The ambitious UID (Unique Identity) project is about to roll out the first set of numbers. Since the setting up of the Unique Identification Authority of India (UIDAI) in January 2009 as an attached office to the Planning Commission under the chairmanship of Nandan Nilekani, much has been happening and much has been written about. Prime minister Manmohan Singh and Finance Minister Pranab Mukherjee have both been seriously involved in the project right from its conception. So the central government's seriousness about the project has always been evident. Since the importance of the project was seen in reaching out to vast sections of poorer sections, the 13th Finance Commission also reserved Rs 3,000 crore for the project for giving an incentive of Rs 100 to every poor citizen who enrolled for a UID.
Many questions have been raised about the efficacy and the timing of the project. But the objective of the project was clear: to issue a UID to all Indian residents that is (a) robust enough to eliminate duplicate and fake identities, and (b) can be verified and authenticated in an easy, cost-effective way. Most importantly, the project offered India the scope to bring within its fold many of the 1.2 billion Indians who could not be in any existing identification system due to various reasons and also enable the usage of technology to attain a national database of identifiable individuals.
Every individual would be given a 12-digit unique identity number called Aadhaar and this would be generated on the enrolment based on a few basic demographic features and biometric parameters consisting of ten fingerprints, photographs and iris scan of both eyes. The Central Identities Data Repository (CIDR), under the UIDAI will issue UIDs, update resident information and verify and authenticate the identity of residents as well as amend the information when called for. There would be the central and state government partners called registrars who would process UID applications, either directly or appointed agencies. The registrars would connect to the CIDR to ‘de-duplicate' resident information and also receive the UID numbers. The verification process would be done online through network connectivity and would return answers in yes and no form, thus taking care of privacy concerns.
The confidentiality and availability of the system would be the most important factor for the whole ecosystem to work. Technology would be the most critical yardstick for this. Technology will undergird the whole UIDAI system and as more and more enrolments take place and more and more verification requests happen online, the real robustness and success of the system will be observed. It is estimated that the number of enrolments itself could touch a million mark per day in the very first year of operation. So the online authentication will need to be scaled up to handle hundreds of thousands of transactions per second. Any unavailability of the technology ecosystem will bring these critical functions of the project to a grinding halt. It necessitates a continuous availability of the technology ecosystem to function effectively. This can only be ensured if the information technology (IT) infrastructure can scale up in a non-disruptive manner to match the needs of both enrolment and authentication.
The system will also have to be resilient towards planned and unplanned events that can potentially impact systems availability. It should be capable of embracing and exploiting the benefits of technological innovations over time to make the architecture more efficient. Also, the technology ecosystem has to be optimised to reduce the overall cost by leveraging an intelligent software layer to commoditise hardware. This can lead to lower cost per unit of activity as well as reduced aggregate costs over a given period.
There is also a need for fostering infrastructure inter-operability so that multiple technologies from various solution providers can be seamlessly integrated. The registrars and the centres for enrolment have to be directed for a standard infrastructure. Quality practices must be strictly adhered to. In other words, the issue of data management is the most critical factor for the whole project to be a continuing success.
To start with 600 million enrolments in the first four years and then go to the rest of the 1.2 billion Indians — and at the same time factor in multiple registrars and their growing numbers and thus more usage — all this is going to be a major factor when the whole scalable architecture is devised. Even the registrars and their working in unison will have to be very well-monitored in the first few years so that they become a quality-extended arm of the UIDAI and not an avenue for constant fire-fighting. Being the first of its kind in the world in terms of the sheer size of the network and also the sensitivity of the whole programme, this would be a major indicator of the gigantic scale of system integration that India will undertake. The critical infrastructure created will, thus, have to be very well set up, maintained and protected.
The UIDAI approach so far makes it look that it has covered most of the issues. However the actual position will become clear only when the whole ecosystem starts functioning. Not all of the flagship e-governance programmes in the country have emerged flawless. So this is a reminder for UIDAI to be extra vigilant. Meanwhile the merits of the programme are tremendous. It allows technology to rope in citizens, particularly from the poorer sections of society, and allow them to take the benefits of various social schemes which hitherto have been denied to them due to ignorance and middlemen.
Subimal Bhattacharjee writes on issues of technology and security. The views expressed by the author are personal.