UID project in India is a showcase example of Cloud based services. And that too at a massive scale. It is both ambitious and elegant in it's approach for solving identity issues.
2. PURPOSE The purpose of the UIDAI is to issue a unique identification number (UID) to all Indian residents that is, Robust enough to eliminate duplicate and fake identities, and Can be verified and authenticated in an easy, cost effective way
3. WHY is it needed? Inability to prove identity is one of the problems that results in, Preventing the poor from accessing benefits and subsidies. Undue benefits to wrong persons Public as well as private sector agencies struggling to fix identity before providing individuals with services. Individual are compelled to undergo a full cycle of identity verification for each and every cases Benefits of Identity Transformational in eliminating fraud and duplicate identities Need to prove identity only once will bring down transaction costs Simplify the delivery of social welfare programs 2/9/2011 Ministry of P & N Gas can save Rs. 1200 Crores in subsidies for LPG Gas
4. Who will provide it? The Unique Identification Authority of India (UIDAI) was established in February 2009, attached to the Planning Commission. UIDAI – created as a statutory body under a separate legislation to fulfill its objectives. The law will also stipulate rules, regulations , processes and protocols to be followed by different agencies partnering with the Authority in issuing and verifying unique identity numbers Penal provisions to deter individuals from committing identity fraud such as trying to obtain multiple UIDs 2/9/2011
5. How it works? Resident approach enrolling agency with supporting documents (Photo and biometrics captured) The enrolling agency to the registrar who will pass this on to the UID database. The system will engage in a de-duplication exercise. If the individual is not already in the database, a UID number will be issued otherwise rejected. 2/9/2011
6. How it works? 2/9/2011 Tembhli with a population of 1,098 will become the first 'Aadhaar' village
7. How it works? 2/9/2011 RanjanaSonawane of Tembhli village becomes first Indian to get UID #
8. How it works? 2/9/2011 Specification for POS devices is published on UIDAI web site
9. FEATURES The Unique Identification number (UID) will only provide identity Enrolment of residents with proper verification A partnership model Enrolment will not be mandated The number will not contain intelligence
10. PRIVACY Guarantee to identity No duplicates No Transaction records Only YES/NO response, no details Fully encrypted, no read access to database
18. Volunteers from Silicon Valley techie companies…“Imagining India” Passionate call for Governmental and Cultural Reforms
19. UID Dream Team… The E-Governor: SrikanthNadhamuni Sun, SGI veteran. Employee #1 The Transactions Expert: PramodVarma. Specialized in Complex Inventory Mgmt The Bureaucratic Brains: R.S. Sharma Got Post Office to sign up to deliver 1.2 billion UIDs Fingerprints Specialist: SalilPrabhakar “Handbook of Fingerprint Recognition” Silicon Valley start up inside Indian Government!
20. Scanning the World India's unique ID program is the largest and most logistically challenging identification project in the world. Germany: Plans to replace with electronic cards embedded with fingerprints and a six-digit PIN number that can be used to digitally sign forms. Nigeria: Creating a national database with biometric data on citizens. Government hopes that 100 million out of 150 million Nigerians will be issued a unique ID cards Bosnia-Herzegovina: National ID cards were issued in 2002, partly to encourage unity following ethnic strife. The technology involves a bar code, a single fingerprint and a photograph. About 2.5 million IDs had been issued as of May. Malaysia: Smart cards hold personal data and a thumbprint, and can be used to pay road tolls and access ATM machines. Oman: One objective of smart-card program is to track immigrants, including workers from Pakistan, Iran, India and elsewhere. U.S.: The US-VISIT program collects digital fingerprints and photos from foreign travelers as a way to keep immigration violators and criminals from entering the country. It has over 100 million records. Page 15 | 2/9/2011
21. Challenges in Unique Numbering Systems Design Trade Offs Availability of new UIDs : Surprisingly we have made this mistake multiple times Unanticipated growth of types of objects for which UID is used Huge wastage of available numbers due to structure Longevity : UID will be in use for centuries to come Privacy Issues UID Number is carefully designed NOT TO disclose any personal information (contrast this with US SSN) UID does not issue a smart card or mandate any machine readable format Page 16 | 2/9/2011 What other unique number systems exists in our daily lives?
22. How would you design it? Page 17 | 2/9/2011 Only Numbers! No alphabets Why? How long should the number be? Check Sum Digit More on this on next slide…. 0 : Escape Digit for extension of UID 1: Reserved for Entities 2-9: Individuals (80 Billion Numbers!) Algorithm & Seed is considered National Secret!
23. The Check Sum Digit Eliminate Data Entry Errors The Verhoeff algorithm, a checksum formula for error detection first published in 1969 Catches all the above types of data entry errors Reduces customer service load and overall aggravation Computation intensive The checksum scheme is not intended to be a secret Page 18 | 2/9/2011
24. Challenge Unprecedented scale for duplicate checks. Duplicate check against background of 1.2B records New enrollments (work load) to peak at 4M per day. Computational challenges Accuracy challenges Deactivation challenges, life of a UID?
26. How do you establish identity? How do you get the first one? Location Independent Identity National Interoperable Identity What if the identity moves along with you? Page 21 | 2/9/2011
27. UID and Banking 10000 people share one bank branch or ATM whereas collectively own 5100 mobile phones (McKinsey March 2010) US has 1/3rd population of India but has ~400k ATMs (as compared to 44k ATMs in India) Unbanked users of mobile money will grow almost tenfold to 360 million from 45 million today There’s an annual business worth $8 billion for the taking Cost of Transaction The effective price per minute for an outgoing mobile call has dropped from Rs. 15.30 in 1998 to Rs. 0.68 or less today! Today the average transaction cost for ATM withdrawal is Rs. 3000! Page 22 | 2/9/2011
31. UID And Cloud UID Project is a showcase example of cloud, why? Identity As A Service Storage and compute requirements 1.2 billion records, each record is a multiple megabytes 2 second response time De-Duplication Fluctuating resource requirement Ability to scale up and scale down BMC Software & UID Page 25 | 2/9/2011
In India, an inability to prove identity is one of the biggest barriers preventing the poor fromaccessing benefits and subsidies. Public as well as private sector agencies across the countrytypically require proof of identity before providing individuals with services. But till date,there remains no nationally accepted, verified identity number that both residents andagencies can use with ease and confidence.There are clearly, immense benefits from a mechanism that uniquely identifies a person, andensures instant identity verification. The need to prove identity only once will bring downtransaction costs for the poor. A clear identity number would also transform the deliveryof social welfare programs by making them more inclusive of communities now cut off fromsuch benefits due to their lack of identification. It would enable the government to shift fromindirect to direct benefits, and help verify whether the intended beneficiaries actually receivefunds/subsidies.A single, universal identity number will also be transformational in eliminating fraud andduplicate identities, since individuals will no longer be able to represent themselvesdifferently to different agencies. This will result in significant savings to the stateexchequer.As an example, the Ministry of Petroleum and Natural Gas can save over Rs.1200crores a year in subsidies now reportedly lost on LPG cylinders registered under duplicate orghost identities.
The Unique Identification Authority of India The Unique Identification Authority of India (UIDAI) was constituted as an attached office under the Planning Commission, to develop and implement the necessary legal, technical and institutional infrastructure to issue unique identity to residents of India. On June 25th 2009, the Cabinet approved the creation of the position of the Chairperson of the UIDAI, and appointed Mr. NandanNilekani as the first Chairperson with the rank of the Cabinet Minister. On August 3rd 2009, the Prime Minister constituted a Council under his chairmanship to advise the UIDAI and ensure coordination between the Ministries, Departments, stakeholders and partners. The Council will advise the UIDAI on the program, methodology and implementation to ensure this coordination. The Council will also identify specific milestones for the early completion of the project.
At present the indications are that the following 12 parameters would be associated with the UID data.1. Name2.UID Number of the holder3.Photograph4.Right hand fore finger print5.Name of the Father6. Name of the Mother7. UID of the Father8. UID of Mother9. Date of Birth10. Sex11.Place of Birth12. Address• What is the process that will be followed to issue a UID number?A resident will have to go to an enrolling agency, fill up an application form and provide the supporting documentation including photo and finger print.The enrolling agency will collect this information and send the data, either singly or in batches, to the registrar who will pass this on to the UID database.The system will engage in a de-duplication exercise.If the individual is not already in the database, a UID number will be issued and sent to the person at their residence. The UID number will also be sent to the Registrar for use in their service database.If the individual is already in the database the registration will be rejected and the person will be informed of the same.The registrar will scan the supporting documentation and send it to the UIDAI and keep the physical copies with themselves.• What is the verification process that will be followed by the enrolling agency before processing the documents for a UID number?A Know Your Resident Committee is being formed to establish what would be acceptable forms of supporting documentation. The recommendations should be made within 6 months of being set up and these standards would be used for verification.
Tembhli with a population of 1,098 will become the first 'Aadhaar' village in the country
Telephone numbersInternet IP AddressesBar Codes ( UnivProdCode + EuroArtNum GlobTradeItemNum )The two main reasons have been unanticipated growth (and types) of objects to which UIDs are assigned and introduction of structure within the UID format that wastes large parts of the available space of UID values. The design of Internet addresses as proposed in Version 4 of Inter-net Protocols illustrates both of these issues. Initial design provided for 4 bytes to designate a unique address for a computer, called IP address. There was also an explicit hierarchical structure to the IP address. The design was undertaken in the days where mainframes and mini-computers dominated. No one anticipated that one day people would want to provide IP numbers to devices such as mobile phones and even smart appliances; nor did one anticipate that computers would become so small and so cheap that each person would have several computers available, each requiring an Internet Address. Initially, the structure was introduced to make it easy to perform address recognition easier. This meant that typically a large block of IP addresses had to be assigned to any collection of computers at a location not reflecting the actual number of actual computers to be used at that particular location (routing region). Logevity: Y2K problemThe US Social Security Number, for example, has enough of a pattern that an expert can guess a person’s number from their birth-date and from the location at which it was issued.2It is also possible to guess the date and location at which the card was issued from the Social Security Number. The UID is a random number that makes guesswork virtually impossible. 3. The UID approach is designed on an on-line system – data is stored centrally and authentication is done online. This is a forward-leaning approach that makes it possible to avoid the problems associated with many ID card schemes.
How long should the number be?In short, the string has to be as short as possible but that meets density requirement. It is important to keep the UID simple and small to help residents to remember their number. We suggest the use of 12 digits (11 + 1 check sum) since 11 digits gives us a 100billion number space which in turn can provide a low density of used numbers! About 0.05 density which makes it hard to guess a valid UID number.Only Number no Letters, Why? Not viable option for us given the multi-lingual society that also has high levels of functional illiteracy. 0- numbers (a1 = 0) could be used as an “escape” or version number for future extensions to the length of the number. For example, in future if we need 16 digit numbers, then we could say that 0 means that the number is 16-digits. As of now we can simply declare all 0- numbers as TBD (to be decided). 1- numbers(a1 = 1) could be reserved for entities rather than individuals. Alternatively, 11- could be reserved for entities (or 111-) to match the size of the reserved space to the number of entities expected. We could use 2-9 numbers (a1 =2,3…9) right away to assign UIDs. That is 80 billion numbers -- plenty of space. Number Generation: The numbers are generated in a random, non-repeating sequence. There are several approaches to doing this in the computer science literature. The algorithm and any “seed” chosen to generate IDs should not be made public and should be considered a national secret.
IBM CheckThe "IBM check", which is used by MasterCard, VISA, and most other credit card companies (including the new Hudson's Bay Company cards, but not the older ones), is an even/odd weighted code. The digits in the even positions (numbering from the right) are multiplied by 2, then reduced to a single digit (if > 9) by "casting out nines" (subtracting 9, which is equivalent to adding the digits). All digits are then summed and a check digit added to make the result evenly divisible by 10.For example, given the number6 1 8 2 0 9 2 3 1 5 5 3 the leading 6 is doubled, giving 12, which is then reduced to 3 by adding the digits of 12 together; similarly, the 8 becomes 16 and then 7; the 0 is impervious to doubling; the 2 becomes 4; the 1 becomes 2; and the 5 in the second-last position becomes 10 and thus 1. Thus the check equation is6#2 + 1 + 8#2 + 2 + 0#2 + 9 + 2#2 + 3 + 1#2 + 5 + 5#2 + 3 mod 10 = 0 where '#' represents multiplication with casting out nines, giving3 + 1 + 7 + 2 + 0 + 9 + 4+ 3 + 2 + 5 + 1 + 3 mod 10 = 40 mod 10 = 0 This scheme catches all single errors and most adjacent transpositions, but not jump transpositions (such as 553 becoming 355) or 09 becoming 90.