Fungibility of Aadhaar
Are different forms of Aadhaar interchangable? What are the implications, if it is not?
Fungibility is a term associated with economics and law. In economics, fungibility is the property of a good or a commodity whose individual units are essentially interchangeable. How does a concept in economics relate to an identity document like Aadhaar?
Aadhaar is an identity document. The meaning of the word fungibility in the context of documents is interchangeable. List of fungible documents include currencies, contracts, negotiable instruments, signatures. It is important to understand the concept of fungibility in the digital identity realm. An identity is a contact between issuer and holder. In this article, I use the word fungibility and equality to denote the same property; in order to remove friction.
Aadhaar exists in multiple forms from the perspective of an Aadhaar holder. In the simplest form, it is a random 12 digit number. This number alone is enough to identify you. Next, is the Aadhaar intimation letter, that you receive by post in your address. Yet another form of Aadhaar is the e-Aadhaar/m-Aadhaar – a digitally signed document, that is a digital equivalent of the Aadhaar intimation letter. Recently announced, Virtual ID too finds its place in the list.
Why fungibility matters?
As I mentioned earlier, Aadhaar is a digital identity document. Aadhaar has to serve the Indian population, around quarter of which is illiterate. You cannot expect an illiterate person to use a digital identity document with complete knowledge of the potential risks it exposes. They understand paper document and keep it safe. On the other hand, there is an urban population, which values convenience of not carrying a paper document. Unless the verifier of the identity considers all forms of Aadhaar as equal, either one may get rejected. That is the least thing expected from an identity document - you produce a genuine document, yet the verifier does not trust you.
In case of Aadhaar, section 4(3) of the Aadhaar Act (2016), establishes the equality of paper and electronic forms of Aadhaar. However, there is an equality problem that exists in the Aadhaar land. To pass the equality test, the verifier of the Aadhaar should have no problem in accepting Aadhaar in any of the forms it exists. If the acceptance of multiple forms of Aadhaar is at the mercy of the verifier, Aadhaar does not hold any value to its holder. After all, identity verification is about establishing trust.
Fungibility of e-Aadhaar
UIDAI (Unique Identification Authority of India) acknowledges the equality issue with Aadhaar. Here is an excerpt from a FAQ.
Question about the validity of e-Aadhaar is frequent(https://uidai.gov.in/your-aadhaar/help/faqs.html#eaadhaar-letter)
The FAQ refers to a circular on the validity of e-Aadhaar.
Circular on validity of e-Aadhaar (https://uidai.gov.in/images/uidai_om_on_e_aadhaar_validity.pdf)
People still doubt the validity of e-Aadhaar. This is one of the frequently asked questions in UIDAI’s twitter page. Even though it is valid according to the law, people and institutions still doubt the validity of e-Aadhaar.
e-Aadhaar is not widely accepted
The excuse that keeps on coming about similar problems is that of awareness. The awareness excuse will not hold ground in case of Aadhaar. The objective of Aadhaar was to give identity to people who do not have any identiy document at all. Hence, the proposition of awareness argument itself defeats the purpose of Aadhaar.
Fungibility of Virtual IDs
Circular about Virtual ID claims that VID is fungible
Virtual ID is similar to Virtual Credit Card (VCC). VCC is a credit card number that your bank assigns you. It is temporary and is valid for a limited period of time and you can use it for Card Not Present Transactions. But, the virtual credit cards carry an advantage. When you give out your VCC to a merchant for an online transaction, they have no means to verify whether the number is virtual or is the actual number printed on your credit card. At the same time, the merchant can verify the validity of your VCC and be sure that he will receive your payment. So, a merchant cannot deny you a transaction because your choice to use VCC.
UIDAI claims that Virtual ID is a fungible number. Aadhaar is a 12 digit number, while Virtual ID is a 16 digit number. The moment you share your Virtual ID with anyone, they know that this is a Virtual ID and not your original Aadhaar number. The verifier can always reject the 16 digit number and demand 12 digit number.
Now, let us examine how a Virtual ID is generated:
A resident generates his Virtual ID
I can draw following conclusions from the above:
- There is a minimum validity period for each Virtual ID
- A resident can create, retrive or revoke his Virtual ID
- A resident can generate Virtual ID through UIDAI’s resident portal, mAadhaar Application or by approaching an Aadhaar Enrolment Center.
The resident needs to share her Aadhaar number with the Enrolment Center to generate a new Virtual ID. This sharing of Aadhaar number defeats the purpose of Virtual IDs. The enrolment center now knows your Aadhaar number and your VID. I do not understand how this qualifies to be a sound design.
Use of Virtual IDs are not mandatory. This means that a website / application / verifier can accept either 16 digit Virtual ID or 12 digit original Aadhaar number. What if a verifier does not want to accept virtual IDs? He designs the application to accept only 12 digit numbers and you have no choice, but to give out your 12 digit number. A Government office can deny you the service because you want to hide your Aadhaar number.
Like e-Aadhaar, UIDAI cannot enforce the acceptance of Virtual ID; because it is impossible for them to find out who is doing what. The tweets I quoted about e-Aadhaar serve as a testimony. UIDAI will not even help you in such cases. See what UIDAI recommends you do if someone refuses to accept e-Aadhaar.
UIDAI will not help you if someone refuses to accept e-Aadhaar / Virtual ID. They ask you to lodge a complaint with higher authorities of those departments / agencies.
Fungibility of Aadhaar
The architects of Aadhaar envisioned it as a digital identity platform. It was to provide paperless, electronic and instantaneous method to verify identity.
Aadhaar Technology Architecture Whitepaper — Page 7
Aadhaar is creating problems which did not exist before. The equality of physical Aadhaar and digital forms are not even clear to Government officials and institutions.
Even Banks which claim to embrace digital technologies does not even understand digital signature and e-Aadhaar
Shouldn't the Governement convince the PSU's to accept e-Aadhaar first?
However, that objective of Aadhaar being a digital identity is still unachieved. Aadhaar will become a digital identity only if people use it as a digital identity and not as a paper identity. A film with a few child artists does not qualify as a children’s film. Children’s film is one which children enjoy and made for them.
Conclusion
Aadhaar as a digital identity assumes multiple forms. However, all those forms are not created equal. These diverse forms of Aadhaar not only pushes guillible population to the mercy of an operator, but also risks revealing much more data about them to an operator. Information stored in digital form facilitates the propagation of information through multiple networks in an unchecked manner and brings unknown liabilities to the victim. The current form of Aadhaar requires the holder of the number to understand and protect themselves. The design itself does not protect you from misuse. This is a result of faulty design, and the Government cannot correct this situation by bringing a new law.
Aadhaar, as an identity document lacks identity.