In 2010, India started rolling out the 12-digit ‘Aadhaar’ – the unique, biometric-backed, national identification number for all its residents. The entire project required meticulous planning, thorough field tests, consultations from experts and the support of the entire nation for it to become the success it now is – currently more than 1.2 billion numbers have been issued. This article tries to throw light on the need for Aadhaar, its purpose, mindset and implementation. The impact, success and challenges shall be explored in Part 2 of this series.

Wednesday 29 September 2010 marked a historic day, and 78xx7xx1xx84 a historic number in India, as well as in global history in terms of national identification systems. With that number on that day, Ms. Ranjana Sonawne became the first Indian recipient of a unique identification number (UID). In addition to Ranjana, nine other tribals from the village of Tembhli in the Nandurbar district of Maharashtra were presented with the very first ‘Aadhaar’ number cards in India (‘Aadhaar’ means ‘foundation’ or ‘base’). The chief of the Unique Identification Authority of India (UIDAI), Nandan Nilekani, Chief Minister of State Ashok Chavan and more than 100.000 residents from the area were also present to witness this historic moment.[1] The eventful day marked around 50 years of struggle, 7 years of ideation and 12 months of thorough effort and planning, and also set the stage for more than a decade of future roll-out of potentially the world’s largest national identification system.

Identification challenges

Since the country gained independence in 1947, for a densely populated democracy like India one of the biggest challenges had been to accurately identify its residents and ensure unfiltered delivery of various benefits to those eligible for it. For decades, the democratic state faced an identification crisis – a crisis that lay at the core of India’s public distribution system. According to World Bank statistics, India is the second most populous country in the world. It crossed the 1 billion mark in the late 1990s, was at almost 1.1 billion when the first ideas for national identity emerged in 2002, and had crossed 1.2 billion by the time the first Aadhaar numbers were issued.[2] With such a large population, the incumbent structure of multiple identity cards used by various central as well as state governments for the identification of their citizens and residents seemed outdated and lethargic, and disbursement of a variety of schemes/ benefits (such as gas subsidy, pension schemes and rebates) and other such projects became close to impossible to implement smoothly.

In 2002, the NDA government proposed the idea of a multipurpose national identity card with the aim of managing the identity of citizens, and to address concerns of national security and the challenge of illegal immigration, especially in the aftermath of the Kargil War between India and Pakistan in 1999. The idea was eventually taken up by the successor UPA government, and a National Authority for Unique Identity under Planning Commission was approved to oversee the project.[3]

Improved inclusion

In addition to the stated aim of border control, the most plausible outcome for a national identity project seemed to be better inclusion. A plethora of government issued IDs existed, ranging from the electoral ID card for voting, the PAN card for income tax and the ration card for daily supplies, to birth certificates and state driving licences. However, they all had limited usage and focused on specific use cases, and none of them were common to a billion strong population or were accepted as a sufficient form of identity proof across the board for various services. The people most affected by this structure of different IDs for different locations and applications were the working class, as they move between cities and towns frequently and faced a daunting task in gaining access to their entitlements in both native and current locations. Further, due to the decentralised issuance system there were also numerous cases of the same person holding multiple versions of the same type of card at the same time.

Delivery of government services

An additional justification for introducing a digitised national identity number was to ensure accurate and timely delivery of government services and incentives, reduce the filtering of these services by intermediaries, and eradicate fraud and corruption that was extremely commonplace. For example, a 2008 Planning Commis­sion report demonstrated that “more than one third of grain intended for poor households was instead sold to non-poor households, and that more than half of subsidised grains did not reach intended recipients due to various errors in delivery and identification.”[4]

The challenges were multiple, and the need for a robust, digital and unique ID system was evident. While the idea itself was mooted in 2002, change in ruling government, multiple levels of bureaucracy and approvals, laying the foundation for ground work, ironing out the smallest details, and devising a plan for delivery meant that another five years or so had passed by before any dedicated action was taken.

The foundation of Aadhaar

In pursuance of the Empowered Group of Ministers’ meeting on 4th November 2008, the then Planning Commission constituted the UIDAI as an attached office under its own aegis with an initial core team of 115 officials and staff. The UIDAI’s goal was to develop and implement the necessary institutional, technical, and legal infrastructure to issue UIDs to Indian residents that are (a) robust enough to eliminate duplicate and fake identities, and (b) can be verified and authenti­cated in an easy, online and cost-effective way. On 12 September 2015, the government revised the Alloca­tion of Business Rules to attach the UIDAI to the Depart­ment of Electronics & Information Technology, and eventually established it as a statutory authority under the provisions of the Aadhaar Act 2016. Under this Act, the UIDAI’s responsibilities have extended to Aadhaar enrolment and authentication, including the operation and management of all stages of the Aadhaar life cycle, developing the policy, procedure and system for issuing Aadhaar numbers and perform authenti­cation. The UIDAI is also required to ensure the security of identity information and authentication records of individuals.[5]

GE_25279_Fig01
Figure 1: A sample of the Aadhaar card.[6]
Aadhaar’s biometric technology

The UIDAI was empowered with selecting the technology for the digital ID, as well as managing the humongous amount of information pertaining to a population of 1.2 billion people that would need to be captured, processed, compiled and stored. The system had to ensure that the authenticity and genuineness of people could be verified, duplicity was prevented, and key services delivered to the poor and the needy. However, one very important criterion kept in mind was the providing of services to those who did not have an ID. The above guidelines, coupled with learnings from the past, pointed to the use of biometric technology as the way forward.

The selection of the type of biometric technology poised the next hurdle, as the large scale required extremely high accuracy (near perfect) and matching rates. Furthermore, the decentralised system also called for a highly standardised process for capturing and verification. In view of the above challenges, a Committee for framing the biometric standards for the UIDAI was set up in September 2009.

The committee concluded that the ISO 19794 series of biometrics standards for fingerprints, face and iris set by the International Standards Organization were the most suitable for this purpose. Additionally, in its recommen­dation report it stated that: “While 10 fingerprint bio­metrics and photographs can ensure a de-duplication accuracy higher than 95% depending upon the quality of data collection, there may be a need to improve the accuracy and also create a higher confi­dence level in the de-duplication process. With the emerging tech­nology of iris recognition, it was possible to improve the de-duplication accuracy. According to Western data, accuracy as high as 99% has been achieved for iris recognition.” However, in the absence of empirical Indian data, it was not possible for the Committee to precisely predict the improvement in the accuracy of de-duplication due to the fusion of finger­print and iris scores. The Committee allowed the UIDAI to consider the use of iris recognition as a third bio­metric, if they felt it was required for the Unique ID project.[7]

The recommendation was well received by the UIDAI, and a proof-of-concept experiment was performed in the first half of 2010 in the rural areas of a few states, the results from which included:

  • Iris enrolment took less than a minute to capture and could be captured effectively from people, even from those who were blind.
  • Children between 4-15 years could be biometrically enrolled correctly and could be de-duplicated as accurately as adults.
  • The accuracy levels achieved with a combination of fingerprint and iris biometrics were more than an order of magnitude (10x) better than using one or the other.[8]

The experiment acted as a giant stride towards finalising the system. Its findings, combined with the committee recommendations and global standards, led to the following system design by the UIDAI:

  • Open Architecture through a platform approach with APIs that relies on open standards to ensure interoperability and avoid vendor lock-in;
  • Scalability through established network and data centre load balancing and a multilocation distributed architecture for horizontal scale;
  • Standardised enrolment software with quality checks for biometric and demographic data and consistency of capture process;
  • Enrolment server to perform demographic de-duplication, biometric de-duplication and manual adjudication of matches found by the system;
  • Data Security of 2048-bits PKI encryption and tamper detection including encryption even within the UIDAI system, and no tracking of any transactional data;[9]
  • Multifactor authentication based on triple biometric modalities (face, 2 irises and 10 fingerprints), along with an email address or mobile number.

GE_25279_Fig02
Figure 2: UID systems architecture.[10]
The roll-out

The UIDAI was responsible for designing the standards and enrolment guidelines, but the responsibility to provide resources and in turn fulfil the targeted enrolment numbers fell on the States and Union Territories (UT) through the medium of appointed registrars. To this effect, almost all States and UT registrars had signed a Memorandum of Understanding with the UIDAI.[11]

The registrars, in turn, hire and delegate the work to enrolment agencies (EA), for undertaking demographic and biometric data collection for UID enrolment. The collected data are then passed back to the registrar and eventually to the UIDAI Central Identities Data Repository (CIDR). The EAs must meet general eligibility criteria as outlined in the Request for Empanelment issued by the UIDAI. They are assessed on a four-level technical and financial maturity basis, before being empanelled.

The EAs further employ operators to perform the actual enrolment, and supervisors to manage the centre and ensure adherence to processes, data quality, and exception management. Further, the documents brought in by the resident are duly authenticated by verifiers. Any serving or retired official from the government or public sector undertakings not below the rank of Group ‘C’/ class III employees may be deployed as verifier. In addition, the UIDAI engages content development agencies to develop training materials for new operators and supervisors, and testing and certification agencies to certify them.

Upon enrolment, the records are sent to the CIDR. The success or failure of generating a UID was initially communicated via a letter through the post. Later, email and SMS were also added as the first-step mechanisms of notification.

GE_25279_Fig03
Figure 3: The standardised Aadhaar enrolment process.[8]
Conclusion

As of July 2019, there are a total of 214 active registrars, managing 711 active enrolment agencies, which have 859,501 certified operators and supervisors working at 21,817 enrolment stations. Around 170 enrolment agencies are currently operating across India, and a total of a staggering 1.24 billion UID numbers have been issued since inception, amounting to more than 90% coverage. Interestingly, more than 25% of the registered persons are under the age of 18.[12]

Thus, an idea seeded by the NDA government, set up by the UPA government and designed by the UIDAI was executed with the assistance of the State governments and hundreds of thousands of Indian residents them­selves. Aadhaar truly is a symbol of India’s democratic motto of “for the people, of the people, by the people”.

References

    1. https://www.thehindu.com/news/national/Tembhli-becomes-first-Aadhar-village-in-India/article13673162.ece
    2. https://data.worldbank.org/indicator/SP.POP.TOTL?end=%202018&locations=IN&most_recent_value_desc=true&start=2008
    3. https://www.deccanherald.com/content/6000/govt-serious-multi-purpose-national.html
    4. Vijayakumar P. (2018). AADHAAR: A tool for good governance. Lulu Publication, Raleigh, NC.
    5. https://uidai.gov.in/about-uidai/unique-identification-authority-of-india/about.html
    6. https://commons.wikimedia.org/wiki/File:A_sample_of_Aadhaar_card.jpg
    7. UIDAI Committee on Biometrics (2009). Biometrics Design for UID Applications, Version 1, p. 5.
    8. UIDAI (2012). Role of Biometric Technology in Aadhaar Enrollment. pp. 2-12.
    9. https://mapr.com/blog/architecting-worlds-largest-biometric-identity-system-aadhaar-experience/
    10. Zelazny F. (2012). The Evolution of India’s UID Program. Policy Paper 008, Center for Global Development, p. 10.
    11. https://uidai.gov.in/ecosystem/enrolment-documents/mous.html
    12. https://uidai.gov.in/aadhaar_dashboard/india.php
Previous articleFormer Rolls-Royce boss now head of De La Rue
Next articleWhere 170 million ‘red lobsters’ go to die
Shreyans Bengani is a Director at Ecartes Technology, an empanelled Enrolment Agency with the UIDAI. Shreyans focuses on new technologies in identity, tracking and security management. He carries a wealth of experience through working across three continents, and wants to make an impact in India.