UPA government is pushing hard Aadhaar biometric ID scheme while bankers are complaining about the high cost of technology and how it is negating its benefits. Meanwhile, customers who ultimately pay the bill for these technology costs are not even being consulted and complaints about higher services charges have been ignored so far. Where are we headed?
Despite opposition from several quarters, including experts, academicians and bankers, the United Progressive Alliance (UPA) is enforcing its biometric-based unique identification (UID) for banking transactions. The government want banks to install/upgrade automated teller machines (ATMs) to facilitate the UID or Aadhaar's biometric identification. But this comes with a big price tag. What is worse, the authentication systems of biometric ATMs were once tried a decade ago and have failed, especially for the target group that massively high cost Aadhaar project claims to address -- namely those unbanked and underprivileged people who do not have identification documents.
According to a report in the Economic Times on Monday, the Unique Identification Authority of India (UIDAI) is pushing for biometric authentication for credit card and ATM transactions, but bankers are reluctant to make changes since technology costs are high. Bankers argue that upgrading every ATM and point of sale (PoS) terminal at thousands of merchant outlets will not come cheap, besides travails and risks of a new technology, says the report. But aren’t we forgetting something here? ATM with biometrics is not a new idea. It has been tried and discarded as a failure when the ATMs did not authenticate the biometrics of many underprivileged persons (during the pilot launch) and left them without access to their own funds, especially when banks were closed.
While use of biometric ATMs looks good on paper, its implementation so far has proved costly for the banks as well as for the end-users. On 1 December 2006, Citibank had issued a global release about the launch of its biometric ATM with multi-language voice instruction capability. It had tied up with a NGO called Swadhar FinAccess and a microfinance firm for Citibank Pragati for (no frills) accounts. The experiment ended in a whimper. (See more here : ) In fact, the drumbeat for biometric ATMs began in 2005 as suggested by this report in The Financial Express. In 2007, Andhra Bank had launched biometric ATMs and wanted to make the mobile, to cater to the burgeoning microfinance business.
Canara Bank set up its first biometric-based ATM at Dharavi, in Mumbai in 2008 with much fanfare. It was a dual purpose ATM, which accepted cards as well as thumbprints for banking transaction (mostly cash withdrawals). The biometric-based ATM was expected to cater to the needs of working class, especially housemaids and other people in Dharavi. In fact, even after the global financial crisis, the biometric ATMs and tie-ups continued because micro-finance firms were still seen as saviours and had not revealed their exploitative and rapacious side.
The ground reality turned out to be completely different. According to information provided by several non-government organisations (NGOs) spreading financial literacy in that area, the biometric ATMs in Dharavi failed from day one. The reason? Working class there, especially housemaids and other labours do not have fingerprints without which they could not operate the ATM!
Not having fingerprints is just one of the issues with the biometric-based ATMs. The more serious issue is the danger it may pose to the user as thieves may stalk and assault the person to gain access. If the item is secured with a biometric device, the damage to the owner could be irreversible, and potentially cost more than the secured property. For example, in 2005, Malaysian car thieves cut off the finger of a Mercedes-Benz S-Class owner when attempting to steal his car.
In addition, the biometric-based passwords are irreversible. That means it cannot be re-issued in case of loss or theft. If a token or a password is lost or stolen, it can be cancelled and replaced by a newer version. This is not naturally available in biometrics. If someone's face or fingerprint is compromised from a database, it cannot be cancelled or reissued.
Another problem associated with the biometric-based ATM is its cost, both installation and operations. The biometric-based ATMs, as proposed by the Reserve Bank of India (RBI) that would facilitate use to Aadhaar data, are more costly than the regular card-based ATMs. While consumers are increasingly complaining about reasonableness of bank charges, the banks themselves are lobbying hard with the RBI, claiming that high cost of technology is making each transaction very expensive. For instance, having encouraged and pushed to obtain corporate accounts of companies, banks are now cribbing about high transaction costs on small withdrawals from ATMs.
For instance, a senior central banker says that each balance inquiry at an ATM costs the bank Rs11 while each transaction costs around Rs18. However, this calls for a serious discussion on the cost-benefit of technology to consumers, since the solution cannot be to load higher costs on to consumers.
And while the UIDAI and RBI are still thinking about using Aadhaar number or fingerprints collected under the UID scheme, for authentication of transactions, the world has moved ahead. World over, fingerprint based ATMs are being replaced by biometric ATMs, which use ‘finger vein scanning’ technology to authenticate the customer's ID. Unlike current fingerprint scanners, the finger vein scanner, developed by Japanese company Hitachi, uses infrared light to analyse the micro veins beneath the surface of the finger. According to Hitachi, it is impossible to fool its machine, as it is not possible to replicate an individual's finger veins. In addition, it does not work with fingers that have been chopped off, the company had said.
In addition, several experts have pointed out that using Aadhaar for identification is completely different than using it for authentication. Especially, when it comes to using biometric data of Aadhaar for payment transactions, the facts are not too encouraging. Several poor people like housemaids and construction labourers are finding it difficult to even enrol for Aadhaar due to lack of a clean fingerprint sample. Some could not even submit sample of their iris due to cataract. In such cases, how will the Aadhaar help in authenticating the card present transaction? Also, why burden the entire banking system with high costs, which will have to be paid by hundreds of million account holders who have no need for biometric identification and have no reason to support biometric authentication systems?
Coming back to the issue of using Aadhaar or UID for authentication card present transactions, it looks good only on paper. As per the latest census, 58.7% households were availing banking services in 2011 as compared with 35.5% in 2001. Notwithstanding these efforts by the RBI and the financial sector, the challenges are enormous. Providing banking coverage to a population of 120 crore and ensuring transactions in these accounts is a daunting task.
According to National Payments Corporation of India (NPCI), at the end of October 2012, there were over 1.04 lakh ATMs in the country. State Bank of India (SBI) and its five units had installed 61,500 ATMs, while private sector and foreign banks put together have about 41,800 ATMs. Co-operative banks and regional rural banks have 1,150 machines. All the banks put together have plans to install about one lakh ATMs over a period of next two years, the NPCI said, noting that this will take up the average to 170 ATMs per million of population from the current 85. Nearly, 200 million transactions were processed every month in its national financial switch (NFS), of which 75% were cash withdrawal transactions with an average ticket size of Rs3,300, NPCI added.
While, the government and the RBI have asked banks to accept the Aadhaar number as one of the identification proofs for opening an account, the lenders are not sure about the authentication and verification of these numbers for payment system. The RBI itself was not confident about Aadhaar as it felt that the UID project is not ready for handling secure payment transactions.
According to the Economic Times report, there was a distinct possibility that RBI would ask banks to gradually roll out Aadhaar-based biometric authentication as an additional authentication for card transactions. RBI may not mandate banks immediately, but may nonetheless ask them to upgrade the technology. This is happening at such a time when banks are issuing credit and debit cards based on Europay, MasterCard and Visa (EMV) chip technology, the report said quoting a banker.
According to a report by a "Working Group on Securing Card Present Transactions" of the Reserve Bank of India (RBI), there is a need to put in place a series of measures to strengthen the payments’ infrastructure and ecosystem in the country. Inferences drawn from case studies clearly indicate the need to have a much stronger authentication mechanism and reiterate the need for a second factor (2FA) for card present transactions.
The report discusses new systems like EMV chip cards with PIN that has been adopted by many countries and enhancing the current MSD card system with help from biometric identification.
"Aadhaar (issued by UIDAI) authentication using biometrics, provides a strong 'Who you are' factor of authentication. This can be combined with a second 'What you have' or 'What you know' factor to achieve strong customer identification at the point of sale," the report said.
While the option to use biometrics from the UIDAI database looks good, it may, in practice, due to insufficient feasibility tests, may not be a viable option. "The working committee considered biometric, or UID, as the second factor in one of the solution sets; however, the decision to adopt this would depend on various factors like the number of UIDs issued to the population which transacts through cards, the error rates, authentication network capability to handle transaction volumes, network capability to handle enhanced transaction size and acquiring infrastructure," the report said.
According to the Economic Times report, another working group set up to study the recommendation of the previous group has recently submitted its report to the RBI. “(the) panel has pegged the cost of banks' readiness for Aadhaar at Rs4,259 crore compared with Rs3,556 crore the banking industry has to spend to upgrade machines to match a different technology they think lowers the risk of card frauds,” the report says.
Another more serious question about UIDAI is the ownership of data collected by the agency. According to Dr Usha Ramanathan, an independent law researcher, who has been critically following the policy and practices of the UIDAI since 2009, those enrolling on the UID database have not been informed that their Aadhaar data is to yield profit for the UIDAI, Rs288.15 crore a year and its only investor, the government, does not even own the data.
“As set out in the Nilekani-chaired Technology Advisory Group on Unique Projects (TAG-UP) report, the data we think we are giving to the government is to end up on the database of what will be in the nature of a private company once it reaches steady state. When it is still a start-up, and till it reaches steady state at least, it will be funded by the government. After that, the government, like other commercial service providers, will become the customer of the UIDAI,” she said.
Unfortunately, instead of addressing all the problems related with the Aadhaar, the UPA government is forcing its usage and acceptance, that too without any Parliamentary approval for the UIDAI scheme. The hard push for biometric ATMs is just one of the examples about how technology is being used to exclude the needy, without even thinking about the cost.
President Obama has repeatedly said the US is targeting Al Qaeda and "associated forces." But the US government is reluctant to reveal these 'forces'
In a major national security speech this spring, President Obama said again and again that the U.S. is at war with “Al Qaeda, the Taliban, and their associated forces.”
So who exactly are those associated forces? It’s a secret.
At a hearing in May, Sen. Carl Levin, D-Mich., asked the Defense Department to provide him with a current list of Al Qaeda affiliates.
The Pentagon responded – but Levin’s office told ProPublica they aren’t allowed to share it. Kathleen Long, a spokeswoman for Levin, would say only that the department’s “answer included the information requested.”
A Pentagon spokesman told ProPublica that revealing such a list could cause “serious damage to national security.”
“Because elements that might be considered ‘associated forces’ can build credibility by being listed as such by the United States, we have classified the list,” said the spokesman, Lt. Col. Jim Gregory. “We cannot afford to inflate these organizations that rely on violent extremist ideology to strengthen their ranks.”
During the May hearing, Michael Sheehan, Assistant Secretary of Defense for Special Operations and Low-Intensity Conflict, said he was “not sure there is a list per se.”
Describing terrorist groups as “murky” and “shifting,” he said, “it would be difficult for the Congress to get involved in trying to track the designation of which are the affiliate forces” of Al Qaeda.
Sheehan said that by the Pentagon’s standard, “sympathy is not enough…. it has to be an organized group and that group has to be in co-belligerent status with Al Qaeda operating against the United States.”
The White House tied Al Qaeda in the Arabian Peninsula and “elements” of Al Shabaab in Somalia to Al Qaeda in a recent report to Congress on military actions. But the report also included a classified annex.
Jack Goldsmith, a professor at Harvard Law who served as a legal counsel during the Bush administration and has written on this question at length, told ProPublica that the Pentagon’s reasoning for keeping the affiliates secret seems weak. “If the organizations are ‘inflated’ enough to be targeted with military force, why cannot they be mentioned publicly?” Goldsmith said. He added that there is “a countervailing very important interest in the public knowing who the government is fighting against in its name."
The law underpinning the U.S. war against Al Qaeda is known as the Authorization for Use of Military Force, or AUMF, and it was passed one week after the 9/11 attacks. It doesn’t actually include the words “associated forces,” though courts and Congress have endorsed the phrase.
As we explained earlier this year, the emergence of new or more loosely-aligned terrorist groups has legal scholars wondering how effectively the U.S. will be able to “shoehorn” them into the AUMF. During the May hearing, many lawmakers expressed concern about the Pentagon’s capacious reading of the law. Sen. John McCain, R-Ariz., described it as a “carte blanche.”
Obama, in his May speech, said he looked forward “to engaging Congress and the American people in efforts to refine, and ultimately repeal, the AUMF’s mandate.” But he didn’t give a timeframe. On Wednesday, Rep. Adam Schiff, D-Calif., introduced an amendment that would sunset the law at the end of 2014, to coincide with the U.S. withdrawal from Afghanistan. It was voted down the same day, 185 to 236.
The AUMF isn’t the only thing the government relies on to take military action. In speeches and interviews Obama administration officials also bring up the president’s constitutional power to defend the country, even without congressional authorization.
The SC has sought replies from the Centre and RIL on a PIL filed by CPI MP Gurudas Dasgupta, who has alleged that no due diligence was done by the government while increasing the prices of natural gas
The government’s decision to raise the prices of natural gas came under judicial scrutiny with the Supreme Court on Monday agreeing to examine the matter and issued notices to the Centre and Reliance Industries (RIL).
A Bench headed by Chief Justice P Sathasivam has sought replies from the Centre and RIL on a PIL (public interest litigation) filed by CPI MP Gurudas Dasgupta, who has alleged that no due diligence was done by the government while increasing the prices of natural gas.
It said that the issue raised by the senior member of Parliament needs examination and the petition cannot be rejected at the initial stage.
The court directed the parties to file their replies within four weeks and posted the matter for further hearing on 6th September.
The government has decided to increase the prices of natural gas from $4.2 per million British thermal unit (mBtu) to $8.4 mBtu from 1 April 2014.
The new $8.4 mBtu price, which will be reviewed every three months, will uniformly apply to all gas producers, including state-owned firms like Oil India and Oil & Natural Gas Corporation and private companies like RIL.
Senior advocate Colin Gonsalves, appearing for the MP, submitted that the decision to raise the price needs to be reviewed as the Petroleum Minister has over-ruled the opinion of senior officers of the ministry and his predecessor.
Dasgupta, who was present during the hearing, told reporters after coming out of the courtroom that he had to file the PIL as the Prime Minister failed to take any action on his complaint given to him.