Despite the Supreme Court’s recent strictures on Aadhaar, Nilekani has ensured that the scheme is now too big and too widely used to be scuttled
 |
Image: Mallikarjun Katakol for Forbes India
|
Nandan Nilekani, chairman of the UIDAI
|
Nandan Nilekani has pulled it off. Well, almost. In another six months he would have quit while he was ahead, after having enrolled 600 million Indians (and possibly some non-Indians) into the world’s largest and most audacious government ID project, the Unique Identification Authority of India’s (UIDAI) Aadhaar.
“Look at how many challenges we’ve contributed to help resolve: identity, financial inclusion, less-cash economy [cash transactions form the bedrock, globally, for fraud and corruption], direct benefit transfer and subsidy reform,” he told Forbes India one Friday evening in September in a relaxed mood at his residence in Bangalore’s Koramangala suburb. He looked weary yet content.
A few days after we met, credible news reports said Nilekani—IITian, ex-CEO of Infosys, best-selling author, world-flattener and chairman of the UIDAI—could soon add another title to his glittering CV: He was likely going to contest the 2014 Lok Sabha elections from Bangalore as a Congress candidate. (When we asked a follow-up question later, he wouldn’t comment on it.)
A few days after we met, credible news reports said Nilekani—IITian, ex-CEO of Infosys, best-selling author, world-flattener and chairman of the UIDAI—could soon add another title to his glittering CV: He was likely going to contest the 2014 Lok Sabha elections from Bangalore as a Congress candidate. (When we asked a follow-up question later, he wouldn’t comment on it.)
But then on September 23, the Supreme Court had to go and spoil it all with an interim ruling saying that Aadhaar was voluntary and its use could not be mandated by any government agency in order to provide services to citizens. (As we go to press, news reports say that the government will seek a review of the order.)
The ruling is not surprising: Aadhaar was always voluntary. But, over the last year, more and more states and government agencies were making its use mandatory for a host of services, from buying cooking gas to registering marriages and renting houses. Naturally, this spurred more people to get in line for their Aadhaar numbers and allowed Nilekani enough momentum to put Aadhaar conclusively beyond the reach of its detractors.
“Aadhaar is now too big to fail and too big to ignore,” says Uttam Nayak, Visa’s group country manager for India and South Asia. “Five-hundred million Indians voted for him, and he won hands-down!”
Nilekani himself is confident: “We believe [Aadhaar] is irreversible now.”
Unfortunately, the Supreme Court doesn’t seem to have got the memo.
Battle Lines
Aadhaar never lacked enemies.
The main opposition party, the Bharatiya Janata Party, felt Aadhaar numbers ought to have been given only to Indian citizens, not all residents which, in its view, would include millions of illegal immigrants (a view the Supreme Court now seems to endorse).
The Left parties believed it was a ploy to deny subsidies to sections of society.
Civil society and privacy activists were worried it would be used to indiscriminately gather information about people, which in the wrong hands could be used for harassment or mischief.
The bureaucracy fought it too, presumably because it threatened the opacity it thrived in.
Even the Congress had serious divisions over the project’s broad scope: Many saw it as a threat to existing power equations; most powerful of all, the Home Ministry’s National Population Register (NPR) fought to protect its turf.
Rarely has a major government initiative slammed into such a wall of opposition, cutting across political and ideological divides. Frankly, it’s miraculous that the UID survived at all. That it did, and the array of strategies Nilekani used to outwit and outrun his many foes, makes for a riveting study.
Stratagems and Weaponry
Nilekani was very quick off the blocks. He was appointed UIDAI chair in July 2009. The first Aadhaar number was issued in September 2010, and then the pace accelerated: 100 million by November 2011 and 200 million by February 2012. This caught many within the political and bureaucratic establishments flatfooted.
“We felt speed was strategic. Doing and scaling things quickly was critical. If you move very quickly it doesn’t give opposition the time to consolidate,” says Nilekani.
Then the war with the NPR came up. Union Home Minister P Chidambaram (now finance minister) felt the UID’s enrolment process wasn’t as foolproof as the NPR, a mandatory register under his ministry, which enrolled citizens using a strict house-to-house canvassing method involving community verification. (The UID enrolled any resident who walked into a centre.)
Tension between Nilekani and Chidambaram had been brewing for nearly a year, but came to a boil when UIDAI sought approval to enrol all of the remaining population (till then it had only got incremental approvals to enrol up to 100 million people at a time). Chidambaram, it is learnt, put his foot down.
Around the same time, in December 2011, a 31-member Parliamentary Committee headed by the BJP’s Yashwant Sinha categorically rejected the National Identification Authority of India Bill, the proposed law under which UIDAI and Aadhaar were to function; it even suggested that the data already collected be transferred to the NPR.
Faced with what looked like co-ordinated opponents, Nilekani had to compromise. In January 2012, a formula was forced upon both him and Chidambaram: UIDAI would directly enrol another 400 million people (in addition to the 200 million it already had) across 16 states while the NPR would handle the remaining 600 million in the other states. To avoid duplication, the UID and NPR would exchange data, ensuring that each one’s members would get enrolled in the other’s programme at the back end.
By then, Nilekani had realised that convincing everyone was an impossible task. He had spent enough time within Delhi’s corridors of power to realise that there was only so much he could achieve by staying neutral and apolitical.
The ruling is not surprising: Aadhaar was always voluntary. But, over the last year, more and more states and government agencies were making its use mandatory for a host of services, from buying cooking gas to registering marriages and renting houses. Naturally, this spurred more people to get in line for their Aadhaar numbers and allowed Nilekani enough momentum to put Aadhaar conclusively beyond the reach of its detractors.
“Aadhaar is now too big to fail and too big to ignore,” says Uttam Nayak, Visa’s group country manager for India and South Asia. “Five-hundred million Indians voted for him, and he won hands-down!”
Nilekani himself is confident: “We believe [Aadhaar] is irreversible now.”
Unfortunately, the Supreme Court doesn’t seem to have got the memo.
Battle Lines
Aadhaar never lacked enemies.
The main opposition party, the Bharatiya Janata Party, felt Aadhaar numbers ought to have been given only to Indian citizens, not all residents which, in its view, would include millions of illegal immigrants (a view the Supreme Court now seems to endorse).
The Left parties believed it was a ploy to deny subsidies to sections of society.
Civil society and privacy activists were worried it would be used to indiscriminately gather information about people, which in the wrong hands could be used for harassment or mischief.
The bureaucracy fought it too, presumably because it threatened the opacity it thrived in.
Even the Congress had serious divisions over the project’s broad scope: Many saw it as a threat to existing power equations; most powerful of all, the Home Ministry’s National Population Register (NPR) fought to protect its turf.
Rarely has a major government initiative slammed into such a wall of opposition, cutting across political and ideological divides. Frankly, it’s miraculous that the UID survived at all. That it did, and the array of strategies Nilekani used to outwit and outrun his many foes, makes for a riveting study.
Stratagems and Weaponry
Nilekani was very quick off the blocks. He was appointed UIDAI chair in July 2009. The first Aadhaar number was issued in September 2010, and then the pace accelerated: 100 million by November 2011 and 200 million by February 2012. This caught many within the political and bureaucratic establishments flatfooted.
“We felt speed was strategic. Doing and scaling things quickly was critical. If you move very quickly it doesn’t give opposition the time to consolidate,” says Nilekani.
Then the war with the NPR came up. Union Home Minister P Chidambaram (now finance minister) felt the UID’s enrolment process wasn’t as foolproof as the NPR, a mandatory register under his ministry, which enrolled citizens using a strict house-to-house canvassing method involving community verification. (The UID enrolled any resident who walked into a centre.)
Tension between Nilekani and Chidambaram had been brewing for nearly a year, but came to a boil when UIDAI sought approval to enrol all of the remaining population (till then it had only got incremental approvals to enrol up to 100 million people at a time). Chidambaram, it is learnt, put his foot down.
Around the same time, in December 2011, a 31-member Parliamentary Committee headed by the BJP’s Yashwant Sinha categorically rejected the National Identification Authority of India Bill, the proposed law under which UIDAI and Aadhaar were to function; it even suggested that the data already collected be transferred to the NPR.
Faced with what looked like co-ordinated opponents, Nilekani had to compromise. In January 2012, a formula was forced upon both him and Chidambaram: UIDAI would directly enrol another 400 million people (in addition to the 200 million it already had) across 16 states while the NPR would handle the remaining 600 million in the other states. To avoid duplication, the UID and NPR would exchange data, ensuring that each one’s members would get enrolled in the other’s programme at the back end.
By then, Nilekani had realised that convincing everyone was an impossible task. He had spent enough time within Delhi’s corridors of power to realise that there was only so much he could achieve by staying neutral and apolitical.
Nilekani phrases it diplomatically: “As John Kingdon [a widely-respected professor of political science at the University of Michigan] describes it, three streams—problem, solution and a compelling political need—need to converge before a ‘policy window’ opens up. The problem was the need for large-scale social inclusion and for making public spending more transparent. The solution was Aadhaar. The government put political energy behind it and gave full support.”
“I believe I’ve convinced the three who really matter,” he is learnt to have confided in a few of the people he trusted. (Nilekani denied ever having said so to Forbes India.)
Congress President Sonia Gandhi and Rahul Gandhi, her son and Congress vice president, were the first two. By October 2012, Aadhaar was emerging as one of the Congress Party’s primary poll planks. At a public meeting in Rajasthan, Sonia Gandhi launched the Direct Benefits Transfer (DBT) system which would, over time, convert most government-run subsidy and welfare schemes to cash in Aadhaar-linked bank accounts.
Usha Ramanathan, a respected activist and lawyer who has researched Aadhaar thoroughly, and has been one of its most vocal critics, thinks this was a bad idea: “One big mistake the Congress did was to turn the launch of DBT into an electoral plank. At the meeting there were only Congress leaders and flags. There was no one from the BJP or other parties.”
The third person who mattered was Reliance Industries chairman Mukesh Ambani. Nilekani is learnt to have convinced Ambani that Aadhaar could be a game-changer for even private companies like his in the long term: Direct cash transfer of government subsidies could fundamentally alter the economics of many of Reliance’s big bets, like citywide distribution of natural gas and universal broadband.
When asked about this, Nilekani said “Mr Ambani is a friend and appreciates the value of what I was doing. He’s even appreciated UID in Reliance’s public AGM. But I did not seek him out for support specifically.”
Srikanth Nadhamuni, former head of technology at the UIDAI, says, “Nandan is patient with various opinions and groups. In meetings, you’d have bureaucrats from various cadres in addition to lots of people from the corporate sector. Yet, he would take along everyone till the entire group rose to a certain level of efficiency.”
Nilekani says that heading the UIDAI “has toughened me a lot. I’ve now learnt how to deal with a lot of serious opposition, including sneak attacks from the activists, media and some agencies. My job [at Infosys] was much more genteel, but these are no-holds-barred environments”.
He navigated and outwitted a labyrinthine, hostile system by being just the opposite: Direct, non-political and patient. It helped, of course, that while his opposition was formidable, it wasn’t well coordinated—the Left and civil liberty and privacy activists didn’t share much in common with the BJP’s right-wing agenda—and that he had, as he says, “built a massive coalition of agencies allied to our cause, like Central ministries, state governments, the RBI, banks, oil companies, and even device vendors.”
Within the government, he chose an unconventional route. “The government in general is hierarchical,” he says, “Information flow is attenuated as it travels through the hierarchy. I built bridges across the system, with both senior and junior people, across ministries thus enabling a deeper understanding of the issues.” As important, Nilekani made sure he had an officer—MS Srikar, an IAS official from the Karnataka cadre—who knew the political and bureaucratic maze.
And, to avoid being seen as a threat, he renounced the typical accoutrements of power. He had, after all, already run a company with $5 billion in revenue and over 100,000 employees; he didn’t need to create another empire. Instead, “I gave up all of that. We said we’ll run a very small organisation and outsource everything else. My team was just 280 strong, but our ecosystem was 100,000 strong. It was an inversion of the usual model.”
Compounding Interest
In spite of its flaws, Aadhaar is easily the most transformative project modern India has seen.
Visa’s Uttam Nayak, a 17-year veteran of financial payment services, says, “If 600 million Aadhaar holders get bank accounts, India can leapfrog from a banking penetration of 24 percent to the 75 percent mark common in developed countries like the US. Simultaneously, we can go from 3 percent ‘electronification’ [percentage of accounts where electronic transactions take place] to 40–45 percent. That is unprecedented in the world.”
Aadhaar also promises to solve the issue long faced by banks regarding no-frills, financial inclusion-driven accounts: Inactiveness and dormancy. Poor and rural users did not use bank accounts because they didn’t have much money to save, and banks are uninterested in servicing people without savings—a vicious circle.
Nayak adds, “Just 5-10 percent of such bank accounts are active today, but under Aadhaar we can take that to 100 percent if accounts are linked to DBT.” By routing subsidies directly to these accounts, Aadhaar will create a need for transactions. As these accounts become active, banks, their correspondents, and third-party sellers will find it worthwhile to target the account holders more profitably.
Even in cities, Aadhaar’s eKYC (electronic ‘know your customer’) mandate has the power to ensure that banking channels remain equally accessible to the rich professional and the poor migrant. “Today it’s a nightmare in India to open a bank, stockbroking or mutual fund account due to KYC requirements,” Nayak says. “The success rate is around 75 percent, and even after that it often takes a month or more. Aadhaar’s eKYC allows for the instant transfer of a user’s photograph, address and even signature scan to an entity opening the account. Nowhere in the world can you open an instant paperless connection in this manner!”
It could be argued that procedures could have been made easier by the RBI, thereby reducing the necessity for Aadhaar, but there’s no evidence the central bank wants to, given its approval of Aadhaar as eKYC.
Image: Press Information Bureau
|
Prime Minister Manmohan Singh at the launch of Aadhaar Enabled Service Delivery,
in Jaipur, Rajasthan, on October 20, 2012. With him are Montek Singh Ahluwalia
(deputy chairman, Planning Commission), Finance Minister P Chidambaram,
Congress President Sonia Gandhi and Nandan Nilekani
|
Re-imagining Welfare
Nilekani canvassed across the country to ensure Aadhaar was seen by numerous government and private institutions as a vehicle for their own strategic goals. Being nebulous—just a number in the cloud—it could be different things to different stakeholders.
The RBI saw it as a path to financial inclusion for India’s 700 million unbanked. Public sector oil companies saw a tool to cull out fraudulent customers sucking up subsidies. State governments saw a platform to devise better social welfare programmes. Banks saw it as a tool to increase their customer base and profits.
But the raison d’être for UID was to improve efficiency of government welfare programmes.
India’s welfare spend has long been criticised for inefficient implementation, the inclusion of the ineligible and exclusion of the eligible. The key reason for both has been that the needy lack the means of identification that can be easily verified without depending on bureaucratic discretion.
Nidhi Khare, advisor to the Planning Commission on the DBT, says that in the medium to long term, a UID-based system will not only efficiently provide welfare but also provide better understanding of who receives it. An IMF study says that merely linking Aadhaar with direct cash benefits transfer could save India 0.5 percent of its GDP annually. And a November 2012 paper from the National Institute of Public Finance and Policy (under the Planning Commission, the body under which UIDAI functions) estimated Aadhaar could save the government Rs 110,000 crore by 2020, or nearly 58 percent of its expenditure on various public service schemes.
An indicator: In the 20 districts which were pilots for Aadhaar rollouts, after the expiry of the three-month grace period on August 31, it was found that about 30 percent of the people haven’t claimed their LPG subsidies. Oil companies estimate that eventually the government could save about 20 percent in LPG subsidies alone (they were Rs 40,000 crore in 2012-13).
Nilekani sums it up succinctly: “Aadhaar satisfied both the growth advocates by reducing wastage and improving efficiency, and the development advocates by providing identity and inclusion.”
Advantage: Aadhaar
The Supreme Court ruling may have only repeated what UIDAI and the UPA government have been insisting all along—that Aadhaar is voluntary—but it marks a significant change.
Nilekani had converted what was initially a disadvantage—that UIDAI wasn’t authorised by Parliament—into a sweet spot: It could bypass the procedures public projects are subject to, and at other times cite its government mandate to convince sceptical users and partners.
Usha Ramanathan says, “UID wasn’t originally meant to enrol Indians, but only manage the back office, databases and co-ordinate enrolment. But Nilekani was impatient and thought that the government takes too long for most things, so he decided to go ahead with enrolments too.”
Nilekani, however, says that UIDAI itself was never an enroller. “We created a multi-registrar model under which we appoint state governments, banks, post offices or agencies like NSDL instead of just relying on one enrolment channel. We’ve created a more competitive scenario that de-risked and reduced the dependence on a single channel, and rightly so,” he says.
UIDAI officials like to point out that the NPR has been a laggard at enrolments, with only around 30 percent of Aadhaar’s numbers. But, as Ramanthan says, “NPR has to function under the law while the UID, which has only an executive notification, could stay out.”
It is too early to say whether the Supreme Court order will arrest Aadhaar’s momentum. While it is an identity project, it is, in the long run, a two-sided network, with hundreds of millions of users on one side and apps from government agencies and private companies on the other.
As with any network, the more the users, the higher the value of the network. As Nilekani puts it, “Our theory is that this creates a virtuous cycle, but for that to happen we had to crack the problem of getting the first few hundred million users.”
Having enrolled nearly 500 million Indians, Aadhaar may be well past the tipping point.
Goodbye Privacy?
Nikhil Dey, social activist and member of NCPRI (National Campaign for People’s Right to Information), is not a fan of UID. He calls it “the opposite of RTI [Right to Information]. We fought all these years to have government information made public; and now the government will have access to every act of every citizen and it’ll be kept secret.”
It is important to put his criticism into context. Nilekani and the UIDAI maintain that they do not collect or store any information on users other than their biometric (fingerprints and iris scans) and demographic data (name, date of birth, sex, address) and, optionally, email ID and phone, plus a record of the ‘Yes/No’ responses provided to authentication requests.
But using Aadhaar as sort of a ‘magic key’, a determined government (or powerful adversary) could piece together very detailed information about citizens that is today scattered. These include banking transactions, online purchases, travel itineraries, mobile phone usage, location history and practically anything else that can be electronically recorded.
Take the census, for instance. In most countries, including India, the census has survived due to the implicit pact between citizens and their governments: We the people share our private data truthfully with you, provided we are kept anonymous and you only use large-scale trends.
But thanks to the deal between NPR and UIDAI, each Census respondent’s data is tied with his or her Aadhaar number, allowing for unprecedented granularity.
Nilekani canvassed across the country to ensure Aadhaar was seen by numerous government and private institutions as a vehicle for their own strategic goals. Being nebulous—just a number in the cloud—it could be different things to different stakeholders.
The RBI saw it as a path to financial inclusion for India’s 700 million unbanked. Public sector oil companies saw a tool to cull out fraudulent customers sucking up subsidies. State governments saw a platform to devise better social welfare programmes. Banks saw it as a tool to increase their customer base and profits.
But the raison d’être for UID was to improve efficiency of government welfare programmes.
India’s welfare spend has long been criticised for inefficient implementation, the inclusion of the ineligible and exclusion of the eligible. The key reason for both has been that the needy lack the means of identification that can be easily verified without depending on bureaucratic discretion.
Nidhi Khare, advisor to the Planning Commission on the DBT, says that in the medium to long term, a UID-based system will not only efficiently provide welfare but also provide better understanding of who receives it. An IMF study says that merely linking Aadhaar with direct cash benefits transfer could save India 0.5 percent of its GDP annually. And a November 2012 paper from the National Institute of Public Finance and Policy (under the Planning Commission, the body under which UIDAI functions) estimated Aadhaar could save the government Rs 110,000 crore by 2020, or nearly 58 percent of its expenditure on various public service schemes.
An indicator: In the 20 districts which were pilots for Aadhaar rollouts, after the expiry of the three-month grace period on August 31, it was found that about 30 percent of the people haven’t claimed their LPG subsidies. Oil companies estimate that eventually the government could save about 20 percent in LPG subsidies alone (they were Rs 40,000 crore in 2012-13).
Nilekani sums it up succinctly: “Aadhaar satisfied both the growth advocates by reducing wastage and improving efficiency, and the development advocates by providing identity and inclusion.”
Advantage: Aadhaar
The Supreme Court ruling may have only repeated what UIDAI and the UPA government have been insisting all along—that Aadhaar is voluntary—but it marks a significant change.
Nilekani had converted what was initially a disadvantage—that UIDAI wasn’t authorised by Parliament—into a sweet spot: It could bypass the procedures public projects are subject to, and at other times cite its government mandate to convince sceptical users and partners.
Usha Ramanathan says, “UID wasn’t originally meant to enrol Indians, but only manage the back office, databases and co-ordinate enrolment. But Nilekani was impatient and thought that the government takes too long for most things, so he decided to go ahead with enrolments too.”
Nilekani, however, says that UIDAI itself was never an enroller. “We created a multi-registrar model under which we appoint state governments, banks, post offices or agencies like NSDL instead of just relying on one enrolment channel. We’ve created a more competitive scenario that de-risked and reduced the dependence on a single channel, and rightly so,” he says.
UIDAI officials like to point out that the NPR has been a laggard at enrolments, with only around 30 percent of Aadhaar’s numbers. But, as Ramanthan says, “NPR has to function under the law while the UID, which has only an executive notification, could stay out.”
It is too early to say whether the Supreme Court order will arrest Aadhaar’s momentum. While it is an identity project, it is, in the long run, a two-sided network, with hundreds of millions of users on one side and apps from government agencies and private companies on the other.
As with any network, the more the users, the higher the value of the network. As Nilekani puts it, “Our theory is that this creates a virtuous cycle, but for that to happen we had to crack the problem of getting the first few hundred million users.”
Having enrolled nearly 500 million Indians, Aadhaar may be well past the tipping point.
Goodbye Privacy?
Nikhil Dey, social activist and member of NCPRI (National Campaign for People’s Right to Information), is not a fan of UID. He calls it “the opposite of RTI [Right to Information]. We fought all these years to have government information made public; and now the government will have access to every act of every citizen and it’ll be kept secret.”
It is important to put his criticism into context. Nilekani and the UIDAI maintain that they do not collect or store any information on users other than their biometric (fingerprints and iris scans) and demographic data (name, date of birth, sex, address) and, optionally, email ID and phone, plus a record of the ‘Yes/No’ responses provided to authentication requests.
But using Aadhaar as sort of a ‘magic key’, a determined government (or powerful adversary) could piece together very detailed information about citizens that is today scattered. These include banking transactions, online purchases, travel itineraries, mobile phone usage, location history and practically anything else that can be electronically recorded.
Take the census, for instance. In most countries, including India, the census has survived due to the implicit pact between citizens and their governments: We the people share our private data truthfully with you, provided we are kept anonymous and you only use large-scale trends.
But thanks to the deal between NPR and UIDAI, each Census respondent’s data is tied with his or her Aadhaar number, allowing for unprecedented granularity.
Image: Mansi Thapliyal / Reuters
|
Women queue up to enrol for Aadhaar at Merta district in Rajasthan
|
Usha Ramanathan finds this alarming: “What is happening in the Registrar General’s office is scandalous. This year, the Socio Economic and Caste Census will have the UID number attached, allowing for profiling of respondents. What happened to the idea of anonymising and protecting citizens?” Effectively, she says, the NPR is “currently collecting biometric data from citizens without a law, simply because no one is stopping them”.
Another example: In February, the Maharashtra chief secretary suggested forcing all RTI applicants to provide their Aadhaar numbers, ostensibly to cut down on ‘misuse’, but it’s easy to see how such steps could be used to identify and target citizens who ask uncomfortable questions.
“UID could be turned back to destroy the war on corruption,” says Ramanathan.
How Safe Is Your Data?
In a world where identities are created, stored and stolen online, many people are wary of the fact that Aadhaar does not offer any legal protection for citizen data.
When asked about the UIDAI’s policies on breach disclosure, liability or data-retention policies, Nilekani candidly admitted that there were none currently, but that his team was working on finalising them (see Q&A, page 50). But he emphasised that Aadhaar was designed in a manner that ensured ‘optimal ignorance’ between various players through the use of ‘federated databases’ (multiple independent databases that are joined together only when required). It stores minimal transaction history data about users. For instance, the location, time and place from where your bank transaction was authenticated will be stored, but not how much money you withdrew.
“Look, we’re amongst the most prepared government agencies when it comes to privacy. But the work on the privacy law had to happen in parallel. Certainly we need one, not just for UID but also for various other aspects like mobile phone records. In fact I myself have been emphasising the need for a privacy law for the last 3 years.” says Nilekani.
As for biometrics, Anil K Jain of Michigan State University, one of the world’s foremost experts, says, “People are putting undue pressure on biometrics; they have too much expectation but they could be disappointed.” No system is 100 percent correct. With fingerprints plus iris scans, Aadhaar authentication is more than 99 percent correct—impressive in a diverse country like India where, aside from technology, other factors kick in, like the many Indians whose manual labour has worn out their fingerprints.
Jain says that aside from false positives (see box), UIDAI should also be looking at false negatives, and making sure they address that section of the population by other authentication means. He also says that people shouldn’t worry too much about biometrics data being stolen. Unlike passwords or the USA’s Social Security Numbers, biometric data is stored as images; even if they are stolen, what will the thief do, he asks, make a fake finger? Sensors are getting smarter and can detect real fingers from fake fingers.
Jain may be in for a bit of a shock though. On September 21, members of German hacker collective Chaos Computer Club (CCC), unlocked Apple’s new iPhone 5S’s ‘Touch ID’ (an inbuilt fingerprint sensor), using a high-resolution scanner and laser printer, transparency sheets, latex glue and moisture-laden breath.
“This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market,” they wrote. Frank Rieger, spokesperson of the CCC, said on their site, “We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token.”
Launch Pad
Khosla Labs in Bangalore hosts what is arguably the most experienced, talented pool of UID engineers anywhere. CEO Srikanth Nadhamuni was UIDAI’s head of technology, and entrepreneurs-in-residence Sanjay Jain and Vivek Raghavan and architects Srikanth Shreenivas, Shashikant Soni and Bharat Lakshman were all senior UID engineers. Since late 2012, their teams have been building and testing software applications around what Nadhamuni calls ‘transformational problems’ in mobile payments, banking, retail and health care. If some of those become viable, Khosla Labs plans to spin them out and fund them via its parent venture fund, the $1.3 billion Khosla Ventures.
Though Khosla Labs has yet to release any of its work, it is safe to say it is at the crest of what Nilekani calls Wave 3 and Wave 4 of Aadhaar’s evolution.
Aadhaar as a universal identity platform, instead of just a card, will now gain significance. By allowing private app makers across sectors to use Aadhaar for authentication, Nilekani achieves two key objectives. Firstly, this creates a sustainable source of non-government revenue (authentication and eKYC fees from private players) that can sustain UIDAI’s funding needs over time. More importantly, a vibrant ecosystem of service providers and users creates ‘thick accountability,’ a well-meshed connect between users’ lives and the services they need.
Nilekani is well satisfied: “The transformational build phase for the UID is over and now it needs to become a utility. My goal in the next one year would be to: get to 600 million Aadhaar numbers; at least 50 million enabled in the Aadhaar-based DBT platform; launch iris authentication devices; and create a nationwide network of at least a few thousand micro ATMs; and launch P2P [person-to-person] payments. Once it reaches that critical mass, people will build atop that and the locus of innovation will shift from within UID to outside.”
(Additional reporting by Udit Misra)
Khosla Labs in Bangalore hosts what is arguably the most experienced, talented pool of UID engineers anywhere. CEO Srikanth Nadhamuni was UIDAI’s head of technology, and entrepreneurs-in-residence Sanjay Jain and Vivek Raghavan and architects Srikanth Shreenivas, Shashikant Soni and Bharat Lakshman were all senior UID engineers. Since late 2012, their teams have been building and testing software applications around what Nadhamuni calls ‘transformational problems’ in mobile payments, banking, retail and health care. If some of those become viable, Khosla Labs plans to spin them out and fund them via its parent venture fund, the $1.3 billion Khosla Ventures.
Though Khosla Labs has yet to release any of its work, it is safe to say it is at the crest of what Nilekani calls Wave 3 and Wave 4 of Aadhaar’s evolution.
Aadhaar as a universal identity platform, instead of just a card, will now gain significance. By allowing private app makers across sectors to use Aadhaar for authentication, Nilekani achieves two key objectives. Firstly, this creates a sustainable source of non-government revenue (authentication and eKYC fees from private players) that can sustain UIDAI’s funding needs over time. More importantly, a vibrant ecosystem of service providers and users creates ‘thick accountability,’ a well-meshed connect between users’ lives and the services they need.
Nilekani is well satisfied: “The transformational build phase for the UID is over and now it needs to become a utility. My goal in the next one year would be to: get to 600 million Aadhaar numbers; at least 50 million enabled in the Aadhaar-based DBT platform; launch iris authentication devices; and create a nationwide network of at least a few thousand micro ATMs; and launch P2P [person-to-person] payments. Once it reaches that critical mass, people will build atop that and the locus of innovation will shift from within UID to outside.”
(Additional reporting by Udit Misra)
This article appeared in the Forbes India magazine of 18 October, 2013
