These are the findings of a 2018 World Bank Identification for Development Initiative report that highlights global identification challenges.
A country’s identification system is the backbone for effective delivery of public and private services.
Governments across the world are exploring ways to develop a multipurpose foundational ID system in which individuals receive a unique identifier that they can use for identity assertion and verification.
This is where the Modular Open Source Identity Platform (MOSIP) comes in.
The MOSIP story began when the World Bank approached the International Institute of Information Technology-Bangalore (IIIT-B), a technology university in Bengaluru, for an open-source foundational identity system on which national IDs could be built.
Discover the stories of your interest
MOSIP is a modular and open-source identity platform that helps user organisations such as governments implement a digital, foundational ID in a cost-effective manner.
So far, more than 71.7 million people are registered on MOSIP-based systems across the globe.
The foundational ID is intended to be used for access to a wide variety of government and private services.
As countries consider how best to build foundational ID systems, they face several policy and technological choices.
Once these choices are made, countries often grapple with some common implementation challenges. These include ensuring uniqueness in the system, interoperability, privacy by design, reaching scale, avoiding vendor lock-in and maintaining affordability.
In response to these challenges, the IIIT-B is anchoring the MOSIP project since 2018 as a global public good, Professor Debabrata Das, director of IIIT-B and chairman of the executive committee of MOSIP, told ET.
This is an effort that is being funded by the Bill & Melinda Gates Foundation (BMGF), Tata Trust, Omidyar Network, Pratiksha Trust, and Norwegian Agency for Development Cooperation (Norad), which have cumulatively provided Rs 150 crore.
co-founder Kris Gopalakrishnan’s Pratiksha Trust has also committed $1 million to the project.
“The project mainly started due to the success of Aadhaar, which became globally renowned, as many citizen-centric services were based on it. When the World Bank approached the government for Aadhaar, it could not be shared as it was a proprietary technology. Then it approached IIIT-B to develop an equivalent of Aadhaar,” Das said.
The Unique Identification Authority of India (UIDAI) was set up to issue Unique Identification Numbers (UID), named Aadhaar, to all residents of India.
MOSIP was created because of its customizability, configurability, and modularity, Kanwaljit Singh, senior program officer, financial services for the poor, BMGF, told ET.
BMGF has contributed $10 million to MOSIP so far.
“The issue was Aadhaar was customized to the Indian context. Aadhaar was built for a scale of a billion people,” Singh said.
All the design choices that went into Aadhaar were made with India in mind.
The design choices must be very different when designing a system that should work for a country with a population of one million to a country whose population is 100 million, he added.
MOSIP is currently being used in countries with populations as diverse as Sri Lanka, Togo, Guinea, Ethiopia, Morocco, the Philippines and Sierra Leone.
“Because it doesn’t have to work for a billion people, or it must be working at a small enough scale so that it can be speedy, scalable, and efficiently deployable. And it must be customizable,” Singh said.
For example, the population of Samoa is 300,000, Maldives is 550,000, and Bermuda 72,000, for which IIIT-B is trying to develop different ID systems like MOSIP Lite because these countries don’t need huge data centres and the cost per head can be brought down.
So far, in the Philippines, 71 million citizens have been registered using MOSIP, of which 50 million have been issued identity cards. In Morocco, out of a population of 36 million, 150,000 have been issued unique identity numbers.
Custom-built
Customising the system to a local context is unique to MOSIP.
In Morocco, for instance, the whole system had to be customized to local needs because the predominant language there is Arabic.
Moreover, ID systems must comply with local legislation.
The Philippines is a country of 7,000 islands and seamless internet connectivity was a challenge. Similarly, Morocco also had remote mountain areas where mobile networks were a challenge.
So, IIIT-B came up with offline authentication where the ID is downloaded in low-end Android phones as a QR code, and this could be shown to shopkeepers or banks.
They could locally authenticate without having to go to a server in the absence of a mobile network.
In the works is a selfie-based authentication system for the elderly to avail of pension, which Morocco has specifically requested.
“While it is left to the countries whether to capture biometrics or not, the uniqueness of a person can be captured only with biometrics. Other identifiers like name, date of birth and address, can be given by multiple people,” Professor S Rajagopalan, president, MOSIP, IIIT-B, told ET.
Countries can issue identification numbers without biometrics, too.
In Morocco, for example, only the face and the iris scans are captured.
Under Moroccan law, fingerprints have to be captured only by the police.
In the Philippines, fingerprints, iris and face scans are captured.
Voice biometrics is an area that is still being tested, which will be rolled out in about two years.
“There are one billion people in the world who have no way of proving who they are. And this is a dire and urgent need. There are 1.7 billion people who are excluded from the formal financial system, and one of the reasons for that exclusion is their inability to prove who they are,” Singh of BMGF told ET.
Omidyar Network, one of the initial backers, has so far provided $4 million to MOSIP.
The grant agreement was for four years, and Omidyar Network is evaluating how to continue supporting the project once the agreement ends this year.
“There was a need for a large-scale digital identity technology architecture because many countries wanted to replicate the India example, particularly in Africa,” Govind Shivkumar, director, responsible technology, Omidyar Network, told ET.
Historically, most technology vendors were private proprietary companies.
“Many African and other countries have had issues with their data being locked in with a specific vendor and hence there was a need for an open-source digital identity platform,” he said.
The principles of a good ID system are inclusivity, accountability, privacy, and security. MOSIP has technological attributes built in to avoid abuse of these principles.
The virtual ID feature offered by MOSIP enables a revocable identity and prevents stealing of identity as the unique identification number stays with the individual and the government. It is not shared with a third party. Instead, a virtual ID is shared, which can be revoked after a certain period.
“We have had many cases where MOSIP has refused to work with certain actors and Omidyar Network has supported that because some of the human rights attributes, democratic values, privacy and security attributes, were not there,” Shivkumar said.
The Alan Turing Institute, UK’s national institute for data science and artificial intelligence, has looked for vulnerabilities in MOSIP’s code and fixed them, he added.
Singh of BMGF said that there had been a big inefficiency in how ID systems were being built. One of the biggest problems that African countries had was a lack of an ID system.
Uganda, Nigeria, Samoa, and Tunisia are among countries that have shown interest in MOSIP.
The possibility of vendor lock-in at the hands of the private sector was leading to many inefficiencies and ultimately “it was the money of the people that was being wasted,” he said.
“So, the Foundation felt that there was a need to fund an open-source digital public infrastructure which many governments could take and implement, customize it to their local conditions and then use it to provide service to their people. So, MOSIP was designed with that in mind,” Singh added.
The ID systems should be designed not only to include the poor, but also to benefit them, by addressing the risks of exclusion, he pointed out.
The idea was to set an example based on principles of code identification, security, privacy, ethics, and fairness. “Many countries have come forward and we are seeing more demand for MOSIP as it goes out into the world,” he said.
MOSIP has more than 60 commercial partners from system integrators, software providers to biometric device providers. “So, it’s really an ecosystem approach. You really need the private sector,” Singh added.
Zero knowledge architecture
Any system that handles personally identifiable information – whether it is a tax database or health database – invariably leads to questions about privacy and security. MOSIP’s answer to this is a ‘zero knowledge architecture’.
“It basically means the system does not have any memory,” Prof Rajagopalan said.
First, a device must be authenticated saying it is genuine. Second, the application should also be authenticated saying it is correct, and third, the content or data should also be authenticated every time a transaction takes place.
This is known as the zero-knowledge architecture so that there is no possibility of fraud or theft.
There are many challenging scenarios that MOSIP’s ‘privacy and security by design’ document looks at.
These include internal attacks, external threats, terrorist, internal civil war, offline registration, online/offline verification, ability to revoke, ability to quarantine and isolate upon attacks or compromise, response to security attack/threats, challenges with 360-degree profiling – privacy, and challenges on non tech-savvy users, and multi-lingual users.
“Merely because one modifies the code doesn’t mean you can get access to the live system in a production environment. We have put many security safeguards in place to avoid a breach,” Rajagopalan said.
MOSIP has a Hardware Security Manager (HSM) which is based on multiple keys. These keys are available only to a few people based on their respective roles. So, even people who have permission to access the system cannot access the entire system. They can access only a part of the system.