The PMO has announced that the government will start UID-based cash transfers in 51 districts from January 1, 2013, and it will be expanded to 18 states from April 1, 2013. However, given the practical problems involved, as well as the time required to put in place the requisite infrastructure, I expect it will take time before significant benefits are being delivered in the coming year. Here’s why.
Journalists often ask whether UID is foolproof. First of all, by definition, it is never going to be a perfect process because if you are talking about fingerprints or iris scans, what you are effectively doing is comparing a digital image of the fingerprint or the iris against similar images held on the centralised system. This is difficult to do. What fingerprint matching algorithms do is to look for particular identifying features on the fingerprint like loops and whorls and use 16 to 20 such points of information as the basis for the comparison. That is, the comparison happens not based on the image but this computer-generated template. And while you are unlikely to get a perfect match, you can evaluate the degree of confidence that two templates are the same.
Further practical problems that one can face while using biometrics is that in a population of over a billion, many of whom are manual labourers, you will still get a large number of people—albeit it may be a small percentage—who aren’t able to provide fingerprints because their fingerprints are worn out. Even the UIDAI data reveals that 1.87 percent of their own trial samples were unable to provide fingerprints which were of sufficient quality to enrol. Now 1.87 percent of a billion people becomes quite a significant number! What makes it worse is that the ones losing out are not the frequent flyers or the middle class. They are the ones towards whom most of the benefits are being targeted—the ones who don’t have birth certificates, driving licences.
The other practical problem that one can face—the coriander plant incident in April 2012 (where a UID number was issued to Mr Kothimeer [coriander], in Andhra Pradesh, with a photo of a mobile phone on the card) is an illustration of it—is that even if the technology got better, you’ve still got to ensure that the whole enrolment and verification process is undertaken properly and securely. That means you must have people who check and ensure that the data given is correct. Again, when you are enrolling over a billion people, predominantly in rural areas in a large country, this is a ‘non-trivial problem’.
So there are lots of technical issues about how good the quality of the data collected is, but those aren’t insurmountable. Of course, you can improve processes over time, but when you are talking of a billion people, it has to be done at 0.000001 percent problem rate if you want to avoid tens of thousands of people being affected.
There are also challenges at the verification stage. Because UID is simply a number, the only way to check that it is valid and belongs to the person in front of you is to check the details against the central database. In contrast, credit card companies that use a local check (example, chip-and-pin or signature) can take a risk-based assessment and allow low-value transactions to proceed quickly and only do (slower) checks against the database (example, to see if the card has been reported lost or stolen) for high-value transactions.
Another risk of verifying the fingerprint against the database is that the service provider does not bother to check fingerprints. They just accept the number and hope the number is sufficient. Even if the service provider does normally check the fingerprint in real time, there will be times when you cannot connect to the server. What do you do on such occasions? What is the fallback option? Do you hold back the transaction? If you allow the transaction even without verification, then the possibility of fraud appears again.