India’s digital hiring ecosystem faces growing risks, from fake IDs and duplicate profiles to vehicle compliance failures and even deepfake attempts. With the festive season hiring surging 30–40%, platforms face pressure to onboard quickly while ensuring workers are safe and verified.
In this interview, Ashok Hariharan, CEO and Co-Founder of IDfy, explains how consent management is being implemented, why fragmented verification standards across sectors leave loopholes for fraudsters, and why India’s verification framework is both ahead of the world and at a crossroads. He also warns of the hidden risks for delivery workers when customer behaviour is left unchecked.
Watch the entire interview with IDfy CEO:
Excerpts from the interview with IDfy CEO Ashok Hariharan:
Aakriti Bansal, MediaNama: Ashok, IDfy has been chosen by the Ministry of Electronics and Information Technology (MeitY) for consent management. How do you see consent management actually working in practice when it comes to digital verification?
Ashok Hariharan, IDfy: When the onboarding happens on our platform (IDfy), consent is built into the journey itself. Imagine a delivery executive. He scans a QR code, uploads his ID card, a selfie, and address proof, and then he gets a consent page. That page says: we are collecting this data for purposes one, two, and three. He ticks the boxes. That consent is captured, timestamped, immutable, and nobody can go back and change it. Only after that do we (IDfy) do the checks: ID check, selfie-to-ID match, criminal record check, and so on. All this takes about 11 minutes.
And just like you can give consent, you can revoke it. If a worker revokes consent, our system immediately stops verifications, deletes the data, and notifies the client. We (IDfy) built this before the law required it, because it is simply the right thing to do. But honestly, consent is maybe 2% of the overall problem. The bigger challenge is data governance: knowing where data is, how to delete it, how to audit third parties, and how to trace a breach.
Aakriti Bansal: What are the main challenges you see with consent management?
Ashok Hariharan: One, consent fatigue. If you give 25 tick marks, people will just click through. Take consent for what you need upfront, then go back for bite-sized consents later.
Two, purpose limitation. Just because you have collected my ID does not mean you should use it for everything. A gaming app only needs to know I am over 18, not my full address.
Three, revocation and visibility. Can I see what data you hold about me? Who did you share it with? Can I revoke it? For that, all your databases need to be connected to your consent system. You also need strong third-party risk management, because often it is the partner that leaks data, not you. Did it leak from a third party? Was my database hacked? Or did an employee misuse the data?…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
