India’s ambitious UID (Unique Identification Card) project has been underway for quite some time now. Announced back in February 2009, the first of the cards were launched in October 2010 in a tribal village in Maharashtra. With more than a billion cards yet to be issued, is obviously a task of enormous proportions. The UID project has been entrusted to an organization called UIDAI (Unique Identification Authority of India) spearheaded by former Infosys co-chairman Nandan Nilekani. The aim of the project is to have a readily accessible database of all citizens of the country that can be retrieved when needed. All citizens would be issued a unique identity card with a unique number. The project is had been christened Aadhaar.While, prima facie, the objective looks accomplished a number of people have started raising concerns about the UID project. A facet of the project is its enrollment process which is biometric in nature. This would involve taking records of fingerprints and iris patters of each individual and storing them in the national database. This has been questioned by experts like JT D’souza, a Mumbai-based forensic expert. According to him, it is extremely easy to forge fingerprint and fool biometric devices. In fact, in a demo he claims that it takes just some wax and a tube of Fevicol to “breach” biometric security ring.
Here’s a video in which he has explained how easily this can be done.
After watching it, we wonder if the entire UID project needs to be re-looked and some modifications made to make it totally secure. What do you think?
Its sad that such an ambitious project has such stupid shortcomings.
Do get some publicity these type of jobs are taking place.
The UIDAI biometric authentication will be the combination of IRIS ,fingerprint and Face.
This will be a multi modal biometrics deployment, may be in initial stage for authentication only fingerprint will be used but this will not be a final, other modalities will be get implement soon. This process done by using an optical finger print sensor.
This fake finger print can be easily rejected by using a Capacitive based Fingerprint sensor. So UIDAI process of implementing Biometrics will be definitely gives us a highly secured INDIA. It happens.. Let us wait and see.
What if someone registers on your fingerprint before you? You are locked out.
What? no way.. faking someone’s fingerprint for a single dollar and then…
These shortcomings have been known for a long time time. But, these become problematic only in unattended systems (e.g. entry system, attendance system). For attended systems such as Public Distribution System, NREGA etc, the government official is expected to clean your finger before allowing you to use your finger for authentication.
Now, you might claim that government official might not fulfill his/her responsibilities. Well, that is what this corruption about. Is it not?
Anyway, vendors are proposing Iris as second biometric to overcome fingerprint limitations. In fact, some vendors proposed only Iris as the biometric but it is still evolving in terms of cost and time-to-acquire Iris Image.
And I am not aware of anyone spoofing Iris.
Anyway, I will request all of us to be looking for solutions rather than merely pointing out problems.
Thanks,