Can I have two Aadhaar numbers?

No.

An Aadhaar number is unique. The uniqueness works two ways, as I explained in So, what is so unique about Aadhaar:

  1. I and only I have that artifact, and no one else – no two person has the same artifact (an artifact can be anything to identify me – a name, number, visual/barcode, etc).
  2. The artifact belongs to me and I have no other artifact – no person has more than one artifact.

One can apply/enroll multiple times – however, since the Aadhaar number is issued against the biometrics of the person (which is unique), only one Aadhaar number would be issued. Ever.

There are various scenarios why a person can apply multiple times:

  1. The person may have forgotten he had applied earlier.
  2. The person may have lost his earlier enrolment details, and goes to enroll again.
  3. No Aadhaar number has been issued against the enrolment as the enrolment got rejected due to:
    1. Enrolment data was not uploaded properly by the operator.
    2. Data quality was not proper. Maybe the biometrics capture quality was not sufficiently good.
    3. The paper documents given may have failed the quality check of the Aadhaar issuing authority (UIDAI).
    4. The enrolment may have been rejected for any unspecified reason by Aadhaar issuing authority.
  4. One may have nefarious motives, and may try to get multiple Aadhaar numbers to create multiple identities.

However, Aadhaar cannot be created like a Driving licence. One person, though, tried to do the same. In this story, a person enrolled twice for Aadhaar, the second time using fake documents. Since the Aadhaar software does not know which is a false document and which is a true document, it merely issues Aadhaar to the first instance that passes through it (and qualifies their internal quality check). By happenstance, Aadhaar got issued against his false documents (because the data of the second enrolment was uploaded and processed before the other enrolment data). So, here is a gentleman who is stuck with a false identity. Since, he has now to compulsorily connect his PAN card, his mobile connection, his bank accounts and everything else with his Aadhaar (and Govt. is pushing hard for it), he won’t be able to connect anything, as the Aadhaar has wrong details.

As soon as this case to the notice of UIDAI (which must have been during the quality check when the second enrolment data was scrutinized against another Aadhaar number that had already been issued), legal action was taken and an FIR was lodged. The man faces upto three years in jail.

The newspaper article claims that the the man is now stuck with his false Aadhaar number for life. That he would have to change his name and restart his life. This is incorrect. Now that UIDAI knows that an Aadhaar number has been issued wrongly, his Aadhaar number would be withdrawn. Upon re-enrolment, he would be issued a fresh Aadhaar number. However, he would have to face the consequences for forgery, and action under Indian Penal Code as well under the Aadhaar Act would be taken against him. For all we know, he would get his valid Aadhaar number in jail! (Aadhaar is available to everyone who are habitually resident in India, even foreigners and convicted prisoners, but not illegal immigrants).

However, children below five years of age can have two or more valid Aadhaar numbers.

How can children get two or more Aadhaar numbers?

If you are reading this, chances are you are an adult. In which case your Aadhaar enrollment process is very different from that of a child below five years of age. Children of this age group (and there is no lower age limit – a baby can be enrolled as soon as it is born) are enrolled through a much shorter process. The following are the salient features of this process:

  1. Enrolment is online, and data is uploaded on real-time basis. Enrolment cannot take place if there is no internet. Adult enrolments happen on offline device.
  2. Enrolment is done with a tab and a fingerprint scanner. Total device cost is below Rs. 10,000. Being small in size and weight, they can be moved about more easily.
  3. During enrolment, only the photo of the child is taken. Fingerprints and iris scans are not taken. There is no detailed application process. Consequently, enrolment time is about 5-7 minutes, as against adult enrolment time of 20-30 minutes.

However, the real difference is the Aadhaar issuing process. In the case of an adult, fingerprint and iris scans are taken, and are tied to the person/number. If he tries to enroll multiple times (like in the case above), the server would check the new biometrics against the old ones (technically called de-duplication), and refuse a new number as one has already been issued. As I said earlier, Aadhaar number is truly unique – and it works both ways.

In the case of children below five years, no biometrics are taken. The child is tagged/mapped against the Aadhaar number of either its mother or father (in other words, the father or mother must have a valid Aadhaar number before a child below five years can be enroled, and he or she must be present during the child’s enrolment). Further, giving a name of the child during the enrolment is also not mandatory (imagine this – a baby of two days can be enrolled on Aadhaar, but he may not have a name yet). Thus, the same child can be enrolled – either by mistake or by mischievous design – more than once. The poor Aadhaar server would merely think that two separate children of the parent has been enroled. Further, if mother goes for enrolment once and the father in the next, Aadhaar server would merely think they are two separate babies (Aadhaar server does not know that the mother and father are related, or that they are wife and husband). In other words, since no biometrics are taken, no de-duplication is done while issuing Aadhaar number to a child below five.

This is so by design. Small children do not have fully formed biometrics, and they can change fast. The logistics of taking the biometrics and then updating them is huge – remember, we are a big country and there are many children here.

So, don’t be alarmed if there are two or more Aadhaar numbers for a child below five years. As soon as the child turns five, he shall have to update his Aadhaar number and give his biometrics. Now, he can have only one number – thus, after five years of age, one of his Aadhaar numbers would become infructuous.

Did you know?

A child below five having an Aadhaar would have to update his Aadhaar biometric details twice – once when he turns five, and again when he turns fifteen. As per present rules, no biometric detail needs updating if an update/enrolment has been done after fifteen years of age.

But don’t bank on this rule for staying put long. I am sure UIDAI is going to come up updation rules in a while…

 

Sakshi Dhoni ko gussa kyon aata hai?

Cricketer Dhoni getting his Aadhaar updated

सवाल है, साक्षी धोनी को गुस्सा क्यों आता है?

If you are the reading type, you would have come across this news: cricketer Mahinder Singh Dhoni goes to a Aadhaar shop to get his Aadhaar updated. The operator clicks a photo to capture his famous moment, and posts it online. He (presumably) clicks a photo of the online application of the update screen and shares with […] and it reaches his company HQ (in this case, a Govt. body called CSC SPV). The company boss, in a gloat-moment, uploads it on Twitter. On the other hand, the photo of Dhoni visiting the update centre is also shared by the IT minister in Govt. of India. The hapless wife of the cricket, Sakshi Dhoni, now expresses her angst: “Is there any privacy left? Information of Adhaar card, including application, is made public property,” she said. When she brings it to the notice of the IT minister regarding the release of the Aadhaar update application screen, he took it seriously and promised swift action: “Thanks for bringing this to my notice. Sharing personal information is illegal. Serious action will be taken against this.”

Action came the next day. The Aadhaar shop (a Common Service Centre under CSC SPV) is banned for 10 years. The poor fellow got punished for his moment with the famous guy.

Question is, is it a privacy leak that the application got leaked? Yes.

Then, is the Aadhaar operator liable for it, or the person who uploaded it on the Official Twitter head of the CSC SPV (which would have happened with management support)? Probably both, but the person who put it on public domain is more liable (do not that WhatsApp is private domain but Twitter is public domain).

Further, is the photo of Dhoni visiting the shop being leaked a privacy concern? Well, no. Mrs. Dhoni accepts as much when she replies to the IT minister that she is more angry about the application form being leaked than the photo her husband in the shop.

The way I see it, it is purely a collateral damage of celebrity status. A celebrity does not have any effective right to privacy. It is true that there is no explicit bargain that a celebrity makes with the society, but it is implicit. I lose my privacy for being famous. Mundane things of famous people are matter of curiosity among general people. It is undoubtedly true that uploading the application form of Dhoni on the public domain is illegal and foolish (it serves no purpose). However, the uploading was done precisely because of the fame quotient of Dhoni – the Aadhaar operator did not upload your or my application.

And therein lies the pitfalls of being famous. Do note, it has got nothing to do with Aadhaar or the security of Aadhaar.

Epilogue:

Lakshman: How secure is Aadhaar if an operator can upload someone’s application?

Rama: How secure is Coca Cola’s secret sauce formula, if the person holding it uploads it on the internet?

Hmm….

 

So, what is so unique about Aadhaar?

When we have less number of people, we can remember people from their names and faces. We still do, like inside our home. We may know the names and faces of a few more, outside our homes. But then humans have a way of increasing their numbers, and we have too many of them now. Today (2017), the estimated population of India is around 134 crores (1340 million).

And how big are the India states? Well, Economist has done a wonderful study, and the results are instructive (click the population tab in the visual below).


Simply put, India is larger than many, many countries put together.

So, how do you provide unique identities to so many people together? Have we not tried to do such things earlier? What do we mean by unique?

What is unique about the Unique ID?

Let’s deal with the unique bit first. Unique means “being the only one of its kind; unlike anything else”. If I have some identity artifact (number, card or anything else), it means two things:

  1. I and only I have that artifact, and no one else – no two person has the same artifact (an artifact can be anything to identify me – a name, number, visual/barcode, etc).
  2. The artifact belongs to me and I have no other artifact – no person has more than one artifact.

In other words, the uniqueness rides both ways. Let’s take real world examples to examine both cases:

  1. Let’s same my name is ‘Arjun Singh’. I can take a Driving License from ‘A’ RTO. So can another person named ‘Arjun Singh’. Thus, just the name does not give uniqueness. It is other pieces of information on the Driving License that provide uniqueness, like the DL number which would be unique to the ‘A’ RTO. In this case, Aadhaar is truly unique. Being a 12 digit number, there are 999,999,999,999 (999 trillion) possible combinations – there is no need to provide one number to two persons to accommodate in the database. In fact, Aadhaar number is issued not just for life, but even beyond life – your Aadhaar number is or will not be re-allotted to anyone else after you die. The number will just lie in some suspended account after your death is registered with UIDAI or some other Aadhaar connected database at some point of time (UIDAI won’t know when someone has died unless it is reported to them. Probably, the Birth and Death Registration System would be compulsorily seeded with Aadhaar soon to make that happen).
  2. Aadhaar ensures that I cannot have two Aadhaar numbers. Since Aadhaar is issued against my biometrics (ten finger prints and two iris prints) that are unique to me, and since only one Aadhaar number will ever be generated against those biometrics (that uniquely identifies me), Aadhaar is built up to be unique. Even if I want, I cannot get two Aadhaar numbers. A case in point is where a man tried to register twice on Aadhaar, the second time with forged documents. Only one Aadhaar was issued, incidentally, against the enrolment with forget documents. While most of the details given in the newspaper report are incorrect, it does point out the scenario where one person tries to get two Aadhaar numbers. However, it is easy to get other identity documents, with or without forged documents. For instance, you can get an identity or other document against real papers where the various databases are not talking to each other. For instance, many people have two or more Driving Licenses (that they use when one is confiscated or cancelled), or two or more Ration Cards (wherein they draw benefits in as many locations as they have cards). Aadhaar makes this impossible. As soon as you marry Aadhaar with these databases (through a process called Aadhaar seeding), those databases can also ensure that no duplicate entries are there (a process called de-duplication).

This is the conceptual framework that provides uniqueness to Aadhaar.

How else is Aadhaar so unique?

There are other levels of uniqueness in the Aadhaar project.

  1. This is conceived as a project that seeks to provide a standard identity document to all residents (as distinguished from citizens – do remember, Aadhaar is a proof of residence, and not citizenship).
  2. All residents is a huge number – about 134 crores (as per 2017) to be precise. This makes it the largest centralised identity system. Further, it is also based on biometrics. Hence, it is also the largest biometrics based identity system.
  3. Without going into the details of it, this is the technologically most sophisticated identity system. But to be fair, since Aadhaar is the latest such notable system, we have been able to leverage the latest technology that would not have been available to earlier systems.

So next time you say Aadhaar is unique, you can really explain why it is really unique.