A certain investor service has, without citing any evidence or basis, made sweeping assertions against Aadhaar, the most trusted digital ID in the world.
Over the last decade, over a billion Indians have expressed their trust in Aadhaar by using it to authenticate themselves over 100 billion times.
To ignore such an unprecedented vote of confidence in an identity system is to imply that the users do not understand what is in their own interest.
The report in question does not cite either primary or secondary data or research in support of the opinions presented in it.
The investor service did not make any attempt to ascertain facts regarding the issues raised by it from the Authority.
The sole reference cited in the report is in respect of the Unique Identification Authority of India (UIDAI), by referring to its website.
However, the report incorrectly cites the number of Aadhaars issued as 1.2 billion, although the website prominently gives the updated numbers.
The report avers that use of biometric technologies results in service denials for manual laborers in India’s hot, humid climate, an obvious reference to India’s Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGS).
However, it is evident that the authors of the report are unaware that the seeding of Aadhaar in the MGNREGS database has been done without requiring the worker to authenticate using their biometrics, and that even payment to workers under the scheme is made by directly crediting money in their account and does not require the worker to authenticate using their biometrics.
The report ignores that biometric submission is also possible through contactless means like face authentication and iris authentication.
In addition, the option of mobile OTP is also available in many use cases.
The report also avers that there are security and privacy vulnerabilities in a centralised Aadhaar system.
The factual position in this regard has been repeatedly disclosed in response to Parliament questions, where Parliament has been categorically informed that till date no breach has been reported from Aadhaar database.
Further, Parliament has laid down robust privacy protections in the law governing the Aadhaar system and these are observed through robust technological and organisational arrangements.
State-of-the-art security solutions are in place, along with a federated database and encryption of data both at rest and in motion. The systems are certified as per international security and privacy standards (ISO 27001:2013 for Information Security Management System and ISO 27701:2019 for Privacy Information Management System).
While the vote of confidence of a billion-plus Indians is sufficient testimony to the value offered by Aadhaar, it is pertinent that a number of international agencies, including the IMF and World Bank, have lauded the role of Aadhaar. Several nations have also been engaged with the Authority to understand how they may deploy similar digital ID systems.
Recently, the G20 Global Partnership for Financial Inclusion (GPFI), in a report prepared by the World Bank, has stated that the “implementation of DPIs such as Aadhaar (a foundational digital ID system), along with the Jan Dhan bank accounts, and mobile phones, is considered to have played a critical role in moving ownership of transaction accounts from approximately one-fourth of adults in 2008 to over 80 percent now—a journey that it is estimated could have taken up to 47 years without DPIs”.
Aadhaar is the foundational Digital Public Infrastructure (DPI) of the India stack.
The recent G20 New Delhi Declaration has welcomed the G20 Framework for Systems of Digital Public Infrastructure, a voluntary and suggested framework for the development, deployment and governance of Digital Public Infrastructure (DPI), and welcomed India’s plan to build and maintain a Global Digital Public Infrastructure Repository (GDPIR), a virtual repository of DPI, voluntarily shared by G20 members and beyond.