fractured earth

Home » Posts tagged 'UIDAI'

Tag Archives: UIDAI

Aadhaar shows India’s governance is susceptible to poorly tested ideas pushed by powerful people

This series has flagged a puzzling trend. State governments are struggling to use Aadhaar-based fingerprint authentication in ration shops. At the same time, a rising number of companies are integrating Aadhaar into their databases.

This is puzzling because from its inception, Aadhaar, India’s Unique Identification project, was pitched as integral to the modernisation of social welfare delivery in India.

Why is it failing at the job it was created for while proving useful elsewhere?

The answers vary depending on whom you ask. Former officials of the Unique Identification Authority of India, the government agency which issues Aadhaar numbers and manages the database, blame state governments and banks for poor execution of Aadhaar-based welfare delivery. State governments in turn blame banks and poor internet connectivity and the failures of biometrics-based technology.

These are – at best – incomplete explanations.

The roots of Aadhaar’s mission drift lie deeper.

why we need to talk about the companies building authentication apps off the aadhaar database

Monika Chowdhry, who heads the marketing division of Swabhimaan Distribution Services, the company that created TrustID, defended the app, saying it offers the valuable service of verifying people’s identities. “In our day to day life, we do a lot of transactions with people – like maids or plumbers. Till now, you would have to trust them on what they said about themselves and what others said about the quality of their work.” The company is solving that problem, she said. “We are saying ask the person for their Aadhaar number and name and we will immediately tell you if they are telling the truth or not,” Chowdhry said.

Chowdhry said that over time, the Aadhaar number of individuals will be used to create a private verified database of TrustIDs. “Our plan is to create a rating mechanism,” she said. Referring to the option for maid, plumbers and other service providers on the app, she added: “People like you and me, we have Linkedin and Naukri. What do these people have?”

How does the company use Aadhaar for verification and is there a reason to be concerned?

a big setback for aadhaar

The finance ministry has decided to limit Aadhaar’s role in its welfare scheme payments and, instead, use ATM-enabled RuPay cards for last-mile authentication to withdraw money. While it will continue to use Aadhaar for opening accounts and to eliminate ghosts and duplicates from beneficiary rolls, the ministry has decided to give RuPay ATM cards with bank accounts being opened under to-be-announced financial inclusion drive, Sampoorn Vittiyea Samaveshan, government officials told ET. “We do not want that an account holder should be restricted on a particular technology platform. By providing RuPay powered ATM card the account holder can transact on multiple platforms,” a senior finance ministry official said on the condition of anonymity. This is a large blow to the Unique Identification Authority of India (UIDAI) which has, till now, regarded authentication services as one of its principal functions.
ps: for context on the quote, see this post (and the accompanying article).

the latest question on aadhaar

…While researching this story, ET reviewed two drafts produced by the Department of Financial Services – one in June, and the second in July. The draft dated 8 July, 2014, says: “This account would be linked with the Aadhaar number of the account holder and would become the single point for receipt of Direct Benefit Transfers (DBT) from Government/Local Bodies.”

According to a source close to the UIDAI, who spoke to ET on the condition of anonymity, this phrasing suggests that while Aadhaar numbers might be seeded into bank accounts, it might not be used for authentication. In other words, once the cash flows into the Aadhaar-linked bank account, last-mile authentication when the money is being withdrawn will be done using the authentication systems of either the relevant bank or the last-mile service provider – like a Banking Correspondent (BC) company.

Not using Aadhaar for last mile authentication has significant fallouts for the UIDAI. Which, among other things, has the Aadhaar-enabled Payment System as one of its key components, and sees authentication services as one of its principal functions and revenue streams.

a small update on the ongoing churn over aadhaar and dbt. a purely online story, this.

fresh trouble for aadhaar

Agencies contracted to enroll people into the Aadhaar fold have joined hands to protest heavy penalties levied on them by the Unique Identification Authority of India (UIDAI) that was steered by tech billionaire Nandan Nilekani till three months ago. The enrollment imbroglio is the latest in a series of shocks for the project in recent weeks, with RBI suspending a plan to mandate Aadhaar-based biometric ATMs and the finance ministry stating that direct benefits transfer (DBT) can work even without Aadhaar. The development is significant amidst uncertainty at the UIDAI headquarters and field offices about the Aadhaar project’s future under the new government.

even as uncertainity over the aadhaar project continues, fresh trouble for the identity project.

should aadhaar be junked?

The last 60 days have not been good to India’s much-feted Aadhaar project.

On the 30th of January, the UPA pressed the pause button on direct benefits transfer for cooking gas. On 26 February, the Mumbai High Court directed Aadhaar to share its biometrics database with the CBI. A year earlier, a seven year old had been raped in Goa. And the investigating agency, struggling to make headway, had asked the Unique Identification Authority of India (UIDAI) for biometrics it had collected in Goa. UIDAI refused to share information saying such a move would violate privacy of its number-holders and that its biometric database and deduplication systems were not designed for forensic inquiries. In response, the CBI went to the Mumbai High Court which directed UIDAI to share its database.

The third blow fell on 24 March when investigative journalism portal Cobrapost aired videos that allegedly showed UIDAI’s enrolment agencies agreeing to enrol people from neighbouring countries in return for a bribe. Between them, these three events underlined long-standing questions about the Aadhaar project.

Between them, these three developments highlighted large worries about the ambitious Aadhaar project. Read more here.

the follies of rushing in…

yesterday was profoundly anomalous. i filed two stories. both, as it were, on aadhaar. one on a sting by cobraport which flagged faulty enrolments. and the other where the supreme court said aadhaar cannot share its database with anyone without consent from the number holders.

this is a significant development. over the last five years, a clutch of government departments and private companies have been collecting biometrics with gusto. however, with the privacy bill still on the drawing board, India has seen biometric data get collected, by multiple agencies, without any laws governing their collection, use or retention.

see these links for more substantiation of the preceding sentence. one. two. three. in the process, the country has entered a world of new risks. without, sigh, getting the safeguards in place. which brings us to the dispute between the cbi and the uidai which culminated in this SC judgement. it is one kind of an outcome.

The SC ruling was in response to a 26 February, 2014 ruling by the Mumbai High Court directing the UIDAI to provide the CBI with biometrics of all residents of Goa. The High Court’s ruling was related to the rape of a seven year old in Vasco last January. The case was handed to the CBI which, as the Aadhaar appeal to the SC says, initially asked it for biometric information of “all the persons in the state. That request was modified and only the fingerprints of 3 specified persons were asked for.”

Later, the CBI dropped that request. Says the Aadhaar affidavit, “The CBI has now found a chance fingerprint and asked Aadhaar to compare its data and the biometric data provided by the CBI.” Aadhaar refused to share information citing two reasons. One, that such a move would violate privacy of the number-holders. And two, that its biometric database and deduplication systems are not designed for forensic inquiries. When its appeal was rejected by the HC, UIDAI appealed to the SC.

what are the protocols for the use of such data? as legal researcher usha ramanathan says in the article: “the idea that databases can be used by anyone makes people vulnerable, especially in a state where there is neither law nor much respect for law.”

the good news is that the SC verdict clarifies matters to some extent. but the country still needs a regime on privacy and data (including biometrics) protection.