The Unique Identification Authority of India (UIDAI), which runs India’s digital identification system Aadhaar, on Monday trashed global rating agency Moody’s concerns about the reliability of biometric authenticity, privacy and security features of Aadhaar.
“The report in question does not cite either primary or secondary data or research in support of the opinions presented in it. The investor service did not make any attempt to ascertain facts regarding the issues raised by it from the Authority,” the UIDAI said in a statement.
Aadhaar, the world’s largest digital ID program, assigns unique numbers to over 1.3 billion Indian residents using biometric and demographic data.
This system enables access to public and private services, with verification via fingerprint or iris scans, and alternatives like One-Time Passcodes. UIDAI administers Aadhaar, aiming to integrate marginalized groups and expand welfare benefits access.
“However, the system faces hurdles, including the burden of establishing authorization and concerns about biometric reliability. The system often results in service denials, and the reliability of biometric technologies, especially for manual labourers in hot, humid climates, is questionable,” Moody’s said in a report.
UIDAI said the report avers that the use of biometric technologies results in service denials for manual labourers in India’s hot, humid climate, an obvious reference to India’s Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGS).
“However, it is evident that the authors of the report are unaware that the seeding of Aadhaar in the MGNREGS database has been done without requiring the worker to authenticate using their biometrics, and that even payment to workers under the scheme is made by directly crediting money in their account and does not require the worker to authenticate using their biometrics,” UIDAI said.
Moody’s has also said that in recent years, the spotlight has shifted toward Decentralized identity (DID) as a strategic response to the security and privacy vulnerabilities posed by centralized ID systems like Aadhaar.
UIDAI said such fears are misplaced. “State-of-the-art security solutions are in place, along with a federated database and encryption of data both at rest and in motion. The systems are certified as per international security and privacy standards,” it said.
Aadhaar was key to the success of the Direct Benefit Transfer (DBT) schemes which helped the Centre save Rs 2.7 trillion by plugging leakages in welfare schemes between FY15 and FY22.
Aadhaar is the foundational Digital Public Infrastructure (DPI) of the India stack. The recent G20 New Delhi Declaration has welcomed the G20 Framework for Systems of Digital Public Infrastructure, a voluntary and suggested framework for the development, deployment and governance of Digital Public Infrastructure (DPI), and welcomed India’s plan to build and maintain a Global Digital Public Infrastructure Repository (GDPIR), a virtual repository of DPI, voluntarily shared by G20 members and beyond.