In its Strategy Paper in August 2009, UIDAI made an important but counter-intuitive decision that it would issue only numbers and not cards. Many were surprised. Identities are always issued in the form of ID cards, isn’t it? People had never heard of an identity number. What does it even mean? Even those who understood the concept of an online identity system criticized the decision, claiming that a card is the more appropriate form for India because poor connectivity would render an online system inoperable.
When people asked me to explain the online ID, I used to provide them an analogy of body (sharir) and soul (atman). The Aadhaar number is like the soul, indestructible and permanent (ajar, amar), as the Gita describes it. The paper or the card is its temporary abode (sharir), which holds the number (atman). When you have direct access to the atman, the sharir and its perishable nature are unimportant.
Just a number, not a card
The decision to make Aadhaar just a number has greatly contributed to the goals of cost reduction, determination of uniqueness, inclusion of the poor and in enabling Aadhaar to become a digital ID platform, rather than a standalone smartcard. There are multiple reasons for the success of this design.
Lowest-Cost Solution: Aadhaar has not only proved to be robust with unique features otherwise not found in other ID systems, it is also the most frugal of solutions. For instance, a smartcard would have cost ₹70–80 at the very least. Add to this, the cost of couriering the card and the personal identification number (PIN) separately and securely. At ₹100 per smartcard, the total expenditure just for the smartcard would have been ₹12,000 crore (₹120 billion) for the 1.2 billion registrations. That is more than the total expenditure UIDAI has incurred till date. The recurring costs and inconveniences for a smartcard-based solution would have been of a much higher magnitude to all the stakeholders such as UIDAI, residents and corporates using the system.
Determination of Uniqueness: Identity in a centralized repository can be managed to weed out duplicates, should any be detected, because cancelling the duplicate Aadhaar is as simple as blocking the use of a number. Not so with ID systems that depend upon a physical token. If sufficient by itself, such a token continues to work as the ID till it is retrieved or destroyed. If you can’t retrieve a duplicate, you cannot extinguish its use with any degree of certainty.
Can you prevent the use of a few currency notes—by serial number—out of a billion others? Not if people accept currency notes at sight. In fact, it is difficult to prevent the use of counterfeit currency despite it being printed on security paper with markings that facilitate identification. It is the same with other identities not linked to a database against which their use is verified through an online process every time.
Safeguarding Inclusion of Poor: Those who lose a smartcard or any ID token would also lose their identity and suffer enormous harassment to get it back. Further, the impact of such a loss would be especially severe among the poorest (who could lose even their homes to floods), because to access their entitlements, they would first need to prove their identity. The Aadhaar system is convenient for residents, absolving them of the worry of loss or misuse of their card. Today, millions of Aadhaar letters are downloaded and printed every day. Imagine the trouble and expenditure in reissue, if Aadhaar was a smartcard.
Digital ID Platform: A unique number that can be plugged into databases of names of users or beneficiaries of other systems serves the larger purpose of cleaning those databases while authenticating identities. Similarly, it also contributes to the goals of speed and scale besides future-proofing of technology, while keeping the cost of building such third-party systems very low. It is also much safer in terms of data security because the biometric data is not stored in billions of cards, but rather safely with UIDAI.
Smarter Than a Smartcard: Aadhaar as an online digital ID is different from identity tokens. Aadhaar is a digital ID infrastructure, while a smartcard (or any other card) is just an offline token. And tokens have lost all relevance in a digital and connected world. This phenomenon is plainly visible in many areas. For instance, earlier, airline tickets used to be coupons in an attractive jacket, which were exchanged at the check-in counter for the boarding pass. Today, however, you get a message on your mobile phone, an SMS or an email, which you may print, but don’t need to. What’s vital in the message, among many other information, is the passenger name record (PNR)—again just a number. There is no need for a ticket or a smartcard or any token because you have continual access to all the information related to your booking, via this ID called PNR, at the back end. Similarly, you can authenticate your identity online with just the Aadhaar number.
The Aadhaar number is communicated in a letter to the resident, with a perforated portion that bears her name, photograph, date of birth, gender, address and, of course, the Aadhaar number itself. This ‘card’ portion is about the size of a business card and only as durable. In retrospect, we may have overplayed the ‘Aadhaar is a number and not a card’ bit, because the Finance Ministry would not allow us to issue the number written on a piece of plastic as that somehow made it a card. Of course, a ₹5 plastic card is entirely different from a smartcard with an embedded chip, which would have cost about ₹100.
To this day, the letters that UIDAI issues are on paper. The residents do get it laminated and may get it printed on a plastic card, if they wish. But whether written in sand, papyrus or tattooed on the body, the Aadhaar number remains just as effective.
Smartcards, on the other hand, have several lifecycle management issues and are getting obsolete. They require PINs to be conveyed to the holder separately and securely. Update of demographic or biometric data requires collecting the old cards and issuing new ones. Cards can be lost, which would require the entire process to be repeated. Smartcards also need a smartcard reader. These issues create a logistical nightmare when more than a billion cards have to be issued in a country like India, where the address for some residents, could be ‘behind the temple’ or ‘below the flyover.’
If Aadhaar was issued as a card, it would have become another ID card, just like a driving licence, a ration card or a voter ID card, which are essentially eligibility cards, authorizing one to drive, get rations from the public distribution system (PDS) or vote, respectively. Aadhaar has no eligibility attached with it. Hence by itself, an Aadhaar card would not have any value except probably enabling the holder to enter airports or to board trains or to check into a hotel. Those things are already enabled by existing ID cards. Aadhaar was meant to be an ID that could be combined with any transaction and work as proof of ID for accessing any formal system, such as PDS, Permanent Account Number (PAN) cards, Electors Photo Identity Card (EPIC) cards, Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGA) job cards, or health insurance card, pensions and other databases. This mechanism could then also work as a cleansing agent to eliminate duplicates and fakes from these databases.
Now that Aadhaar is being used for various types of transactions, people have come to realize that the system is working as a trusted third-party authenticator of identities in digital transactions, and its utility as a number, and not a card, is being appreciated. Thus, Aadhaar is a token-less digital identity number that can be embedded into any database. With identity data residing at the UIDAI back end, it is possible for Aadhaar to work as a trusted and common authentication system for a person’s identity in systems such as banking, provide proof of presence, lifting of ration from PDS shops and get mobile SIMs, among others.
By taking the decision to develop an online authentication system, we annoyed the industry that supplied smartcards for credit cards, metro systems and other uses. Unfortunately for them, in place of the shiny, physical and ‘modern technology’ that the smartcard represented, we offered a ‘dumb’ 12-digit number— printed on plain paper!
I hope the reader will agree with me that the choice of making Aadhaar as only a number and not a card has significantly contributed to the achievement of many overarching goals of the UID system.
This excerpt from The Making of Aadhaar: World’s Largest Identity Platform by Ram Sewak Sharma has been published with permission from Rupa Publications.