The UIDAI has received 331 crore authentication requests since 2012 but declined to reveal how many of them failed.
From the inception of the unique identity project, the government has claimed that one of the biggest advantages of Aadhaar – a biometrics-based 12-digit identity number for Indian residents – is that it helps identify beneficiaries of social schemes accurately and ensures the benefits go only to the deserving.
In March, the government notified that Aadhaar, or at least proof of enrolment in Aadhaar, was mandatory for several vulnerable groups to continue to receive government benefits. These groups included women rescued from trafficking, workers engaged in forced labour, schoolchildren between six and 14 years of age, and people with disabilities. Schoolchildren, for instance, will not be served mid-day meals from June if they cannot present their Aadhaar numbers.
All recent notifications state that the use of Aadhaar as a document of identification will bring in “transparency and efficiency”.
But is Aadhaar really making it easier for people to access welfare programmes? How accurate are the claims of greater efficiency? There are no answers to these questions, it seems, as Scroll.in’s requests for information under the Right to Information Act revealed.
An Aadhaar number is generated after the collection of demographic information and biometrics (fingerprints and iris scans). The number can be used by either the government or a private entity to authenticate a person carrying out a transaction that requires them to establish their identity. The database now has over a billion people enrolled in it.
One way of biometric authentication is through fingerprints. For example, several states such as Delhi, Rajasthan and Andhra Pradesh have made Aadhaar biometric authentication mandatory for those who wish to avail of foodgrains under the public distribution system. These beneficiaries must, therefore, place their fingers on the point-of-sale devices at fair price shops. The devices use the internet to verify the fingerprints with the data stored in the Aadhaar servers.
Besides fingerprint authentication, the Unique Identification Authority of India – the agency that manages the database – lists five other authentication techniques:
- Matching the Aadhaar number and demographic attributes of residents.
- Through a one-time password sent to the resident’s mobile number/email shared in the central identities database.
- Using one of the biometric modalities – fingerprints or iris.
- A two-factor authentication using one of the biometrics (iris, fingerprints), and a one-time password.
- Using a one-time password, fingerprints and iris for authentication.
Lack of transparency
To monitor the efficacy of Aadhaar, the Authority is supposed to regularly collect this authentication data along with information on how many authentication requests were received, and how many failed or succeeded.
After the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits, and Services) Act was passed last year, Business Standard asked the Authority’s chief executive officer, ABP Pandey, in the course of an interview on March 22, 2016, about the system’s efficacy:
“Is there a system already in place for monitoring the efficacy of Aadhaar? Say, if I came to you six months down the line and asked how is the biometric system working? Would you be able to provide that authentication worked in 85% of cases or not? Are you regularly collecting this kind of data?
We monitor this. Say in one day, say, we get 2 million requests. Out of that we naturally have the information that so many have failed or so many has passed. The failure could be because of various reasons. Someone could have tried to falsify an identity, it could be a finger print failure. We also try to monitor the failure rate.”
Pandey also stated in the interview that “in some places where biometric is being used, like in Rajasthan for public distribution system, the rate of failure of fingerprint authentication is much higher than expected”. He added that it was not clear how much of the data on authentication failure would be put in the public domain, and what independent audit process would be adopted to monitor if the authentication was going on efficiently.
After the Aadhaar regulations were notified in September, this reporter submitted several right-to-information applications to the Authority seeking data related to authentication requests – as part of Scroll.in’s ongoing Identity Project series on the implementation of Aadhaar. The period for which information was sought was from September 2010, when the first Aadhaar number was issued, till October 31, 2016. Most of the replies from the Authority’s regional offices were received in December and January, with a final response coming in on March 1.
Replying to Scroll.in’s query, the Authority stated that it maintains month-wise data on how many authentication requests were received since September 2012. It does not maintain this data state-wise.
The Authority shared the total number of authentication requests received between September 2012 and October 2016 through five modes – fingerprint, iris, demographic, one-time password, and “other” – which came to a total of over 331 crore requests.
But it declined to share how many of these requests had failed or succeeded. To a question on how many times the Authority had returned a negative reply to the authentication requests, with a number for each of the five authentication modes, it stated that this data “is not readily available”.
Government data and interviews with scheme beneficiaries show that individuals in some states, such as Rajasthan, have faced glitches and fingerprint authentication errors on a massive scale since Aadhaar was made mandatory to access food rations in 2015-’16. Thousands of households could not access their legal food entitlements and pensions because of this.
The beneficiaries are being denied for various reasons: if they do not have an Aadhaar number, if there are data entry errors in the details linked to or seeded in the public distribution database, if the fingerprint authentication does not work for many who do manual work or for the elderly. Also, electricity and internet connectivity problems, especially in remote villages, often mean that beneficiaries have to make multiple trips to the fair price shops, which in turn means losing a day’s wage for many of them.
One of the first blueprints to be published for Aadhaar in welfare delivery was on the public distribution system.
“The Aadhaar number would be a foundation, over which the government can build more effective public distribution system processes,” the Unique Identification Authority of India stated in a 2010 policy document.
The paper envisioned that using Aadhaar would allow for “real-time identity verification at the fair price shop”, real-time streamlining for inventory management, and real-time tracking of beneficiaries’ claims by civil society activists.
In a sub-section titled “Community participation in monitoring” (page 11), the Authority stated:
“Aadhaar-based authentication and Management Information Systems would bring transparency to a currently opaque system. Clear accountability through Aadhaar authentication, as well as the use of electronic records, would make data more available for community monitoring, and would strengthen the use of right to information in the public distribution system.”
It added that an Aadhaar-enabled information technology grievance system “would ensure that complaints are visible publicly and across different levels of government”.
But that’s all on paper. Six years on, the process for tracking those who have been denied their legal entitlements, such as subsidised foodgrains under the National Food Security Act, and why remains as opaque as ever, say social activists.
“The biometric authentication technology claim is failing on a large scale in villages,” said Nikhil Dey, an activist with the Mazdoor Kisan Shakti Sangathan. “Yet, in three recent meetings, Rajasthan government has refused to share data with us on how many beneficiaries have been wrongly rejected, how many times, after how many authentication attempts.”
He added: “Why does the government want our information, while it keeps important public data such as these a secret?”
[Copyright By Anumeha Yadav]