By Rajesh Aggarwal
My team in Department of Information Technology, Maharashtra designed and launched the Digital Locker more than one and a half year ago. And then shared it with Government of India. Unfortunately, it still has not caught public imagination. This article tells the story of Digital Locker and its potential uses.
After the formation of new Government in the Centre in 2014, the Prime Minister had asked various Secretaries to make Presentations to him. On the web, I saw some slides made by Secretary Deity Shri Ram Sewak Sharma, and one bullet point was “Digital Locker”. I quickly assembled my young and gung-ho Team of consultants and programmers in Maharashtra, and in less than two weeks, we had the basic Locker up and running on our State Cloud. Later, on request from Government of India, the Team Maharashtra was happy to hand over the code and the design, for wider usage. ( www.digilocker.gov.in )
Here is what was in my mind while designing the Locker:
First is the Signup/Login method. We were clear that only a citizen having Aadhaar number will be able to Signup. You don’t have Aadhaar – sorry, then the Digital Locker is not for you! The philosophy behind this thinking will be amply clear in next few paragraphs.
Aadhaar provides easy, anytime, anywhere, faceless (remote) identity check. Now, even OTP based eKYC or eSign is recognized by law. However, presently Aadhaar database has not too many mobile numbers, nor can we be very sure about their accuracy. Hence, I always advocate having a “verified mobile” tag in Aadhaar centralized database (CIDR). This would happen when a citizen does biometric (fingerprint or Iris) authentication, enters 10-digit mobile number, gets an OTP (one time password) on that mobile, and enters that OTP in the application.
Only then this “verified mobile” flag should be ticked in central Aadhaar database. Thereafter, for all times to come, except for certain critical things, mobile OTP based Aadhaar linked eKYC or eSign can be used. Probably, Samsung and others will come with Aadhaar based fingerprint sensors or even Iris sensors on their mobiles in future (sensors now cost hardly a few dollars, and can be miniaturized), but till that time, non-biometric based, just mobile OTP based authentication systems will lead to much wider use of eKYC and eSign.
Let me also explain the difference between eKYC and eSign. Bank account opening, getting a driving license or a passport or a SIM card etc. – they require the citizen to bring a bundle of papers to prove you are you (KYC- Know Your Customer requirements). Instead of carrying a bundle of papers, you can just key in your 12 digit Aadhaar number, and do an online authentication – this is eKYC.
eSign is another kind of digital signature, which replaces wet (ink) signature. Our CCA (Controller of Certifying Authorities) had according to IT Act, 2000 (Amended in 2008), allowed dongle based digital signatures. Citizen has to purchase this physical dongle after an elaborate KYC procedure, remember a PIN number, renew the signature after every two years, and spend about Rupees 500 per annum. Now, the Aadhaar based eSign is also legally recognized under IT Act. No KYC, lifelong valid, zero cost. Just do mobile OTP based or biometric based Aadhaar online authentication, and any document gets digitally signed. Now Income Tax returns are using this method, and you don’t have to physically send any ink-signed papers.
The tiny nation of Estonia has embedded citizens’ digital signatures into mobile SIM cards, leading to some great applications (including electronic voting).
Imagine if we can embed Aadhaar number into our SIM cards – then eKYC/eSign become further dramatic. Imagine one click, two factor authentication through your mobile for all kinds of payments, signatures, voting, and so on.
One use of Digital Locker to a citizen is obviously to store his/her “Government Papers”. These are typically Birth certificate, domicile certificate, caste certificate, income certificate of parents, matriculation certificate, education degrees, driving license, passport, property related papers, tax related papers, investments/ savings/ pension/ insurance related papers, employment/business license papers, Will related papers, and so on. Final certificate to upload would be the Death certificate (maybe pushed by Municipal Authorities into your locker, resulting in automatically handing over the Digital Vault to the Heirs mentioned in the Will uploaded earlier on the Digital Locker).
Mostly the citizens have “original”, ink-signed and stamped papers available with them. These can be scanned and uploaded. The Aadhaar based eSign will automatically kick in and the scanned papers will carry the digital eSign tag with time stamp (of time of upload). This will be like new-age self-attestation.
These days, a few government organizations have started issuing digitally signed papers (e.g. under eDistrict project). These certificates received over email or downloaded from the concerned website, can directly be uploaded by the citizen to his/her digital locker.
Third, a few authorities (e.g. some school boards) have opened their databases through APIs. Such authorities can be encouraged to collaborate with Digital Locker. Thus, a student can just tell his Locker his board roll number, and then any potential employer or college can dynamically pick up the results from the Board database. There will be great ease of use and full confidence when the Board also has the Aadhaar number embedded in its database. Now pension, scholarship, income tax and many databases are linking with Aadhaar, so this dynamic sharing based on citizen consent will become more important in years to come. The farmer will no longer run around to obtain copy of his land title, he will just tell his plot number to the bank, who will obtain server-to-server land record details and sanction the loan.
Please note that where documents issued by the Government authorities are available in that organization’s database, then rather than uploading an electronic copy into the locker, it is better to just provide unique reference number of that document in the digital locker. The most up-to-date copy corresponding to that document (e.g. citizen may have got address modified on passport) will then be pulled whenever needed. (Single Source of Truth concept)
Ok, the citizen has Signed up for the Locker, uploaded or linked the certificate details, now what next? Various Departments or private organizations have to tie-up with Digital Locker authority to make use of the content (pull content or push content). The Authority has to define Metadata Tags and Standards. When a citizen uploads a scanned Birth certificate, it has to go into a bucket/folder or, tagged with document type called “Birth Certificate”.
Maybe the Name, and date-of-birth have also to be tagged in a well-defined Metadata standard, so that others can make use of it when they pick up this document. The income certificate may similarly define metadata standards/tags for Year-of-assessment annual income in rupees, and so on. Thus, if the citizen uploads scanned document, he or she has to choose the correct document-type, and then key in the data in the core metadata fields associated with that document-type. If citizen uploads digitally-issued certificate, or if the concerned Issuer organization (e.g. School Board) pushes that certificate into the Digital Locker, the document-type and the core metadata has to get filled automatically. Now, let us see how this benefits the citizens or “Requestor organization”.
The citizen logs into Locker, and clicks on “I need a Passport” link. The Passport department software kicks in, and says – “Ok, I see from your Birth Certificate that you are 20 years old, and I see from your Educational certificates that you have passed Matriculation – so your passport won’t be stamped Emigration-Check-Required, I also see your address from your Aadhaar database – no more papers required- I am passing this information to Police authorities to visit your Home for verification – aha, Police system says that they will be visiting you tomorrow evening – here is the name and phone of the Constable who will visit you …. And yes, about the fees.. since you have linked your wallet/bank account with your Locker.. I made a request to bank and have received the fees.. Just fill in these few additional details to complete the Application process … ”.
The Locker software is smart. (My wish list.. ). Once the police verifies the address, and passport is issued, the Passport details automatically go into the Locker, and also the Address part gets stamped with the fact that Police verified on this date. This increases the Trustworthiness of the Address component of Locker. Also, since the Date-of-birth scanned document and Matriculation certificate were used by Passport department, their “trust factor” also goes up. Locker software maintains all kinds of log-trails for this purpose.
“Trust Factor” of any document is important. Scanned documents uploaded by citizen can be forged. Hence, as more and more departments use these documents and verify them, the “trust factor” increases. Another way for the citizen is to pay for verifying these old, legacy documents. NSDL, or other designated Agencies can take Rupees 500 or whatever from a citizen, then visit the concerned Municipal office to verify if indeed the birth citizen was issued as per their records, and then put a digital stamp “scanned document verified by NSDL on … date by physically verifying record with the Municipal Authorities”. Same can be done with Educational degrees. The employers, including private companies like Tata and Wipro, spend lots of time, effort and money in these kinds of verification checks at the time of recruitment. Thus, if the documents in the Locker have enough “trust-factor” by above methods, this can be helpful to so many stakeholders.
In Maharashtra, the joint venture company MahaOnline was implementing eDistrict project, with digital back-end work flow resulting in digitally signed certificates by tahsildars etc. Each Application Form was re-designed to truly leverage the Aadhaar ecosystem. A link “do eKYC” would enable the CSC (Citizen Service Centre) operator to ask citizen if he or she had Aadhaar number, click consent field, do biometric authentication, and then quick eKYC would populate Name, Address and Photograph automatically from Aadhaar central database.
The citizen sitting at Home could also do this, including mobile OTP based eKYC. Next was to add a link in the Form: “Pick up relevant documents from my Digital Locker”. If this particular Application Form requires 4 documents, and 3 are already in the Locker, then the software says “ok, I found 3 documents, this fourth one is missing, can you just upload it?”. Loop is complete when Tahsildar issues Digitally signed certificate, and eDistrict software pushes this into the Locker. Also, the “trust-factor” of 4 documents used by Tahsildar increases.
Can our Regulators like CCA, RBI, IRDA, SEBI, TRAI, UIDAI, CERC etc. agree that KYC process can be radically modified after Aadhaar bill has been passed? Hundreds of crores of Rupees can be saved if Aadhaar based eKYC and eSign are allowed by the Regulators.
The citizen logging into Digital Locker can be treated as “already authenticated and KYC compliant”. Can the links in Digital Locker be “one click and get a bank account”, “one click and get a demat account for share market” and so on? Can Paytm tie-up with Digital Locker and throw a pop-up on login – “Hey, I have pre-approved Paytm wallet with free Rupees 100 thrown in for you… Just click here to start using it..”?
Now comes the real game-changer part! Entitlements! You are a student, a girl student, aged 16 years, studying in tenth standard in a village school, your family income is about 3 lakh rupees per annum, and you are from SC category. Are you aware which Government schemes are available for you?
Imagine that all departments weave their scheme eligibility criteria into the Digital Locker. Imagine the Digital Locker telling you – “Hey, based on your profile in the Locker, I figured that you are entitled to scholarship of Central Social Justice Ministry, cross-checked that you are not already enrolled there, luckily all the documents required were in your Locker, I sent them across to Social Justice Ministry’s DBT software which approved it immediately, and I hope that you have already received the SMS from your bank regarding the receipt of first instalment of your scholarship”. Dream on …
Can the Digital Locker tell a kid – “Hey, congrats on turning 18 years yesterday … I did some back-end work for you, and have got you added into the Voter list .. here are the details… Would you also like me to apply for your Driving license?… “
Who operates Digital Locker? NIC or CDAC? This probably needs a rethink. Organizations like CDAC and NIC working under Deity should work with stakeholders to set Metadata Standards, to get various Ministries and State Governments to collaborate with Digital Locker (as Issuers as well as Requestors of data). Then it should be left to experts. Just like multiple Repositories are working for Demat in Share Market, same way multiple companies be authorized to operate and offer Digital Locker services to citizens. They can onboard private players (Paytm, Vodafone, SBI, ICICI, Tata, Wipro, Universities, Employers, so many others..), they can offer verification services for a fee, and so on. One could try the Freemium Model… basic 20 Mb storage free, consent based sharing for government services free, while charging for other services and extra storage.
Thus the Digital Locker can be much beyond just a dumb storage for your documents. I find the finer debate missing among the stakeholders, and hope that this article will stir up some debate. I am deeply aware of difference between Hype and Ground Reality (between what-can-be and what-really-is). For a balancing act, you may read “Geek Heresy: Rescuing Social Change from the Cult of Technology” by Toyama and also about “Rosser Reeves Trap”. (Just Google)
– Rajesh Aggarwal did his B.Tech in Computer Science from IIT Delhi (1983-87) and then joined IAS (Indian Administrative Service) in 1989. He has served in various positions in Maharashtra and Delhi. He has written a number of papers on eGovernance, and handled a large number of eGovernance projects. This article is written in a personal capacity, and not from an official standpoint
- See more at: http://computer.financialexpress.com/news/unlocking-the-full-potential-of-the-digital-locker/16921/#sthash.VFHhyVvx.dpuf