One ID to rule them all

CHENNAI: A global rating major has flagged concerns pertaining to security and privacy vulnerabilities in centralised identification frameworks like the Aadhaar. The unique ID system has caused ‘service denials’ and the use of biometric technology in humid conditions is unreliable, per the report.

The system enables access to public and private services with verification via fingerprint/iris scans, and alternatives like one-time passcodes or OTPs. However, the report says it faces challenges involving the burden of establishing authorisation as well as concerns regarding biometric reliability.

A concern is regarding a single entity controlling sensitive data like user IDs, which increases the risk of data breaches. Such entities could also dispose of user data for internal or third party profiling needs.

In India, the government has opted to adopt Aadhaar to route direct benefit transfers to beneficiaries of official welfare schemes. It has mandated Aadhaar-enabled Payment System (AePS) for daily-wage workers under MGNREGS.

Referring to Aadhaar as the most trusted digital ID in the world, the government retorted that seeding of Aadhaar in the MGNREGS database was done without requiring workers to authenticate using biometrics and payments were made by directly crediting their accounts sans biometric intervention.

The end-goals of the UIDAI were to ensure that all citizens had a unique ID and to curb corruption in accessing the benefits of welfare programmes by getting rid of fake accounts.

Apart from linking the databases of ration card holders with Aadhaar, the Centre has also favoured Aadhaar for other government to citizen cash transfer programmes. Knocking down duplicates has helped it save in welfare schemes.

However, a CAG audit of the UIDAI released in 2022, had pointed out lapses endangering privacy and compromising data security. Shortcomings in enrolment processes that spurred duplication as well as faulty biometrics were also pointed out. Research has shown how quantity fraud can be perpetrated in the case of rations, and it’s something Aadhaar cannot detect or prevent.

Several citizens in rural regions make repeat trips to ration shops to authenticate themselves. Absence of reliable internet, mobile connectivity for OTPs, and occupational hazards like fading fingerprints of daily wage earners, add to the troubles.

A majority of daily wage workers are unaware of the bank accounts that their Aadhaar is linked to. Many a time in rural areas, such linkages are made without the consent, which leads to wages being diverted to other accounts, without the worker’s knowledge.

Using the AePS, funds in workers accounts have been illegally withdrawn or diverted towards government insurance initiatives. The embarrassing Rs 10 crore scholarship scam in Jharkhand in 2020 is a case in point.

The rating agency has clubbed Aadhaar and recent crypto-centric digital identity token Worldline under digital ID systems that are noteworthy on account of their scale and innovation. India could opt for decentralised ID (DID) systems like digital wallets that are based on blockchain capabilities.

They offer users more control over private data and can bring down online fraud. Regions such as Catalonia, Azerbaijan and Estonia have successfully employed blockchain based systems to issue digital IDs. A review of the Aadhaar system is due, especially on the back of proposals to expand its linkages to electoral rolls as well as private parties.