Aadhaar Authentication Failure in the Public Distribution System of Andhra Pradesh

Transcription

1 DIRI Data Brief: 01 Aadhaar Authentication Failure in the Public Distribution System of Andhra Pradesh Siddharth Sekhar Singh and Ashwini Chhatre April 2018 Key Facts The average Aadhaar authentication failure rate for Andhra Pradesh s Public Distribution System in December 2017 was 2.5%. There was significant geographic dispersion in the failure rate. In particular, Vishakhapatnam (3.2%) and Vizianagaram (3.5%) had the highest failure rates. In absolute numbers, 94,030 ration cards failed Aadhaar authentication in December East Godavari district had highest number of failures (14,307). Biometric mismatch is the leading cause of the authentication failure in the state, accounting for 92% of the authentication failures. 5,264 ration cards were found to fail authentication both in November and December Study Methods and Data Sources Data from the Aadhaar enabled Public Distribution System (AePDS), Department of Consumer Affairs Food & Civil Supplies Government of Andhra Pradesh was used for this analysis. AePDS is online portal containing data uploaded from epos devices used in fair price shops (FPS) for distribution of subsidized food grains. This website is updated daily. For further information about AePDS, including the data, visit the AePDS website at: All the data for the analysis was scraped from the website for the period of 1 st to 16 th December 2017 Summary The Public Distribution System (PDS) in Andhra Pradesh uses Aadhaar to authenticate the identity of its beneficiaries. The authentication takes place at the Fair Price Shop (FPS), wherein an individual eligible to receive subsidized food grains is required to furnish proof of possession of a ration card and must undergo biometric-based Aadhaar authentication. The focus of this study is to examine the fingerprints-based Aadhaar authentication of ration card holders in Andhra Pradesh for the first fortnight of December The Aadhaar authentication attempts for 3.77 M ration cards were made in Andhra Pradesh s PDS between 1 st and 16 th December Out of these, 94,030 ration cards failed Aadhaar authentication. The highest number of authentication failures occurred in the East Godavari district, with 14,307 authentication failures. The average authentication failure rate for the state (of all active cards) was 2.5%. Several reasons for failure of biometric-based authentication include biometric mismatch, invalid Aadhaar number, invalid biometric status, and missing biometric data in Central Identity Data Repository (CIDR) etc. Among these, around 92% of the authentication failures were caused due to biometric mismatch, placing it as the leading cause of Aadhaar authentication failure in the state. Interestingly, the study of distribution of failures at the sub-district (mandal) level suggests that the number of authentication failures are not tightly correlated with the number of ration cards. Biometric mismatch could occur due to number of factors, including improper collection of biometrics during authentication, foreign material on finger or the surface of scanner, low finger image quality etc. The current error reporting mechanism adopted by UIDAI does not clearly specify which of these factors caused biometric mismatch resulting in repetitively failed authentication attempts by the beneficiaries. Improvements in the authentication error reporting mechanism is therefore suggested, so that the resident can know clearly the exact reason for the authentication failure. Further, given the high prevalence and uniform geographic spread of biometric mismatch, a more detailed study of this cause of failure is required. One possible solution to bring down the number of biometric mismatches could be to make best finger detection (BFD) compulsory for all the eligible beneficiaries. BFD is a methodology of identifying the finger(s) of a resident with the best biometric details, done using BFD Application programming Interface (API) provided by UIDAI. Keywords: Aadhaar authentication; Public Distribution System: Andhra Pradesh; Biometric mismatch

2 1. Background The Public Distribution System (PDS) in Andhra Pradesh is Aadhaar-enabled. To receive their food entitlements, beneficiaries must establish their identity utilizing the Aadhaar authentication framework. The authentication takes place at the Fair Price Shop (FPS), wherein an individual eligible to receive the subsidized food grains is required to undergo Aadhaar authentication. The ration card issued to a household is linked to its members Aadhaar numbers. The total number of active ration cards in the state is around 12M. East Godavari and Guntur have over 1.4M ration cards each. Guntur district has the highest number of fair price shop (FPS) outlets (2,394), followed by East Godavari (2,136). Aadhaar authentication enables residents to prove their identity based on their demographic and biometric information captured during Aadhaar enrolment. Aadhaar authentication in PDS was introduced to make the process of identification (a) convenient, by avoiding the need of multiple identity documents and (b) accurate, by using biometrics to authenticate the identity of the beneficiary. Aadhaar authentication is also expected to bring in transparency and efficiency in the PDS by curbing corruption and leakages. It should be understood that the Aadhaar authentication system is not a 100 percent accurate system, irrespective of the modality selected for authentication. Aadhaar authentication attempts may result in failure due to several reasons. These are termed as authentication failure errors and are logged in the Aadhaar enabled PDS (AePDS) information system of the Andhra Pradesh civil supplies department. This data brief examines biometric-based Aadhaar authentication trends for ration card holders in Andhra Pradesh for the first fortnight of December Key Findings 2.1 Aadhaar authentication failure was highest in East Godavari The Aadhaar authentication attempts for 3.77 M ration cards were made in Andhra Pradesh s PDS between 1 st and 16 th December In that, about 94,030 ration cards failed authentication during the same period. Of all 13 districts of Andhra Pradesh, East Godavari had the highest number of Aadhaar authentication failures (14,307 ration cards), followed by Visakhapatnam (10,068) and Vizianagaram (7,348) (see Figure 1). Authentication Failures ,307 East Godavari and Guntur have over 1.4M ration cards each. Guntur district (2394) has the highest number of FPS outlets followed by East Godavari (2136). Figure 1: Aadhaar authentication failure Andhra Pradesh Public Distribution System 2.2 Aadhaar authentication failure rate was highest in Vizianagaram (3.5%) and Vishakhapatnam (3.2%) districts The average authentication failure rate (of all active cards) for the state was 2.5%. Failure rates of four districts are above the state s average, namely Vizianagaram (3.5%), East Godavari (3.1%), Vishakhapatnam (3.2%) and Srikakulam (3.1%). (Figure 2). 1

3 Total Authentication attempts Total Authentication failure rate Measure name Authentication Failure rate Total Authentication Attempts Figure 2: District-wise total Aadhaar authentication attempts and failure rate. 2.3 The leading cause of authentication failure is biometric data mismatch Several reasons were identified for the failure of Aadhaar authentication, including biometric mismatch, invalid Aadhaar number, invalid biometric status and missing biometric data in CIDR. Among these, about 92% of the authentication failures were caused solely due to biometric mismatch (92%), placing it as the leading cause of authentication failure in the state (Figure 3). Biometric mismatch could happen due to several reasons. For example, the Aadhaar holder gives biometric information (fingerprint/iris) on a scanner but the information is not identified by the Aadhaar database. This could be due to factors such as dry/oily finger, humidity, foreign material on scanner, or poor NIST 1 Fingerprint Image Quality (NFIQ 2 ). Apart from the factors listed above, authentication failures also resulted due to reasons such as Aadhaar cancelled, locked biometrics, and technical errors (Figure 4). The most common of these three is Aadhaar cancelled (0.2%), thus requiring the resident to re-enroll for a new Aadhaar number. Locked biometrics (0.16%) lead to authentication failures when Aadhaar card holders unwittingly lock their Aadhaar biometrics, unaware of the fact that authentication will fail if the biometrics are locked. Finally, technical reasons (0.35%) for authentication failure includes duplicate requests. Since a large share of authentication failures are attributed to a single cause (i.e. biometric mismatch), a more detailed study of the factors that influence mismatch of beneficiary biometrics is required. 1 National Institute of Standards and Technology (NIST), a measurement standards laboratory and a non-regulatory agency of the United States Department of Commerce. 2 E.Tabassi, C.L.Wilson, C.Watson. NIST Fingerprint Image. Quality NISTIR

4 Ration cards failed Other reasons* Resolution: Resident must re-enroll Resolution: Resident must unlock the biometric Resolution: Resident must try again Resolution: AUA must review biometric device Biometric data did not match Reason for Authentication failure Biometric data did not match (92%) Invalid Aadhaar number (1.25%) Invalid Aadhaar status (1%) Missing Biometric data in CIDR (5%) Other (0.75 %) Figure 3: Components of the total authentication failure Other reasons* Aadhaar cancelled Biometrics locked Duplicate request Technical reasons Figure 4: Other reasons of authentication failure 2.4 Distribution of authentication failure in Sub-district (mandals) About 55% of mandals in the state have less than twenty thousand ration cards and remaining mandals have above twenty thousand ration cards. Visakhapatnam (Urban) has highest number of ration cards (0.4M) (Figure 5(a)). Each mandal in the state has an average of 35 active fair price shops (FPS). Authentication failures for every 10 ration shops in a mandal was found highest in Visakhapatnam Urban (Circle I, II, and III) (280) followed by Kakinada, East Godavari (176) (Figure 5(b)). About 35% of all authentication failures (per 10 FPS) in the mandals of the state is localized in four districts (Figure 5(b)), namely East Godavari, West Godavari, Srikakulam and Vizianagaram. Moreover, we observe that authentication failures are not tightly correlated with the number of ration cards (Figure 5 (a) & (b)). Figure 6 identifies districts which have high variation in authentication failure across mandals in the district. For example, East Godavari and West Godavari have approximately the same number of active ration cards across the mandals, but East Godavari has mandals with higher authentication failure. Hence, we need to anlayse the factors resulting in different failure rates for mandals with approximately similar number of ration cards and PDS shops. Districts Number of ration cards k 21k -100 k 101k -392k Figure 5(a): Ration cards in mandals Districts Authentication failure per 10 FPS Figure 5(b): Authentication failures across mandals Districts Authentication failure per 10 FPS

5 Figure 6: Total Authentication failures (per 10 fair price shops) across mandals 2.5 Aadhaar numbers may fail biometric authentication About 5,264 ration card holders failed authentication in both November and December 2017 (Figure 7). The leading cause of authentication failure for this subset of ration cards was biometric mismatch (86%), followed by missing biometric data in CIDR (8%). This could be an indication of poor biometric quality during enrollment. 3. Policy Implications Failure reason Biometric data did not match Invalid Aadhaar status Missing Biometric data in CIDR Other Figure 7: Aadhaar numbers frequently failing in authentication It is interesting to note that about 92% of authentication failures in December 2018 were caused due to biometric mismatch. Biometric mismatch could occur due to numerous factors including improper collection of biometrics during authentication, foreign material on finger or the surface of scanner, low NFIQ value of scanned fingers etc. The current error reporting mechanism adopted by UIDAI does not clearly specify which of these caused the first authentication failure. Instead, it only specifies the generic term biometric mismatch. Hence, it is more time consuming for residents to authenticate in their following visit. We therefore suggest improvements in the error reporting mechanism of the authentication API, so that the resident knows clearly the exact reason for the authentication failure. 4

6 Moreover, given the high prevalence and uniform geographic spread of biometric mismatch in Aadhaar authentication, a more detailed study of this cause of failure is required. One possible solution to bring down the number of biometric mismatches could be to make best finger detection (BFD) compulsory for all the eligible beneficiaries. BFD is a methodology of identifying the finger(s) of a resident with the best biometric details. This identification is done using BFD API, a set of programming library used to implement the BFD algorithm. This service could be made available at common service centers set up by state governments for delivering government-to-citizen services at a minimal or no cost. The purpose of using BFD is to enable the resident to exactly know which of their finger is best suited for biometric authentication thus making the process of biometric authentication more convenient. 3.1 Future Research This data brief seeks to establish a foundation for identifying issues surrounding the Aadhaar enabled public distribution (AePDS) in Andhra Pradesh and while doing so we were able to pose some questions for further research in following areas: 1. Using the entitlement allocation and authentication failure data, create a coherent story of how people access the AePDS (Aadhaar enabled PDS) in Andhra Pradesh. 2. Identify physiological and technical reason that lead to Biometric Data Mismatch and whether best finger detection (BFD) can minimize the instances of this particular authentication failure. 3. Identify reasons for variation in authentication failure across mandals with similar number of beneficiaries. 4. Using the authentication failure and demographic data (age, location, occupation etc.) identify geographies/communities/occupations/locations that are more prone to authentication failure. 5. Study the utility of alternative mechanisms (e.g. OTP based authentication, Iris scanner, manual allocation etc.) of authentication of beneficiaries for allocation entitled benefits. About DIRI This data brief was prepared by the Digital Identity Research Initiative (DIRI), which was launched in July 2017 with funding from Omidyar Network. DIRI is aimed at producing high-quality and timely research on digital identity, engaging relevant stakeholders, and building a global research ecosystem for digital identity. In addition to such briefs, DIRI s activities include Research Fellowships, Summer Fellowships, and the International Conference on Digital Identity (11-13 July 2018). For more information, visit Digital Identity Research Initiative (DIRI) Indian School of Business, Gachibowli, Hyderabad ; Phone: diri@isb.edu Copyright 2018 Indian School of Business: All rights reserved. 5