deactivated only for Internet txn.

SBI account holders may have received an SMS with following message, supposed to be from State Bank of India (SBI).

Your SBI Debit card ending with XX0000  is deactivated only for Internet txn. To activate send SMS "SWON ECOM 0000" to 09223966666. No change for ATM/POS usage
** Replace the four Zeros with last 4 digits of your debit card number

Recently many of the SBI account holder has losed their money due to a hi-tech ATM robbery which happened in Thiruvananthapuram, capital city of Kerala.

Joomla and Forum Integration - Integrating Forums to Joomla

Joomla is one of the most popular CMS opensource packages. It is very easier to develop website's using Joomla. You just need to download Joomla package from Joomla's Official website  and install it on your domain and later adding customizations to templates and feature and Your website is ready :). Now a days most websites provides a forum section for it users for discussing various article topics, gathering opinions etc.

Following are some best know forum opensource packages which can be integrated with Joomla and create a new forum experience for users

Urgent Openings for PHP trainees, Andriod / IOS developers and PHP developers in Kochi Trivandrum Calicut and Bangalore. Please Send Your updated resumes to   Read more »
Search This Blog