What makes an Aadhaar number valid?

A valid Aadhaar number has exactly 12 decimal digits, its first digit is between 2 and 9 inclusive (UIDAI never issues numbers starting with 0 or 1), and its 12th digit is a Verhoeff check digit that satisfies the dihedral-group checksum. All three conditions must be true simultaneously.

What is the Verhoeff checksum and why does UIDAI use it?

The Verhoeff algorithm, designed by Dutch mathematician Jacobus Verhoeff in 1969, uses the dihedral group D5 to generate a check digit that detects all single-digit errors and all adjacent transposition errors (swapping two neighbouring digits). Because both are extremely common human data-entry mistakes, UIDAI adopted Verhoeff as the check digit for its 12-digit Aadhaar numbers. The algorithm applies a position-dependent permutation table P and a multiplication table D derived from D5 to produce a running checksum; a valid number leaves a final checksum of exactly 0.

Does a structurally valid Aadhaar mean the number was actually issued?

No. The Verhoeff checksum only confirms the number is mathematically well-formed according to UIDAI's public structural rules. It cannot tell you whether that number was issued, who holds it, or whether it is currently active. Only the UIDAI authentication API (Aadhaar Authentication Service) can verify a real identity, and that requires the resident's biometric or OTP consent.

Can an Aadhaar start with 0 or 1?

No. By UIDAI design, Aadhaar numbers always start with a digit between 2 and 9. Numbers starting with 0 or 1 are structurally invalid regardless of their Verhoeff checksum. The validator reports this as a distinct "first-digit rule failed" failure so you can see exactly which rule was violated.

Is my Aadhaar number sent to any server?

No. The entire validation — the first-digit check and all 12 steps of the Verhoeff computation — runs in your browser using JavaScript. There are no network requests, no cookies tied to the input, and no logging. Your Aadhaar number never leaves your device.

What does the algorithm trace show?

The trace lists all 12 steps of the Verhoeff computation from right to left (least significant digit first). For each step it shows: the 0-based position from the right, the original digit, the permuted value after applying P[position mod 8][digit], the incoming running checksum c, and the outgoing checksum D[c][permuted]. The final outgoing value must be 0 for the number to be valid.

India Aadhaar Number Validator

An India Aadhaar number validator that checks both the structural rules published by UIDAI and the full Verhoeff dihedral-group checksum — the real algorithm behind every legitimate Aadhaar, explained step by step. Useful for developers building form validation, data-quality teams catching typos before records are submitted, or anyone who wants to understand exactly how Aadhaar check digits work without contacting a government server.

What is an Aadhaar number?

The Aadhaar is a 12-digit unique identity number issued to Indian residents by the Unique Identification Authority of India (UIDAI). Since its introduction in 2009 it has become the primary national identity credential for over 1.3 billion people. Every Aadhaar is printed on an Aadhaar card and stored in UIDAI’s Central Identities Data Repository (CIDR). The number itself does not encode any personal information such as name, address, or date of birth — it is a randomly assigned identifier whose only built-in structure is the first-digit range and a cryptographically robust check digit.

Structural rules

UIDAI’s publicly documented rules for a well-formed Aadhaar are:

Exactly 12 decimal digits. No letters, spaces (unless used as grouping separators), or other characters.
First digit 2–9. UIDAI never issues numbers beginning with 0 or 1 — those ranges are reserved and will never appear in the wild.
Verhoeff check digit. The 12th digit is computed from the first 11 using the Verhoeff algorithm. Processing all 12 digits right-to-left through the algorithm must yield a final checksum of 0.

The Verhoeff algorithm in detail

The Verhoeff checksum (Jacobus Verhoeff, 1969) is based on the mathematical structure of the dihedral group D5 — the symmetry group of a regular pentagon. It requires three fixed lookup tables:

D (10 × 10 multiplication table): derived from the group operation of D5 extended to ten elements. D[a][b] gives the group product of elements a and b.
P (8 × 10 permutation table): maps a position (modulo 8) and a digit (0–9) to a permuted digit. The 8-row cycle makes the checksum position-aware, catching transposition errors that simpler modular checksums miss.
INV (inverse table, not needed for validation): used only when generating the check digit.

Computation: start with checksum c = 0. Traverse the digits from right (position 0) to left (position 11):

c = D[ c ][ P[ position mod 8 ][ digit ] ]

After all 12 digits, a valid number has c === 0. The “Show algorithm trace” button displays every intermediate value so you can follow exactly what each digit contributes.

Why Verhoeff beats Luhn: the Luhn algorithm (used on credit cards) detects all single-digit errors but misses some adjacent transpositions. Verhoeff detects all single-digit errors and all adjacent transpositions — it catches every swap of two neighbouring digits, which is the most frequent human data-entry mistake.

Example

The number 2345 6789 0124 is an obviously-fake example (not a real UIDAI-issued number) that satisfies all three rules: the first digit is 2, the length is exactly 12, and the 12th digit (4) is the correct Verhoeff check digit for the preceding 11 digits. Changing any single digit — for example to 2345 6789 0125 — produces a checksum of 9 instead of 0, and the validator will report the failure with the exact mismatch value.

Input	First digit OK?	Verhoeff = 0?	Result
2345 6789 0124	Yes (2)	Yes	Valid
1234 5678 9120	No (1)	—	Invalid
2345 6789 0125	Yes (2)	No (c=9)	Invalid — bad checksum
234 5678 9012	—	—	Invalid — wrong length

Privacy guarantee: every check runs locally in your browser. No data is uploaded, no server is contacted, and nothing is stored. This tool does not query the UIDAI authentication API and cannot confirm whether a number is registered to anyone.