100% Aadhaar Authentication Success Not Possible, Admits UIDAI CEO

Ajay Bhushan Pandey, the CEO of the Unique Identification Authority of India (UIDAI), made a presentation on Aadhaar before a Supreme Court bench at 2:30 pm on Thursday.

The five-judge constitution bench headed by Chief Justice Dipak Misra viewed the presentation, which ostensibly demonstrated that the biometric and demographic data of people collected at the time of enrolling for Aadhaar was secure from leaks. In the presentation, Pandey said that 100% authentication success is not possible because many variables, like connectivity, malfunctioning machines, etc. come into play. Nevertheless, he asserted that the Aadhaar Act takes care of it.

Pandey began his presentation by explaining how secure Aadhaar is. He then went on to state that there are 13 modes of Aadhaar authentication. 10 fingers (fingerprint scanning), 2 eyes (iris scanning) and lastly the One Time Password (OTP). He further explained that the security of the data behind Aadhaar identification has a 2048-bit encryption system and hence, is not easy to crack.

Pandey also claimed that all machines used by the enrollment agencies are STQC-certified and that the software running on them is provided by the UIDAI itself.

Image from UIDAI CEO’s Presentation
Image from UIDAI CEO’s Presentation

Upon being asked about the blacklisted enrollers, he said that some of the blacklisted enrollers also registered a tree or Hanuman. The CEO further confirmed that they used to trust enrollment operators more earlier, but due to the discrepancies, this is no longer the case.

Pandey also said that even infants can have Aadhaar, and that the UIDAI doesn’t check for the 182-day residence limit. For children, he said, even Anganwadi workers can double up as Aadhaar enrolment operators.

When asked about the parents’ consent, Pandey said that all legal compliance has to be taken care of while updating biometrics for children.

The UIDAI CEO also explained to the judges what needs to be done in the case of an Aadhaar database mismatch: “A circular was issued yesterday (21 March), which said that if a person's authentication through biometrics does not happen, then he shall not be denied benefits for that reason,” he said.

Image from UIDAI CEO’s Presentation

Pandey also claimed that when a person's biometrics don't match the Aadhaar database, an error code is sent to the UIDAI, which will prompt the person to update their data.

"Every Aadhaar card has a QR code, which prevents de-duplication. The QR code will also show the person’s photo. This method can also be resorted to if biometrics don’t match." - Ajay Bhushan Pandey, CEO, UIDAI

Pandey also claimed that the government has taken a decision that Aadhaar enrolments from now on will only be conducted in banks, government offices and post offices.

The presentation also said that the cost of making one Aadhaar card is less than one dollar.

He said that Aadhaar enrolments are taking place in prisons as well.

On being asked if the software being used is foreign, Pandey said that only the biometric match software is licensed from foreign companies.

Image from UIDAI CEO’s Presentation

He claims that it comes from best in the industry, stating that the data centre consists of 6,000 servers, which according to him is more than enough for the country's needs.

Further defending his software, Pandey gave an example of banks, saying that just because banks use SAP or Oracle, does not mean they give data to these partners.

Pandey also claimed that the government has not made a single request for asking on the biometric data in the Aadhaar system.

He further made the point that once the data goes into the Central Identities Data Repository (CIDR), it cannot be shared with anyone.

"The Aadhaar Authentication System sees 4 crore authentications taking place every day." - Pandey, CEO, UIDAI

Pandey ended his presentation by saying that the UIDAI does not collect details about the location, purpose and details of the transactions.

The presentation by the UIDAI chief comes after Attorney General KK Venugopal had told the apex court on Wednesday that the UIDAI intends to make a power presentation to show that the data was safe from any kind of exposure.

(With inputs from First Post and IANS)

. Read more on News by The Quint.100% Aadhaar Authentication Success Not Possible, Admits UIDAI CEOSupersonic Cruise Missile BrahMos Successfully Tested at Pokhran . Read more on News by The Quint.