Tuesday, March 8, 2011

245 - Getting my Aadhaar Number at UIDAI labs

Getting My Aadhar Number at UIDAI Labs!
Posted: 29 Sep 2010 01:13 AM PDT

As your read this blog post, residents of the tiny hamlet of Tembhali in northern Maharashtra's Nandurbar district are creating history by getting their Unique ID Numbers. The UIDAI or Unique ID Authority of India's "Aadhar" project has been officially flagged off by the Prime Minister and UPA Chairperson Sonia Gandhi and the world's largest IT project is all set to roll.

 I was lucky enough to get a sneak peek at the enrollment process at UIDAI's tech centre in Bangalore and this video will give you an idea of the steps you'll have to go through to get the magic 12-digit number.

( Please click on Title to visit original blog to view video )

For those interested in the geekier aspects of the project, the tech can broadly be divided into three areas ie. enrollment, data centre and authentication. Here's a quick explanation of each:

1) Enrollment: The UIDAI will partner with a number of agencies ranging from District Collectors' offices to banks as "enrollment partners" who will be tasked with collecting data. These partners will receive a slick-looking pair of tough briefcases containing neatly packed hardware required for enrollment. A laptop with the Aadhar enrollment software installed along with a fingerprint reader and an iris scanner go into one briefcase while a webcam, a laser printer (for the receipt) and a small monitor fit into the other one. That last bit of hardware is an innovative touch because it's meant purely for the person getting enrolled to verify that the data being entered into the laptop is accurate.

2) Data Centre: While Aadhar may be collaborative in its approach to enrollment, it's taking no chances with its central servers and whats being stored in them. The data centres themselves will be built and maintained by vendors, but access will be strictly controlled solely by the UIDAI at multiple levels. No data can leave the enrollment laptops unencrypted and any attempt to tamper or modify the data will raise an alarm when it is uploaded to the central server. Only once it is validated as being secure will it be accepted for further processing. Then comes the tricky part called "de-duplication" ie. checking to see if the person has not already enrolled which means comparing his biometric data (iris and ten fingerprints) to that of all the existing IDs. This will require enormous computing power and although Aadhar will have a large "grid" of networked computers, built using open-source technologies to do these "compute jobs", building this grid as the volume grows will be the challenge. Complex algorithms to quickly compare biometrics have also been procured from specialist vendors to be run on this grid. "It has never been tried before, so it's the first time and Indians are attempting to do it with the next largest system only about 1/10th the size", says Dr Pramod Varma, Chief Architect, Aadhar.

3) Authentication: "Once the data comes into the CIDR it never leaves, its like a blackhole", quips Dr Varma. What he means is that in order to protect citizens' privacy, no data will actually leave the Aadhar servers. Outsiders can only "query" the database for a yes/no answer to authenticate someone who is quoting an ID, but cannot extract any other information. The authentication API (application programming interface) is publicly available on the Aadhar website, which means any programmer can build this querying ability into a software application in the future.