Home » , , , , ,

A response to Nandan Nilekani on Aadhaar (Updated)


Share on Facebook0Tweet about this on TwitterShare on LinkedIn115Email this to someone

by Anand Venkatanarayanan

This article was written as a rebuttal on the article that appeared in Business Line on April 1, 2017. It might be slightly technical but I will try to keep it within comprehensible limits for a person without Computer Science degree.

(Editor’s note: Changes have been made to the response to Claim 1, following some points highlighted by Pranesh Prakash on Twitter)

Claim 1 from Nandan Nilekani: When seeding and authentication are done properly, the success rate is over 95 per cent.

Response: This is useless at the scale in which Aadhaar is implemented. When a person wants their monthly quota of rations, they are usually asked to provide their UID and fingerprints, just the way you are asked to give your username and password on a bank portal.

However, unlike a password, fingerprint comparison is not a binary Yes/No. There is always an element of uncertainty, which is a basic feature of biometric comparison. The backend returns a probability score between [0.0 – 1.0], which indicates the probability of the match, with 0 indicating no match, and 1 indicating a perfect match. But even a near-perfect match will not be equal to 1.0. Now to say that a fingerprint in the UID database is the same as that of the person, you have to configure a threshold value, say 0.80 above which the fingerprint is accepted as valid and below which it is deemed as invalid. If you keep the threshold as very high, only exact fingerprint matches are accepted, but if you keep it very low, even average matches from others could be accepted.

Advertisement

So it is quite possible that for a single user, the system returns two different biometric matching scores within a minute or so as [0.79] and [0.81], with one being signaled as invalid and the other being signaled as valid, based on how you position the finger, cleanliness of the finger, sensitivity of the system and so on.

This is the fundamental property of the biometric authentication, of not being deterministic like a password/pin comparison, and is referred as the error rate. The error rate does not change across attempts, where the same person scans his finger, multiple times. It is very similar to saying that the probability of head appearing is 50% (i.e. 0.5), irrespective of who tosses the coin. Now assume that the UIDAI system is well designed and is the best in the world and has an error rate of 0.0001%. If there are a billion (different) people trying to authenticate themselves over a period of say one week, the expected number of failed authentications is 0.0001 / 100 * 1 Billion = 1000, which would be a very impressive system and a technological marvel.

However the error rate as Nandan Nilekani indicates, even in the ideal case, is close to 5%. That means the above number would be 5/100 * 1 Billion = 5 Crore incorrectly authentication attempts.

What the error rate means is that almost everyone who tries to use the system, will at some point face an authentication failure over a period of time.

However based on certain conditions (Worn out finger prints, Cracked fingers or just random luck), some of those denied transactions will cluster around a smaller set of people, who would be most impacted.

The above error rate means that a PDS system which was (probably corrupt and leaking) serving X number of people in a state, will suddenly start denying rations to a random set of Y * X * 5/100 people because of the nature of fingerprint authentication. And it won’t be the same set of people month after month. So over a period of time (say 2 years), you would have almost heard stories from many, that they were denied rations, to which they were entitled.

(An unavoidable technical explanation on new variable Y. It is a random variable, which can take any value between 0.0 – 1.0. Since the system will randomly fail 5% of authentication attempts, it might so happen that the same person will have multiple authentication failures, but will eventually get through after multiple attempts. But some will never get through and some will never face an issue. Some will get through in one month, but not in the next month. In short, getting the monthly PDS will feel like a lottery and also very arbitrary. I tried to simplify this behavior by removing Y in the original post, but as @pranesh pointed out over simplification is an error that should be avoided)

Note that this assumes that no one in the new system that uses UID is actually corrupt.

For the people who are impacted, the story looks very different. Assume that the earlier corrupt PDS system had a corruption coefficient of 5%, then the new system will look exactly the same as that of the old system (as Y approaches 1.0). The situation though changes dramatically if the error rate keeps increasing from 5% to 30% as it is observed in states like Telangana (Editor: on this page, choose MNREGA, and dates from 1st January 2017 to 31st March 2017, for three months of data. Screenshot below)

At this stage, for a set of people, the older system of not using biometrics would feel like a far better system than the newer system, because of added factors like quantity corruption (The dealer will not give you 2Kg of rice and would instead give you 1.8Kg of rice).

We can now add other external factors to understand the experience of people who are being served by the UID linked new PDS scheme such as:

  1. Lack of electricity
  2. Lack of mobile phone signals
  3. Spotty signals
  4. Broken (Error prone) biometric devices and so on.

Every new factor thus added to the system, impacts the performance of the system in a negative way.

In other words, the biometric authentication system is fragile. Variance in inputs only worsens it. Mathematically this is called as a concave curve. Statistically this is referred as a system that worsens as more uncertainty is added. In short, it is a very rigid system that only functions perfectly under known ideal conditions, but has worsening performance characteristics under known variable conditions and should be avoided (Point 11).

*******

Nandan Nilekani’s Claim 2: It has, on the ground, cumulatively saved ₹50,000 crores that was being diverted from genuine beneficiaries. How can you call this a fantasy bubble?

Response: Let us say that this number is accurate (though it is contested by Government Of India itself [Point 7, Page 3]). Let us go back to the error rate argument outlined in the previous section. If 10% of the entitled persons before were denied their rations because of the authentication errors inherent in the system, would that count as savings in the new UID linked PDS System? That would be a yes, correct? So in short, the new PDS system actually converts inherent statistical uncertainty of biometric authentication with accrued savings and hence is a fantasy bubble.

One way to puncture this fantasy bubble is with data that can show savings by eliminating ghost PDS cards without using UID. For instance some states were able to eliminate ghosts without resorting to UID as seen here.  Scrolling down to the last part of the above link, shows that up to 2014, states were able to eliminate 1.2 Crore bogus cards without having to resort to UID seeding. The natural question to ask then is ,“Was this UID pre-savings also added to the Rs 50,000 Crores number that is quoted by Nandan Nilekani?”  To be fair to Nilekani however, where conditions are overwhelmingly close to the ideal conditions, seeding UID prevents fair price shop owners diverting rations to non-existent beneficiaries, as noted by the Wire article, but that is miniscule compared to disruptions as the article indicates.

If we were to do a very rough accounting of the impact of introducing UID in PDS system, the following equation would help:

Total Savings = Denying genuine persons their entitlements (A) + Weeding out ghosts(B)

= Error rate * Trials (as described above) + Savings by weeding out ghosts.

For the new PDS linked UID system to work as expected in just form, ideally B should be far greater than A (Let us arbitrarily make up a number here) by 99X. That is for every rupee of savings generated by UID in PDS, 99 Paisa should be from weeding out ghosts and 1 Paisa from denying genuine entitlements. While we already know the error rates as reported by various media reports, what is unknown is number of ghosts as a percentage in PDS, detected by UID. The estimate of ghosts varies wildly, but in some cases like LPG savings, at the least there is consensus about the range [1% – 25%], the difference in the range being attributed to duplicates detected before UID was introduced being conflated with duplicates detected only via UID.

Even if we take the Government Of India numbers as sacrosanct (25% savings via removing duplicates), converting this percentage to actual savings in rupees as the Chief Economic Advisor himself admits is at best a guess estimate and is only suggestive, as quoted below:

“In other words, we made clear that the saving was potential not actual and was conditional on prices and subsidy levels. We did not — and did not intend to — assert that that absolute figure was in fact the actual saving in 2014-15.”

So in summary (B) is debatable and potential, but (A) is real and actual and UID critics are justified in stating that almost all the savings are from exclusion.

Also,

Net Savings = Total SavingsInvestment in UID

and it should be significantly higher than zero to justify the return on investment. Being a fragile technology (as shown above), it requires constant updates and continuous investment and hence ongoing operational investments (Broken finger print/iris scanners, Biometric updates, Demographic updates are examples of updates required). In short the net savings is not a simple number that can be calculated using standard amortization techniques, but is instead a running number that needs to be updated constantly on a yearly/half-yearly basis. The net investment in UIDAI so far is about INR 8536 crore. If we apply a 10% return on investment and convert this to net present value, it would be about 11,134 Crore.

If a public company’s earnings (Net Savings) were this uncertain, its stock value would be ZERO, as the business model of such company would be to deny its users (Exclusion), services they paid for (taxes).

*******

Nandan Nilekani’s Claim 3: Where biometrics doesn’t match, there is OTP as backup.

Response: The latest data from TRAI indicates that rural tele-density is at 52.43%. Note that this data does not indicate the quality of coverage. So when biometric fingerprint verification fails, it means even if the quality of coverage is good, there is a 47% probability that the person may be denied their entitlements. Given that quality of coverage is not good in rural areas, it is quite obvious why people are climbing trees to get their PDS entitlements.

*******

Nandan Nilekani’s Claim 4: There are many reasons for that. Sometimes the seeding is not done properly. I know that it works when done properly

Response: The UIDAI system design is flawed.

There is only one real reason for failures, a poorly designed technology which is not good enough for the use case in question. Consider all the things that are required for UID authentication to work very well on the ground level.

  1. Good quality biometric enrollment templates
  2. Mobile Phones
  3. Mobile Phone connectivity
  4. Quality of Coverage
  5. Fingerprint scanners
  6. Iris Scanners as Rajasthan is trying since fingerprint scanners fail often on the field

Every one of the above adds uncertainty to the success rate and getting every one of the above to work, escalates the authentication cost. The problem is not new and every army in the world faces the same set of issues.

The basic principles of system design which works on the field are:

  1. When things are uncertain or unknowable, prefer decentralization.
  2. When things are very certain, knowable and are within limits, prefer centralization.
  3. Uncertainty on the ground requires initiative to solve problems.
  4. Certainty requires co-operation (synchronized attack or defence) with the central command.

If you apply the above principles (which incidentally all armies use), it is obvious that UID technology and system design in the current form is not the correct solution as it is rigid, fragile and only works when there is a lot of certainty about the operational vectors involved. The only solution that will work on the ground, would be an authentication system that is decentralized and is robust (and probably) performs better, as the uncertainties mount. In short, the technology is broken and will not work except on ideal conditions, which will not exist most of the time.

*******

Nandan Nilekani’s Claim 5: To create a billion-plus user platform in less than seven years; to build a system on an investment of a billion dollars; to have a system which can do millions of authentications a day

Response: If the point is about building a company which had 1 Billion users, the difference would not have been starker. Neither Google nor Facebook are champions of privacy concerns and are known to collect information about user behaviour with obtuse, hard to read end user agreements. They also try to sneakily collect more user data via dubious means like Facebook’s “Free Basics” program. But they simply don’t have coercive powers like Government of India does, when it practically ordered all its citizens to get enrolled into UID or forego their benefits.

Comparing UID with Google/Facebook is a textbook example of false equivalence.

As an individual I can choose not to use Google or Facebook and even if I use these tools, have an option of controlling the data they collect about me (to the extent it is obvious). But not having a UID means, it is no longer possible to be a law abiding citizen of india, after the mandatory PAN-UID linkage, notified by GOI. I can be raided, jailed and my employer may actually choose to not credit my salary, if I don’t have a UID, thus depriving me of the basic right to live, even if I am well off and don’t need any government subsidy.

It is difficult to argue with a state that has life and death power over you and holds a (metaphorical) gun to your head and can ruin your life, if you don’t concede.

I will also argue that such coercion is the reason why the technology fails on the ground as UIDAI is not accountable to anyone but itself.

Google and Facebook would not exist if their authentication works only 95% of the time. And 5% of WhatsApp messages don’t vanish randomly or don’t get delivered.

Our much maligned post office speed post has a better success (98.94%, Page 67, Table 6)  rate than UID authentication. After all when all your users have no choice but to come back irrespective of the service level, what is the incentive to improve things?

*******

Nandan Nilekani’s Claim 6: the current government has adopted the Aadhaar and moved progressively forward. Not only am I happy with what they have done, I would’ve done the same.

Response: We have to ask a different question now:

Is the Indian state so void of moral and ethical sensibilities that it has to ask Bhopal gas victims, AIDS patients, trafficking victims to produce a UID or get lost?

Is the above really progressive? Is this really forward? Do we really have any data on how many fake/ghost Bhopal gas victims, AIDS patients and trafficking victims are there, who draw their meagre pensions/sustenance subsidies from Government Of India? Now assume that you were indeed successful in coercing them to get their UID, can anyone absolutely guarantee that they will still receive their entitlements? After all, as if they have not suffered enough, the fingerprint scanner failure is one more suffering that they have to endure? Is providing them a small level of dignity by excluding them from this fallible technology, that big a savings for Government of India?

Isn’t a system that cannot understand human dignity is not a demon itself?

*******

Nandan Nilekani’s Claim 7: Because people were replaying a biometric. You cannot steal data from the Aadhaar database.

Response: What is Aadhaar? Is it the database that stores biometrics? Or is it the ecosystem around it? UIDAI’s strategy so far has to confuse everyone about the safety and security aspects of the two.

While there is no information about security leaks in the database that stores the biometrics, there is now enough data to show that the ecosystem around it leaks like a fire hose.

Most of the sensitive personal information about UID holders is still available by typing a google search. The primary design problem that the ecosystem enables by design choice is the caching of data, the moment e-KYC as a use case became an added application.

Let us talk about threat models here. The threat model for stealing biometrics is not from the database because it is probably too hard with a whole set of unknowns. It is far easier to steal the biometric at source, not during enrollment, but during verification. Consider the (modified) attack vector as shown in the eMudhra replay attack:

  • Buy a STQC certified Fingerprint scanner.
  • Ask users to verify for availing a service (It could even be payments).
  • Cache the biometric, while also sending it to the AUA (Authentication User Agencies).
  • Adjust the stored biometric slightly, every time by adding controlled random noise so that the matching algorithm still matches the biometric, but the minutiae vectors are not the same. (Simulate a slightly different human finger press).
  • Keep collecting biometrics.
  • Launch a single replay attack on one day on all the compromised users and vanish.

For this scheme to work, all you need is one compromised verification point, which uses biometrics.

A biometric once compromised is compromised forever.

Hence systems that use biometrics for authentication, usually are deployed in controlled environments which limit their usage to two/three factor authentication and not as a primary means of authentication. The pervasive use of biometrics exposes the ecosystem to these type of risks. The fact that the central DB is itself secure will be irrelevant over a period of time.

It is now obvious that the central design principles on which the UIDAI project is built upon, by focusing on the security of the CIDR is irrelevant, because it has not taken into account the presence of a motivated adversary, who can work around the system by focusing on verification points and not on enrollment points.

So how would a normal user know that their biometrics is being stolen by a fake STQC certified scanner? The answer is probably never, until it’s too late. The authentication error rates that will happen often, will mask the user from ever knowing if they are indeed parting their biometric to a fake-labeled certified scanner.

The design choice of using biometrics for day-to-day transactions is the choice that enabled this risk. It cannot be fixed by law, because the technology and the design choices used itself is broken.

*******

Nandan Nilekani’s Claim 8: Millions of people without any ID, now have an ID.

The really best data that we have here is from UIDAI itself. Out of 83.5 Crore UIDs, only 2.19 Lakhs were UIDs which did not have any existing ID proof, about 0.03%. So factually the claim is incorrect since only 10 lakhs and above qualify as a million.

*******

Nandan Nilekani’s Claim 9: Their purpose was not development, inclusion, saving government money or curbing corruption. How can you compare Aadhaar with the smart card project in some other country? Even I would have disbanded those.

A quick google search and clicking the first search result would have invalidated this claim. The UK identity card project was actually sold as a means of checking entitlement claims, misusing public claims.

However, rising concerns about identity theft and the misuse of public services led to a proposal in February 2002 for the introduction of entitlement cards to be used to obtain social security services ..

and that they “did suggest, or at least implied, that they might well be a panacea for identity fraud, for benefit fraud, terrorism, entitlement and access to public services”. He suggested that they should be seen as “a gold standard in proving your identity.

It is difficult to get a man to understand something when his legacy depends upon his not understanding it, and those who ignore history (Government of India) are condemned to repeat it.

*

Anand Venkatanarayanan is a Senior Engineer at Netapp. Views expressed here are personal and do not reflect the views of his employer

Note: This post is published under CC-BY license. You may republish this post with credit to the author: Anand Venkatanarayanan

Share on Facebook0Tweet about this on TwitterShare on LinkedIn115Email this to someone
  • gajanan pandit

    Its Pathetic as someone find fault in every system.
    If you have a better alternative then only criticize otherwise don’t create confusion.
    I think UID PDS is the best system till date

    • Selvi

      The UID is fine as long as it is not forced down our throats. Why this coercion to link it with bank accounts, PAN, IT returns?

      Do you invest all your money in one asset, No. Similarly, it is not advisable to store all data of an individual in one database. Biometrics change depending on the profession that you do. Manual laborers finger prints don’t remain the same over a period of years due aberrations based on their work and what happens if in an accident, eyes are also damaged — the person cease to exist in UID database. That is the person who will need maximum assistance from the govt. and that will be the person who will be denied assistance!

      • point

        person missing has to approach and get Aadhaar.. the criticisers can help in those matters than criticising unneccessariily

      • gajanan pandit

        It has to be as there are peoples with multiple fake ids. they do this to skip IT, hide finances that is against national interest
        the presumption for change in bio metrics is not true either you can update the data n no of times i have done 3 times to change address, put DOB and to add email as well as phone no change its easy

        • Chandra Prakash Gupta

          I am in agreement with you. Recently, I have read about people using abbreviated/ different names at different places. With AADHAR not allowing use of special characters in names and accepting very long names, such people are being caught. I know people having multiple PAN with names like K.S. Chauhan/ Kuldeep S. Chauhan. Income tax treats them as two individual with same DoB but AADHAR does not and so such people are caught there.

      • srini K

        And why not if one genuine id is insisted upon? You seem to be fine if one person has several PANs, several IT returns etc. See no harm in having identifier across different data bases unless one is worried about getting caught.

        • shaan7

          I don’t think anyone is agreeing that multiple PAN cards etc are a good thing – that problem is real. However, the solution is not Aadhar – at least not in the current state. The major problems, imo are three-

          * (quoting from article) A biometric once compromised is compromised forever.
          There are two parts of information security – 1. making sure the information is as secure as possible, and 2. if the information gets compromised, there should be steps to minimize damage. Now the Govt and UIDAI are boasting that the DB is secure, lets say we trust them and it solves the first part – but what do you do about 2?

          If your password gets stolen, you change it; if your credit card number gets stolen – you change it. What do you do when your biometrics are stolen? Get new pair of eyes? And hands?

          * Once my biometrics are taken, I no longer own them. Read that again, *I* do NOT own my own fingerprints and iris scans! And now they belong to an entity who is not legally responsible for taking care they are not compromised. Aadhar Act doesn’t require them to report me if my data was stolen – nor does it give me any way of verifying so otherwise.

          * And finally the fact that the article talks about how it is possible to steal someone’s biometrics by just saving them at point of verification.

          The sad thing is that neither UIDAI or the Govt even accepts the problems and instead are making it illegal for me to not give my biometrics to an insecure system. A lot of people compare it to fingerprints during Visa applications – but its completely different. I can live without a US/Schengen visa if I don’t want to give them my fingerprints. But if I don’t want to give them to UIDAI, the only way is to leave my own country!

        • Wonderfull Comment I LOve It
          http://freedomapks.org – Adaway Apk

    • Anand Venkatanarayanan

      The alternates have been told to GOI for a very long time (From 2011). See this http://cis-india.org/internet-governance/front-page/blog/privacy/letter-to-finance-committee. So we had two technologies, the costlier, useless one and the cheaper, made in india, useful one. But we chose the former.

      • gajanan pandit

        Only thing i agree is regeneration if i lost my UID no (of course its saved in bank, gas, IT, phone company all around us) i can’t get the number at present.

        I strongly disagree with Smart card based SCOSTA standard

        • Anand Venkatanarayanan

          First Argument: There is no alternative. Stop criticising. Tell better alternatives.
          Second Argument: I don’t like better alternatives, with absolutely no data or evidence to back up “Why you disagree?”.

          If biometric authentication worked as expected, I would not have written this article. I have sufficient data to have an opinion and will change my opinion if the data changes and problems on the ground are fixed.

        • gajanan pandit

          OK now why i disagree
          1. Very few persons carry any cards and remember pins in rural areas like for example ATM Cards (Debit / Credit) see the penetration till date https://www.rbi.org.in/Scripts/PublicationReportDetails.aspx?UrlPage=&ID=840 also those using the cards max use at ATM than at POS so its less accepted.
          2. If Fingerprints can be copied or forged then Card as well as PIN duplication also a known entity. (Bio metric includes Retina scan and photo also with demographics)
          3. Centralization is Certainly better for authentication errors if the data is changing continuously as of some addition some modifications, although i agree to have a offline ways of decentralization ( like PDS system should record only bio metrics to verify later while online thus nobody will deprive of benefits but if found misuse has way to punish)
          4. I think Closed standard are better to protect privacy than open standard.
          if a common man given a option to choose whether to carry a card and remember a PIN or to verify bio metrics that they carry always which one will they choose you think ?

        • gajanan pandit

          I also agree your opinion and problems but think that can be answered with some modifications in existing system with better implementations

  • Dijil Raj

    For rebuttal to Nandan Nilekani’s Claim 3 is the author assuming that all the finger print verification failures would occur in areas where there is poor network connectivity? Only in that case he can say there is 47% chance that a person may be denied their entitlements. In actual case this number would be much smaller as finger print verification failures can be overcome by secondary means of authentication like OTP in most cases.

    • Chandra Prakash Gupta

      Kindly read my comments that only one member in the family needs a phone.

    • Anand Venkatanarayanan

      The error rates are linked.
      1) Basic finger print failure rate irrespective of conditions (Even perfect conditions).
      2) Scanner error rate. Long use in rugged conditions creates wear and tear that increases (1).
      3) Mobile network error rate.
      4) No coverage.

      Finger print authentication only works if (1)-(4) are all working. And when it starts failing OTP is not an option for most because of (3). So if OTP comes after 3 hours what use is it, even if you have a phone? If you overlay areas with low or medium coverage and PDS shops failure, the rejections will match perfectly. Better coverage equals better acceptance, but our mobile infra. does not match the requirements of this technology. Since this adds another layer of errors on top of biometric, we have lots of errors on the field.

      If we keep UID, fingerprints as it is and switch to SCOSTA, it will be a better system and low cost. Unfortunately that was not done.

  • Chandra Prakash Gupta

    The rebuttal in Point No.1 is based on the fact that EVERY PERSON whose fingerprints do not match in the first attempt will be denied the benefits. However, it is not TRUE. In every biometric authentication, denial is not based on mismatch of one finger. In AADHAR also, the fingerprints of all the 10 fingers are captured. Authentication will fail only if all the 10 fingers do not match which is possible only when the person is not the one claiming to be. Further, score of two persons will never be so close as suggested. Hence, the rebuttal is short on logic.

    • Anand Venkatanarayanan

      This is based on incorrect understanding of error rate. All biometric systems have an inherent error rate, irrespective of the finger used or attempts made. The inherent error rate will be present even in ideal conditions (Perfect fingers, Perfect network connection to UIDAI, Perfect Scanner). There is no way around it and is the limitation of the technology used (Unlike a Smart card PIN, which is always deterministic or absolute)

      From the manual of systems used in UID (See https://www.tractica.com/biometrics/in-biometrics-which-error-rate-matters/)

      “Three error rates are commonly discussed relating to biometrics: the false accept rate, the false reject rate, and the equal error rate (or crossover error rate): the point where a biometrics’ false accept rate and false reject rates are equal.”

      All biometric systems have to choose a difficult trade off. Keep acceptance very high (Smart phone use case) and get lot of false rejects (OR) keep acceptance rate low (convenience use case) and risk false accepts (Someone else’s finger matching yours).

      I am not making this up. Every biometric system behaves exactly the same way. UIDAI did choose a high threshold and that is the only reason for these high reject rates, but it is killing the use case (More false rejects means people are getting angry) and making GOI look very stupid.

      They can fix it overnight (additional cost is not high) using SCOSTA standard (written in india for india specific use cases) and moving towards biometric smart cards which perform far better on our conditions.

      • Chandra Prakash Gupta

        This suggestion was not reflecting in your earlier post. Every fuzzy based system has similar limitations. I can comment on SCOSTA only after I read about it.

  • Chandra Prakash Gupta

    Rural teledinsity of >52% is based on head count and not family count. In PDS, it is the fingerprints of the head of the family. If you go by the family coverage, almost every family in even rural India has a mobile phone. Thus, the argument is absurd and speaks of the prejudices of the author. The reality is that after linking of PDS with AADHAR, almost all such persons who have been looting the country in the name of poor have lost their livelihood and thus crying foul.

    • The author gave a credible reference for his claim of 52%. What is your reference for “If you go by the family coverage, almost every family in even rural India has a mobile phone”?

      • Chandra Prakash Gupta

        You can read the article http://www.livemint.com/Politics/kZ7j1NQf5614UvO6WURXfO/88-of-households-in-India-have-a-mobile-phone.html. You can also make simple calculations based on totla subscribers divided by an average family size which is 4 in India. The full survey is also available. The data was collected in 2016. Since then, many more families are covered.

        • Anand Venkatanarayanan

          Sorry, but things don’t work like that. Having a mobile connection is not the same as working connection. You have to overlap coverage data on top of that and also signal quality and also the PDS shop opening time. If you got the OTP 4 hours after the PDS shop owner requested it, it is useless and it happens a lot. The only real data we have on PDS UID performance is from PDS itself (See telangana link above) and it is not good.

          So OTP as a backup option, is not a good option that is working. Let us not confuse the argument with non-reception of OTP (Primary argument) with things like family size.

        • Chandra Prakash Gupta

          OTP is sent through SMS with 10 minutes lifetime. It requires very little bandwidth in comparison to voice calls/ data transfer and so signal quality is not an issue with SMS based communications. Further, OTP is used only when biometric authentication fails. Signal quality is highly dynamic in nature and depends on so many factors. Hence, it is not a valid argument. Even if we make calculations based on 5% bio-metric failures with 5%(which is very high) failure rate for SMS, number of transactions declined is abysmally low. Further, one does not loose his share under PDS if authentication fails once. So, to say that linking PDS with UID using OTP as second alternate is unjustified, is incorrect.

        • Anand Venkatanarayanan

          I am working on data set produced by AP on various modes of authentication used and failure rates used. They have data on biometric failures, biometric + OTP, biometric + iris and so on. The real challenge is converting failure rates to impacted people. We only know approximate number of impacted people because it is a true random distribution (0.3 * percentage failure * 100) . Read the updated section on Point 1 again. As of today the system functions like a lottery. I am working on how to convert % failures to impacted people like an interactive graph. Will add this when it is ready. Until then we have no choice to rely on ground level data and percentage failures.

        • Chandra Prakash Gupta

          I am unable to open the link. Can you send me a pdf version at guptacp2@rediffmail.com

        • Anand Venkatanarayanan

          Which data or link do you want me to send to you?

        • Chandra Prakash Gupta

          That AP and Telanagana data which you have cited in your earlier response.

      • Chandra Prakash Gupta

        Even the fact presented is half truth. You can read the TRAI data referred to by the author here http://www.trai.gov.in/sites/default/files/Telecom%20Sub_Eng_pr.03_09-01-2017_0.pdf. 52.43% is only the rural tele-density.

      • Chandra Prakash Gupta

        If you talk about total subscribers, it is 1102.94 mn at the end of Oct. 2016. I understand, these are sufficient factors to understand the motive behind the rebuttals.

    • Anand Venkatanarayanan

      I will make a very simple argument. If reality is what you say it is, there would be *ZERO* failures on the ground and every day, there would be glowing reports of the success of PDS using UID biometric authentication.

      1) There would not be wide scale reports of disruption.
      https://scroll.in/article/805909/in-rajasthan-there-is-unrest-at-the-ration-shop-because-of-error-ridden-aadhaar

      2) People won’t be climbing trees to get rations.
      http://timesofindia.indiatimes.com/india/need-internet-to-buy-pds-rations-go-climb-a-tree/articleshow/57437975.cms

      A note on calculation of tele-density:
      * Telephone connections are real.
      * But population is projected (Extrapolated at a constant rate from last census).

      It is a very meaningful indicator, but does not and cannot say, if every family has a mobile phone. Take this PDS Data for instance from AP (Use ALL to see all data in one screen) :
      http://epos.ap.gov.in/ePos/BFDDoneCard.jsp?district_code=549&office_code=549033&office_name=Bestavaripeta&shop_no=0833035

      There are many entries here which have no mobile numbers 60% and lot of families with same mobile number (Village Headman). So there are really no backups if authentication fails. Tele density is just a number used to predict things, but since you are not convinced, I also posted the actual data from AP.

      You also seem to be implying that I am impacted by PDS linkage with UID. I live in Bangalore (See my linked in link),and never needed any type of subsidy all my life and never had a ration card and opted out of LPG subsidy, when #GiveItUp was launched. I lived near a PDS shop and understood how it actually worked and used to do social audits. The point I was trying to make is UID PDS linkage is not working on the ground. Saying it based on data is not supporting corruption.

      There are many ways to make UID PDS linkage work (See my post above on SCOSTA Standard), but the powers to be should first acknowledge that it is not working to make those changes. Denial that the current implementation of UID+PDS is not working will only add more to the existential anger that many of us feel that our country is full of corruption. We need better solutions than what we already have and SCOSTA will get us there.

      • Chandra Prakash Gupta

        I am from Rajasthan and here PDS is completely linked to AADHAR. I have not read any report of people being denied their entitlements under PDS after the initial difficulties were overcome. The news item presented does not mention date of incident and is thus not sure when did it happen. Unfortunately, in India, only negative news is the real news irrespective of the percentage of success. People climbing trees is analogous to persons needing to rush to the gate of their home to hear a voice call as well. Such incidents may happen and will continue to happen but the telecom companies are taking care of all these issues and this you should have experienced in reduction in call drops over the last 6 months or so. Rejecting an initiative aimed at preventing leakages and which has proved to be effective on the basis of abysmally low percentage of failures is like not allowing a child to attempt his first walk for the fear of falling down and getting injured. Attempts should be to overcome the bottlenecks in implementing the system rather than disbanding the system.

        • Anand Venkatanarayanan

          I share the same disdain for media like you. They don’t provide links, dates and access to raw data, where in CS we are advocating open data for everyone. But not believing anything because they are generally not correct will not lead to better outcome. Instead ask them: Where is the source? Provide links. Provide raw data. And argue with them on data. If they don’t respond, ignore them.

          But don’t deny that percentages are low. That is motivated reasoning because you don’t want UID to fail. it is real (again see telangana data). The impacted people are real. I also don’t want to see corruption in my country. But the solutions have to match up to the claims. And the claims have to be verifiable by you and me. Otherwise we are just shouting in the dark, and nothing good will happen.

          Asking Qs does not mean I want to disband the system. If you assume that, it is motivated reasoning and no matter how much data, I show you from govt. sites itself, you will call it fake and eventually you will call me names. But here is the problem with that. The system will just remain the same. And your children and mine will face the same problem as you and me and we would have achieved nothing. That would be a very sad outcome for everyone.

        • Chandra Prakash Gupta

          I have requested my friends in media to take this survey of finding the failure rates in Rajasthan and hopeful that I will get the information. I will also try to get data from the State Government on % of failures. What I understand is that no system can ever be perfect to 100%. The results of linking PDS with AADHAR so far have been encouraging and we need to fix the issues which can further improve the system rather than simply criticizing the system and pray for disbanding of the system. I am aware of the failure rates in the initial days of rolling out the revamped PDS in Rajasthan but I am also aware the efforts few officers have made in making it a success. There are politicians and touts who are badly affected due to revamped PDS in Rajasthan and are making similar noises. Govt. of Rajasthan planning to implement IRIS is an attempt to improve failure rates and I am well aware of the entire project.

      • Chandra Prakash Gupta

        The TRAI data cited in your article has suggested a 52% teledensity. Teledensity is defined as number of telephones per 100 persons. With less probability of women having a mobile in rural India, 52% teledensity suggest that almost every 3 male in the villages has a mobile phone assuming that women have half the share in teledensity in comparison to males in rural India (Though it is also very high). In a family of 6 persons, it converts to 2 phones every family. People listing villagehead phone number is actually a game played by these people for stealing their share. These persons in collusion with corrupt officials are able to enter into such arrangements.Requirement is to find such patterns and verify if it is for not having mobile phones or for the reason as I see.

        • Anand Venkatanarayanan

          If you are suggesting that for fixing UID, every family in Rajasthan
          * Should be given a mandatory SIM Card.
          * Telecom providers should ensure coverage in rural areas

          I will support you for CM of Rajasthan:-). But when you do that, the cost for implementing this has to borne by the state government (responsible for PDS) and so far, states are not very keen about taking the extra cost. There are two parts to any project:
          * Savings generated by implementing the project.
          * Cost for generating the savings (Nothing comes for free, even UID).

          UIDAI has born the cost of implementing UID (funded from central govt). Schemes for subsidy are on states and they have to pay for extra cost for generating savings. It is true that by pouring money, we can improve the error rates greatly, but it will increase costs and decrease savings (and can actually make it -ve in some cases. Another article i am working on). So a project like UID has to be technically and financially viable, not just technically viable and financially -ve.

          That was the second point. You are getting stuck on the tele density argument for too long and missing the bigger questions, I am asking.

        • Chandra Prakash Gupta

          I can feel the pain you are going through on not being able to prove your point based on your own data. My point is almost every family has a mobile phone which you have been denying on the basis of teledensity of 52%. Further, irrespective of amount of money spent, telephone coverage will be missing in some areas at some point of time for reasons other than telecom infrastructure availability. Take for example, on a rainy day you may not get sufficient mobile connectivity at some places. Similarly, signal strength may be poor under a huge tree or inside a tunnel or sometimes deep into forests. For any project, the cost-benefit analysis is based on covering a targeted section of the society. No project can be discontinued if few percentage points are left out. We will require to devise an alternate way to reaching those few percentage point people.

        • Anand Venkatanarayanan

          A few percentage point are the most vulnerable and that is not acceptable system design for a project of this scale. It shows that we don’t have empathy for this people and experimenting on them. We are talking probability here and that is kind of difficult to reason with. Having a sim card != Getting OTP in time. That was additional factor. Getting OTP in time = Going back to the Queue and day lost. A PDS shop is not open all the time. if you think about all this, then you will understand the broader arguments.

        • Chandra Prakash Gupta

          Problem in our country has been that on the ground of people not being educated, we have not implemented so many reforms. At the same time, we have also not made any effort to make the people educated rather we have made every effort to deprive the people of the education. Similar is the case here. In the name of not depriving the few percentage of people, we are criticizing a system which is resulting in huge savings which can then be used in other ways to benefit this section the most. The best example of this is #GiveItUp. The savings are being poured back and 20mn houses have been provided LPG connection. Earlier, the people in whose name, subsidies were being distributed were not getting the benefits. Another similar case is free electricity to farmers in Punjab. There is no electricity and so every body is free from electricity and the most vulnerable are the biggest suffers as they do not have money to buy expensive DG sets. Hence, we need to look at the larger section of the society and stop branding such people “anti poor” as done by naxalites and so called socialists. No Government is charging for water supply but is also not providing quality water. And the most poor in whose name this is almost free is not getting water or purchasing it.

        • Chandra Prakash Gupta

          Queues in Rajasthan has disappeared since the revamped PDS was launched. The another initiative has been converting the fair price shops into multi-utility shops selling large number of other products. This has helped the poor getting better access to the fair price shops and also making the fair price shops economically viable to the operators which was not the case earlier.

        • Anand Venkatanarayanan

          I think that these PDS shops must not be in Rajasthan then, if what you are saying is true.
          https://scroll.in/article/806243/rajasthan-presses-on-with-aadhaar-after-fingerprint-readers-fail-well-buy-iris-scanners

        • Chandra Prakash Gupta

          Read the date of the article. It is one year back, the time the system was being rolled out. The system has now matured and working to the satisfaction of the people. The scheme is named as “Annapurna” stores. Under this scheme, fair price shops have been allowed to sell large number of daily use items like soap, pulses, common salt etc.

        • Anand Venkatanarayanan

          Ok. Then after I finish AP, i will start hunting for data in Rajasthan PDS. If you find authentication data in rajasthan, send me back a mail. I will send you data for telangana first to your mail box first.

  • Rohan Samal

    Good article

  • Aam Admi

    Such criticisms are welcome and indeed necessary to make UID robust.
    I agree that Aadhar should not be reason to deny anyone benefits, this point even SC has made a judgement. Hence, I am not sure why there is this feeling.

    Many points stem from the presumption that all Aadhar authentication in machine based + internet. However, this is not true. Many times you just need to flash your Aadhar and it is done.
    Hence, like any process acceptance there shall be progress based on physical reality of the situation.

    UK report seems irrelevant to me. If we fail …. then we fail ….. we will not fail because UK was first to fail.

    • Anand Venkatanarayanan

      My arguments was not based on presumption. Presumption means * I already have a view w/o data*. For the benefits I have studied, PDS, MNREGA which target the poorest sections of society, UID card is not enough. Biometric authentication is mandatory. And authentication error rates on those schemes are too high.

      UK report is very relevant because their internal prototype testing did show that error rates are high and was one of the reasons (there were many), why it was junked. Our life is too short to learn from all the mistakes that we make. A smarter choice is to learn from mistakes other made, so we don’t have to repeat it. In this case, all the data was there, but it did not seem to matter.

      • Aam Admi

        Like you mentioned in the beginning of your blog, many things are technical and you are making an attempt to make it easier.
        I felt that current system works on Card and not on biometric authentication.
        You may want to emphasize on this point since it did not occur to me this way.

    • Chandra Prakash Gupta

      SCs refusal is purely on legal grounds and not on technical grounds. No law has been passed by the Parliament making AADHAR copulsory. Without such a law, Govt. can not make it mandatory for welfare schemes. This is an established principle in law.

    • nikhilsheth

      if we fail for the same reasons why UK id project failed then we will be WORSE than UK because at least they failed due to lack of info, while India failed because of a hubris of being too smart to fail. And kindly note : failure doesn’t mean getting caught out by the courts (which will lead to moves to compromise the courts here). Failure means setting up something so stupid and being so oblivious about it that it took a court to show you the mirror.

  • bulletman

    For those who are still eager to give Aadhaar a chance, please understand what you are signing up for: http://www.medianama.com/2017/03/223-aadhaar-biometric/ . Aadhaar should be rejected in its entirety and its promoters booked for sedition.

  • Anu

    In claim # 1 author claims — “earlier corrupt PDS system had a corruption coefficient of 5%” — this is gross underestimation. Earlier PDS was at least 60% if not 85% corrupt. With out 14paise of a rupee reaching the actual beneficiary.

    This article is riddled with such incorrect data and assumptions.

    Aadhar does have privacy implications — which can be addressed by building up capability in police to quickly arrest and solve POS identify theft cases.

    • Anand Venkatanarayanan

      No. I did not say that the earlier system had 5% corruption. Please re-read that section. I merely pointed out that the new system has to perform much better than the existing system, for people to believe it is solving corruption. At the end of it, irrespective of what system we build, experience of people should be better.

      Put yourself in common people’s position and imagine the old system. You visit the shop and the guy says there is no ration because it is over. You know he is lying, but you have no recourse. Now the UID based system comes, and it has lots of failures, say around 25-35% as the data already shows. And since biometric authentication fails, you don’t get rations. From your point of view, it is still the same. Earlier there was a PDS dealer whom you can argue with and even beat him up:-). But can you now beat up a finger print scanner?

      Notice that the actual level of corruption in the old system does not matter now. It is just that for the person who was denied his rations, they will exactly look the same. And as the error rate increases, he will disbelieve the government even more. That is what I was trying to point to.

      I will repeat again that my argument was *never* that the old system had 5% corruption in this article.

  • rameswar pattanayak

    Whatever detractors may say, Aadhar is bound to drastically reduce if not decimate multiple identity holding and impersonation. Using multiple identity holding and impersonation cannot be without criminal intent.

  • senthil

    Excellent Points.. the most important is point#7 .. at verification points, the user’s fingerprints are stolen at rapid scale, as the AADHAAR is used by more and more people.

    Any one can steal electronic data of a person’s finger print, and can simulate it electronically, or by recreating physical layer of that finger. Imagine a thin micro layer of a person’s aadhaar worn on another person’s finger.. the biometric cannot detect these fake pingerprint masks..

    • Chandra Prakash Gupta

      Stolen fingerprints have the same matching score all the time and are caught. Recently, UIDAI has registered criminal cases against few banks. Requirement is to amend the system so as to reject the fingerprints if the matching score is the same for few transactions and also from if authentication is being done from multiple locations in an unreasonable time span.

  • ಗಿರೀಶ್

    Good article by an AC room Argumentative Analyst! Needless to say the author sees whole thing through a colored glass. Of course, looks like this guy lacks a ground level experience. If I have an intention to hang on to every sentence & word whoever says it, I can show off my English & argumentative knowledge.

    The link provided in Claim 7 doesn’t give any Aadhaar numbers list as mentioned there. Rather it shows some training materials related to Aadhaar! Author needs to look at all the facts first before making a big gung-ho about it!

    I’m not saying Aadhaar is 100% foolproof. Give me one example in the whole world for a man-made system that is 100% accurate & efficient. Errors are bound to happen in such large systems. That is why they “evolve” through improvements and feedback mechanisms.

    Such points need to be directly sent to right authorities rather showing it off in a pompous manner like this.

    “It is better to keep your mouth shut and let people think that you are intelligent and wise; than opening your mouth and proving otherwise”.

    • ranjit roy

      exactly! practice what you preach!

    • Anand Venkatanarayanan

      A very good example of a system that works all the time 100% is a door key. There is just a simple lock and it opens when the right key is inserted. We have lots of slightly complicated examples of this type in the digital world like:
      * A Credit card/Debit Card with a PIN has better success rate than biometrics, if all the other parameters are same.
      * SCOSTA Standard (Developed only in India for Indians) is a very rugged, 100% success rate, de-centralized authentication system, and works w/o internet.

      The error rate is because of the use of fragile technology, not suitable for our country. And these points have been sent many times (from 2011) to everyone concerned and they still choose a system that is costlier and error prone because of the belief that complex technology is better than simple, made-in-india-for-indians technology. That is the sad part. We could have show cased to the world, that we can do it better than anybody at 0.01% of the cost, but we missed it.

    • nikhilsheth

      luckily because of critics like this author pointing it out, google and other search engines have been alerted and have censored out the aadhar data from turning up on their search results. But that doesn’t prove the author is lying : if someone alerted the cops about a bomb on the train and they defused it and the train didn’t blow up then would you accuse the alerter of being a hoaxer?

  • srini K

    Too many generalisations and factual inaccuracies make this article prejudiced. While some points are valid and must be addressed by UADIA, the author started writing the article with an assumption that he has to oppose the move of linking Aadhar as an identifier across different databases. Infact, overtime, it will be a great idea to just use Aadhar and dismantle all other discrete data identifiers. The argument that Aadhar was never conceived for this purpose is lame. When i started my life, i never intended to be what i am today. Overtime, one must keep adapting to new realities of capabilities and aspirations!

    • AmarKanth

      Well you see, your idea of walking around with a dog tag in full public view does not gel with other sensible people. In its current form, an Aadhar can be forged very easily, to create other govt issued ids to eventually get a passport. Can you even comprehend the security issues involved here? Change for changes sake alone is dumb and you are a sitting duck.

      • srini K

        Tx. Not sure why walking around the dog in public view is insensible, esp if the dog and tag are legally mine!! And yes am sensible enough to understand the risks and benefits!!

        • AmarKanth

          oh! you mix up the first person usage i employed here. By dog, i meant you. So let me rephrase. If you are ok with displaying you addresses, your personal info to others and walking around town, it does not mean other people would like the same. A quick google search will reveal how easy it is to get hold of aadhar card details from a particular website and i have tired it, it works. So no. From my perspective, you are not sensible enough.

        • srini K

          Sure, you have a view and so do I. That doesn’t make you an intellectual nor I an ‘insensible’ bloke. Good luck to you!!

    • ranjit roy

      like mass surveillance? identity theft? denial of essential services? are you aware of the implications at all?

      • srini K

        No I don’t understand mass surveillance! Am more worried about the sky falling on me!!

    • Anand Venkatanarayanan

      I would urge you to point me to the factual inaccuracies or logical inaccuracies in my article. The primary reason of putting this in a public domain with all the clickable links backing my argument with data is to enable readers like you, to counter factually or logically inaccurate statements.

      I am as prejudiced to UID as the data indicates. In an alternate world, if nandan had claimed a 0.01% error rate and the field trials substantiated it, I would not have written this and would have hailed him as the next tech czar, made in india. All my arguments are against the use of fallible use of biometrics for transactions. I did not argue against UID or about linking them across multiple local IDs in this article. I pointed out that the choice of technology used is not working on the ground.

  • Jeetendra Sharma

    I find it a biased article.
    While I am not sure about the Claim #7, rest look like the author is sitting in a GD for campus placements and has taken a stand against a subject to just differentiate himself from other participants.
    The 30% error rate is normal in biometric authentication if we considered following points:
    1) People are not used to it and are not aware about the right position for the finger.
    2) Even the Machine Operators may not be trained completely.
    3) False Error Rate may be higher to keep False Acceptance Rate Lower.
    Now a days people even forget their passwords, and try 2-3 times to get the correct one; that doesn’t conclude that the authentication method itself is wrong.

    • Anand Venkatanarayanan

      There is as much bias in the article as it shows up in the data, I have. In other words, I don’t have any other extraneous motive. It is what the data shows. The question we have to really ask ourselves is not about the error rate, but the impact on common people who use the system and how they will perceive it to be. Let us give it to GOI that they have the right motive of eliminating corruption in PDS using UID. UID based new system has to be better than what we have already or the perception battle is already lost. Doing biometrics was the implementation decision that made it this worse. If they had used a smart card based system (like our Credit/Debit/Prepaid cards), it would not have been this bad.

      Also as a CS engineer, I normally feel offended and take it as a personal insult, if the system I have developed works only 95% of the time in the best case. I work very hard to fix it and take blame on myself. Here all I see is some third party did not know how to use it, training issue etc.. If I say these things in my job, I will be fired for incompetence, period. The impact on the ground about the system is real and it offends me that as a country, we just could not do better than this, when a small design change would have fixed most of these issues. That is the real motive to write this article. We should have done better than this, even though we knew the smart card alternative for ages, but we did not.

      • Carlos de Souza

        Well said, Anand. Why do you think Nandan backs this inefficient, incompetent system ? Do you have any clue as to whether he ran Infosys the same way ? Please reply, if you have the time as I am truly flabbergasted as to why Nandan would back Aadhaar. Thank you.

        • Anand Venkatanarayanan

          Read the last line of my writeup and read it again and again, till it hits you. I still have not given up hope that it will be fixed for better, but for that there has to acknowledgment that it is not working. There is a lot of denial about it.

        • Carlos de Souza

          Yes, having just read that last sentence of yours, I think you may be onto something there :-) Thank you.

    • nikhilsheth

      There cannot be any expectation in any debate for any of the debating sides to be unbiased. What you need to figure out is, is the bias validated by facts?

  • ranjit roy

    95% success rate – coming from Nandan Nilekani – supposedly IT savvy – that is way off the six sigma mark. sad reflection of our IT abilities; no such project has been attempted elsewhere in the world. It should have been 100% success rate or nothing. Pathetic indeed! Here are examples of mails that I get directed to the wrong person (i.e. me) from ICICI, Prudential, et al

    Dear Mr. RANJIT KUMAR RAY
    Thank you for choosing us as your preferred Insurer.

    We are happy to inform you that your application has been accepted. You will receive the original policy document at your correspondence address or the policy details will get credited to your e-insurance account (Demat Account) depending on the option selected by you.

    In the interim, please find the e-policy document for your HDFC Life policy attached

    and I get to know another (with similar name or emailD – ranjitray@gmail.com, ranjit.ray@gmail.com, (ray or roy or period) gets lost in translation – and we are looking at aadhar for a billion!

    Instead of catching crooks like vijay mallya, politicos, bureaucrats, and mobsters – the government is hellbent upon harassing the common man. this project is doomed to failure with people’s identities, properties, and other benefits getting misappropriated or simply lost. and what of the hackers who will be rubbing their palms with glee waiting to take way someone else’s hard earned money or property

  • RamDas51

    Anand, I will address only one topic in this short space. Since you are a software engineer, I respectfully request you to read a few documents. a) Role of Biometric Technology in Aadhaar Authentication will explain more accurate method of calculating false reject and accept. You can find the report at: https://authportal.uidai.gov.in/static/role_of_biometric_technology_in_aadhaar_authentication.pdf. Please also read several other reports that describe authentication accuracy calculations. Couple of points to make: it is not uncommon to attempt authentication multiple times when first attempt fails. Each attempt takes on the average about 2-5 seconds. You will also find in the report how one can increase success rate from nearly 80% to 98%. b) Not only this test but all biometric device certification tests are conducted with real people in mostly rural areas. So the data is representative of rural conditions. See one exception later. c) All biometric devices models used are certified by STQC. These devices too are tested using similar methodology in the rural environment. Device would fail certification if it is not able to meet less than 2% FRR at 1 in 10K FAR. You can look up details of the specifications, tests and results on STQC website. c) There were cases, mostly in initial stages, when FRR exceeded 2%. It was primarily due to the poor seeding where wrong Aadhaar number was associated with PDS name. Obviously this will fail. This is what error code 300 in the report you reproduce indicates. If you could, please get your hands on e-KYC performed by Reliance Jio in issuing over 100M SIM cards. You will find that FRR is significantly below 1%. You will also find that 99% of people were extremely satisfied with e-KYC process compared to previous mode of providing photo, POI and POA in paper form d) There are many core non-biometric reasons why in certain cases such as NDTV report on Rajasthan add to the authentication failure. In case of PDS, if you can get your hands on data, you will find that the last days of the month is when most biometric authentication failed. The shop keeper used backup – non-biometric and manual record journaling – method. A lot of people observing this peculiar trend wondered the reason for such spike (I believe nearly 80% of biometric failures were coming in the last few days). Why would a system that worked at 98% accuracy regularly degraded to 60% in the last few days of a month? How come people with poor biometric show up only on the last few days? Hint: When a system forces a shop keeper to loose income he has been getting for years, what would you as a shop keeper do? You do need to sell this low cost grain at market price. e) Nandan Nilekani as I read his comments was not even using 95% as a statistical number but more like a common term use: Like I can get ToI cross word puzzle 95% right. I can understand as an engineer how you would want him to be more precise in what he says. Without justifying his reason, I would instead suggest you read more statistically accurate reports of Aadhaar technical team. You will find that Mr. Nilekani was indeed inaccurate — by being too conservative in his claims. These reports are all available on UIDAI website. Finally, like you I am a software person with keen interest in this initiative from the early days. Hence I have made a point to read every UIDAI document and follow biometric technology with great interest. Hence this response.

    • Anand Venkatanarayanan

      Hi,
      There are two things. Statistics that the system behaves in a certain way in a close to field condition. Let us call it FRR and say it is 0.2% (The standard STQC certified scanner has this error rate for 100 templates (10 people * 10 fingers). I have tested this myself). I then take it and put it on the real world with all it’s uncertainties and motivation problems and things happen. Let us call it Function(FRR + real world). The argument is no longer about FRR. It is about Function(FRR + real world) and the impact of this Function on people. It is no longer about tech. specs because they deal with only FRR on close to real conditions. Let us call the difference b/w close to real and real as delta. Do you really think delta is estimatable and the shape of Function(FRR + delta) will have any correspondence to Function(FRR)?

      Let us take JIO as an example. They have the motivation to get people in (Sign up 100M numbers in as short as a time). So they identify the segments and cities that they want to target (High ARPU numbers), can setup systems in such a way that authentication is not the problem. In fact for them authentication of a user is a hassle imposed by regulation. If left upto them, they would not want you to fill anything more than a form at all (It is anyway free offer. So paying bills does not rise). So they wrote the rules themselves on how the eKYC should work, invested on systems that maximises success of eKYC. And they really don’t want you to come back to them doing authentication again, once you have signed up using eKYC. So reliance is Function(FRR + delta), but delta here is actually reduced compared to what UIDAI PoC trials are. It might as well be possible that RJIO FP success rate is close to 0.2%.

      Now take PDS, NREGA two different use cases. Here state govts write the rules and they have budget limitations. They are also constrained by where people live and have the mandate to help people (two different pulls). And they have other parameters like mobile network, power. And finally a motivated operator who wants to get people out (A simple coconut oil rub on the FP machine, messes up the scan process) and not in, as you rightly pointed out. So Function(FRR + delta) is very different. It has no correlation with Function(FRR) at all. And then you have repeatability that the shop has to do this day-in-and-day out for the same person, every month to distribute the PDS. This means more wear and tear in different ways a STQC certification has no way of predicting.

      If you read section 1, I explicitly called this out as a concave curve. The original FRR really does not matter at all and Mr. Nilekani is actually correct that considering all such things, it is close to 5%. So how did a 0.2% FRR becomes 5% FRR and worse? Call it reality with variability thrown in. In fact I would argue that based on all the data that we have, UID based authentication using FP is not a good design idea at all.

      I understand the JIO use case and why everyone loves it and I will also go the eKYC route than do the form carrying, photo carrying thing with other operators. But then UID is not sold as reducing business case for JIO right? Or has it become now? Did we just build a system that works for businesses fantastically, but does not work very well for PDS/NREGA using tax payer money by claiming the latter?

  • Help Duniya

    This was a great post and it was a complete guide. Thank You…

    Working SMS Bomber

    For Best Knowledge Visit Here

  • nikhilsheth

    Thanks for this very well laid out article. I see that the religion of technocracy (worshipping technology for its own sake) is rearing its ugly head through this issue and coming out of the darkness. That is good : sooner it gets visible, sooner we can identify and expose it. The mostly useless engineers of India (you can’t even remove child malnutrition and don’t know how to handle toxic waste being dumped in our rivers and oceans : yes dear you are useless) will obviously take great offense to any heretic who dares to use their own tools of logic and technicality against them. I’m just glad that they’re still much lower in numbers compared to the rest of the (“illiterate” according to them) population, so we have some hope.

  • nikhilsheth

    OTP is one of the worst ways of authentication or backup for authentication you can have. Swipe someone’s phone, go for taking their entitlements, when the fingerprint doesn’t work, you get the OTP on their phone and voila. Plus, in case you’re aware of the word “Snowden” or “Wikileaks”, kindly look them up and be aware that all telecommunications are easy for any crook with buddies in government (where we still vote buddies of crooks to MLA/MP positions) to intercept, esp SMS’s.