Being a resolute antagonist of Indian government’s ambitious mega project Aadhar card is not only onerous but may even be perilous. This ambitious project aims at creating a nationwide centralized database of people to uniquely identify them. Biometric details like fingerprint and iris pattern will be used to avoid duplication of identities. Currently over a billion people have enrolled into it without even understanding it’s far reaching implications. They have simply put their faith in Aadhar card when they enrolled themselves in it.
Merely pointing out the problems does not bring any improvement. Exploring ways to solve the problem is worthwhile. This thought motivated me to find better methods of identification without invading privacy of an individual or putting the personal details of the individual at risk.
First of all having one single source of verification is a bad idea. Alternately, having multiple sources to verify a claim is more reliable and less prone to failures.
Answer a simple question.
A criminal have higher chances of getting punished when
a) only one eye witness identifies him
b) multiple eye witnesses identify him
If there is only one eye witness, the correctness of the decision is solely dependent upon the availability and integrity of the single witness. A wrong decision will be made if the lone eye witness cannot show up for some reason or compromises his integrity due to fear or favor. It’s in fact much easier to influence or manipulate a single witness.
On the contrary, an error free decision can be easily made when there are multiple witnesses. Even if some of the witnesses are unavailable, others can testify. Even if some of the witnesses lose their integrity, truth can be found by cross checking the details provided by multiple witnesses. Besides, influencing or manipulating multiple witnesses is far more difficult than manipulating a lone witness.
When the identity of an individual is verified from multiple sources, not only possibility of mistaken identity will be eliminated but even it will be extremely hard for a fraudster to create a fake identity.
Though the government claims that citizen’s confidential data is safe, reply from the government department UIDAI to an RTI proves that foreign firms and foreign spying agencies like CIA have access to Aadhar’s database. UIDAI claims that the identity records of individuals are transmitted and stored in encrypted format. Yet this encrypted data can be decoded if a hacker gets hold of the encryption key.
Privacy and security of confidential data of more than a billion citizens is a prime concern to be addressed.
This problem can be easily solved by using one-way encryption method instead of two-way encryption. Data encrypted using one-way encryption method cannot be decoded at all. Even if a hacker manages to steal one-way encrypted data, it will be of no use to him and the privacy of the individuals will remain safe forever.
It is extremely unfortunate that the government has not mandated one-way encryption technique to encode the confidential data of individuals.
UIDAI should in fact mandate use of such intelligent sensor devices that are capable of extracting biometric information like fingerprint and iris patterns, encode them using one-way encryption method without sending data outside the device. The sensor device should then securely transmit the encrypted biometric pattern data out of device.
One might ponder if a technology exist which can be used to authenticate the identity of individual in a secure manner without invading the privacy.
When it comes to providing safest identification method for the citizens, technology is not the roadblock but political will is!
Blockchain is the promising technology capable of securely maintaining and verifying confidential records. This technology should be used to maintain the identity information of the citizens by different government and non-government organizations using trusted network. The identity information of the person,including biometric details, can be used to uniquely identify the person when the confidential information is stored and transmitted using non-decryptable encoding
I am not against collecting biometic information of the masses but I am resolutely against doing so in a deplorable manner disregarding security and privacy of the individuals.
Different organization like municipal corporations, education department, banks, income tax department, road transport organizations, insurance companies, hospitals and various others should use blockchain technology to maintain identity records of individuals interacting with them. The records maintain by these organizations should be used for identity verification of individual upon request. This system is not only fail safe as there will be different sources for identity verification but also prevent hackers from hijacking or manipulating identity records of every citizen of the country because the identity records of different citizens will be present with different independent organizations.
The functioning of this system can be easily understood in simple terms by an example.
Mr. X is a student. He has his birth certificate from the municipal corporation of his town and his student’s identity card issued by the education department. These departments have stored Mr. X’s idenfication details like name, parent’s name, date of birth, address and perhaps biometric details using non-decryptable encoding. Now Mr X want to open a bank account and he needs a permanent account number (PAN) from income tax department. Mr. X fills up the PAN application form with his personal details and quotes his birth certificate and student’s identity card number as identity proof. Income tax department creates his identity record using non-decryptable encoding and sends the record to municipal corporation and education department for verification over trusted network. Mr. X’s identity gets securely verified by the help of records maintained by municipal corporation and education department. His PAN application quickly gets approved after successful authentication and he gets his PAN allotted within few hours. Later Mr X quotes his PAN along with his other two identity numbers and easily gets a bank account opened for himself.
Few years later his identity record gets deleted accidentally from the database of education department. But there is nothing to worry because his identity record is swiftly restored using the identity records stored in the databases of municipal corporation, income tax department and bank.
In contrast to blockchain based model for identity verification, Aadhar card is crafted as a single source of truth for identity verification and is linked with various other documents like PAN, voter ID, passort and even LPG connection. If Aadhar details of a person gets deleted or corrupted all of his other documents becomes invalid and his life goes into jeopardy unless the Aadhar card details are restored again. As of today, person can get himself enrolled to Aadhar by submitting documents like PAN card, voter ID. But once these documents get linked with Aadhar, they become invalid as soon as Aadhar record is deleted or damaged. Now the person cannot quote PAN or voter ID card to get his Aadhar details restored because these documents are invalid.
The model of maintaining identity records by multiple independent organizations using blockchain technology is effective, elegant and solves all the inherent problems associated with Aadhar card model.
Operational excellence is indispensable and the government, being the most vital organization of the nation, should strive achieving it.
Policies and administrative models devised by the government plays have intense impact on our daily life. Operationally excellent and effective governance model make life our life easier. The government is going to devise an effective model only when well informed citizens push for it. In recent past, aware and well informed Indian citizens achieved historic success in making government to ensure net neutrality.
We the well informed Indian citizens should come together again to restore our right to safety of confidential information and privacy by asking government to replace the flawed Aadhar card model with blockchain based identity verification method.
Eyes opening truth..
sir mera aadhar id inactive ho gaya hai kya aap chalu karawa sakkate hai
I do not work with UIDAI or any Aadhar enrollment firm. Therefore I cannot get your Aadhar card activated. I will suggest you to file RTI to find out why your ID got inactive and use the RTI reply to get your Aadhar active.
I hope this helps.