New Delhi, Jan. 6 -- Today, more than half of all data breach incidents target personally identifiable information-tax identities, passport numbers, biometric data and the like. In most instances, this information was collected and stored to comply with know-your-customer (KYC) obligations.

Could the regulations we put in place to prevent financial crime be the leading reason why identity theft has risen so dramatically? And has KYC insistence led regulated entities to create some of the most valuable and breach-prone datasets in India's economy?

This does not have to be the case. Even though Section 11A of the Prevention of Money Laundering Act (PMLA), 2002, permits identity verification using either Aadhaar authentication or offline v...