Here's what happens behind the scenes of this gargantuan project
At the Aadhaar technology centre in Marathahalli, a large team of technologists and software developers hack away at code that forms the backbone of India's most ambitious citizen enrolment project seeking to create a biometric inventory of the second most populous country in the world.
Bangalore, which hosts both the Tech Centre and the Central Identities Data Repository, will now see the project go live with many more enrolment centres and a steady ramp-up planned in coming weeks. The project, currently under way in select post offices here and in its final phase in Mysore and Tumkur districts, has around 592 enrolment stations across the State, a number that will go up to over 800 in a month, top officials of the Unique Identification Authority of India (UIDAI) told The Hindu.
An exercise that has drawn criticism primarily over privacy concerns and the lack of a cost-benefit analysis has courted ample controversy. But going by the large number of people queuing up at Bangalore's General Post Office on any weekday, this 12-digit number has indeed drawn public interest. But how is this number generated? What happens behind the scenes of this gargantuan project?
The process
Every citizen first goes through the step of document verification. Following this, demographic data on the citizen, classified under Know Your Resident (KYR) and KYR+ (which are questions added on by the registrar) is entered into the Aadhaar client. A simple software client developed by the UIDAI, the Aadhaar client stores demographic data before moving on to the more complicated process of recording and storing biometric data.
Biometrics include capturing three sets of fingerprints, four fingers on both hands and two thumbs, and an image of the iris. In the case of fingerprints, a maximum of four tries are allowed; with agricultural workers or labourers or the elderly, when the lines are not clear enough, this is a problem.
The entire enrolment process is conducted offline. Once the enrolment is complete, the package is first encrypted using a 256-bit session encryption key. Then, a 1,024-bit UIDAI public key is used to encrypt, the private key for which is stored within the application at the Aadhaar data centre, used by the machine only during processing.
After adding an additional layer of tamper-proofing, the packet is exported to the Aadhaar data centre in Marathahalli to be processed using external hard disks or securely uploaded electronically. “This data can neither be tampered with nor opened,” assures a senior UIDAI technology official, adding that even data centre administrators do not have access to the data.
Securely stored
At the UIDAI Tech Centre, enrolment packets from across the country arrive to be processed daily. After the number is generated, after de-duplication, the data is stored by the CIDR at its secure back-end. This data centre is the permanent abode for Aadhaar data, and houses servers and equipment that are remotely managed from the tech centre.
A second such data centre, which will also serve as a back-up and a repository for enrolments in the north Indian States, is currently coming up in New Delhi, officials said.
