独家
一个基本的身份识别系统,为全球数百万人提供身份识别
班加罗尔的一所大学一直致力于一个项目,使公民能够获得基本身份证,以利用各自政府的各种服务。
-
BSNL宣布六名官员被迫退休
被强制退休的军官是印度电信服务(ITS)干部,批次从1988年到1992年不等。
-
-
-
全球有10亿人缺乏官方身份证明,这对金融和社会包容至关重要。低收入国家每两个妇女中就有一个没有身份证,这限制了她们获得关键服务和参与政治和经济生活的机会。
这些是世界银行2018年《识别促进发展倡议》报告的发现,该报告强调了全球识别面临的挑战。
一个国家的识别系统是有效提供公共和私营服务的中坚力量。
世界各国政府都在探索如何开发一种多用途的能源基本的ID个人接收唯一标识符的系统,他们可以使用该标识符进行身份断言和验证。
这就是模块化开源身份识别平台(MOSIP)进来了。
MOSIP的故事开始于世界银行与班加罗尔的一所科技大学——班加罗尔国际信息技术研究所(IIIT-B)接洽,希望建立一个开源的基本身份系统,在此基础上可以建立国民身份证。
MOSIP是一个模块化的开源身份平台,可帮助政府等用户组织以经济有效的方式实现数字基础身份。
迄今为止,全球已有7170多万人在基于mosip的系统上登记。
基本ID旨在用于访问各种各样的政府和私人服务。
各国在考虑如何最好地建立基本身份识别系统时,面临着若干政策和技术选择。
一旦做出这些选择,各国往往要应对一些共同的执行挑战。这包括确保系统的独特性、互操作性、设计的隐私性、达到规模、避免供应商锁定和保持可负担性。
为了应对这些挑战,IIIT-B自2018年以来将MOSIP项目作为全球公共产品锚定,IIIT-B主任兼MOSIP执行委员会主席Debabrata Das教授告诉印度经济时报。
该项目由比尔和梅林达·盖茨基金会(BMGF)、塔塔信托基金、Omidyar网络该组织和挪威发展合作署(Norad)累计提供了15亿卢比。
印孚瑟斯联合创始人克里斯·戈帕拉克里什南的Pratiksha Trust也承诺为该项目提供100万美元。
“该项目主要是由于Aadhaar的成功而启动的,它在全球闻名,因为许多以公民为中心的服务都是基于它。当世界银行向政府寻求Aadhaar时,由于它是一项专有技术,因此无法共享。然后它联系了IIIT-B,开发类似Aadhaar的软件。”
印度唯一识别局(UIDAI)的设立是为了向印度所有居民颁发名为Aadhaar的唯一识别号码(UID)。
BMGF负责穷人金融服务的高级项目官员Kanwaljit Singh告诉《印度经济时报》,MOSIP的创建是因为其可定制性、可配置性和模块化。
到目前为止,BMGF已向MOSIP捐款1000万美元。
“问题是Aadhaar是针对印度国情定制的。Aadhaar是为10亿人建造的。”
Aadhaar的所有设计选择都考虑到了印度。
他补充说,在设计一个适用于100万人口国家的系统和一个适用于1亿人口国家的系统时,设计选择必须非常不同。
MOSIP目前正在斯里兰卡、多哥、几内亚、埃塞俄比亚、摩洛哥、菲律宾和塞拉利昂等人口多样化的国家使用。
“因为它不需要为10亿人工作,或者它必须在足够小的规模上工作,这样才能快速、可扩展和有效地部署。而且它必须是可定制的。”
例如,萨摩亚的人口是30万,马尔代夫是55万,百慕大是7.2万,IIIT-B正试图为这些国家开发不同的身份识别系统,如MOSIP Lite,因为这些国家不需要庞大的数据中心,人均成本可以降低。
到目前为止,菲律宾已有7100万公民使用MOSIP进行了登记,其中5000万人已获得身份证。在摩洛哥,3600万人口中有15万人获得了唯一的身份号码。
定制的
根据本地环境定制系统是MOSIP独有的。
例如,在摩洛哥,整个系统必须根据当地需求进行定制,因为那里的主要语言是阿拉伯语。
此外,ID系统必须符合当地法规。
菲律宾是一个由7000个岛屿组成的国家互联网连通性是一个挑战。同样,摩洛哥也有偏远的山区移动网络我们是个挑战。
因此,IIIT-B提出了离线认证,即在低端安卓手机中下载身份作为QR码,这可以显示给店主或银行。
在没有移动网络的情况下,他们可以在本地进行身份验证,而不必前往服务器。
目前正在进行的是一种基于自拍的老年人养老金认证系统,这是摩洛哥特别要求的。
“虽然是否使用生物识别技术由各国决定,但只有使用生物识别技术才能捕捉到一个人的独特性。其他标识符,如姓名、出生日期和地址,可以由多人提供,”印度理工学院院长S Rajagopalan教授告诉《印度经济时报》。
各国也可以在没有生物识别技术的情况下发放身份识别号码。
例如,在摩洛哥,只有面部和虹膜扫描被捕获。
根据摩洛哥法律,指纹只能由警方采集。
在菲律宾,指纹、虹膜和面部扫描被捕获。
语音生物识别技术仍处于测试阶段,将在大约两年内推出。
“世界上有10亿人无法证明他们是谁。这是一个可怕而迫切的需求。有17亿人被排除在正规金融体系之外,其中一个原因是他们无法证明自己是谁,”BMGF的辛格告诉印度经济时报。
奥米迪亚网络是最初的支持者之一,迄今为止已经向MOSIP提供了400万美元。
该资助协议为期四年,奥米迪亚网络正在评估今年协议结束后如何继续支持该项目。
奥米迪亚网络负责技术的主管Govind Shivkumar告诉《印度经济时报》:“需要大规模的数字身份技术架构,因为许多国家都想复制印度的例子,尤其是在非洲。”
从历史上看,大多数技术供应商都是私有的专有公司。
他说:“许多非洲和其他国家都存在数据被锁定在特定供应商的问题,因此需要一个开源的数字身份平台。”
一个好的ID系统的原则是包容性、可问责性、隐私性和安全性。MOSIP具有内置的技术属性,以避免滥用这些原则。
MOSIP提供的虚拟ID功能支持可撤销的身份,并防止身份被盗用,因为唯一的身份号码保留在个人和政府中。不与第三方共享。相反,虚拟ID是共享的,可以在一段时间后撤销。
希夫库马尔说:“在很多情况下,中东和平与合作部拒绝与某些人合作,而奥米迪亚网络对此表示支持,因为那里不具备一些人权、民主价值观、隐私和安全方面的特点。”
他补充说,英国国家数据科学和人工智能研究所艾伦·图灵研究所已经在MOSIP的代码中寻找并修复了漏洞。
BMGF的辛格说,在如何建立身份识别系统方面,效率低下。非洲国家最大的问题之一是缺乏身份识别系统。
乌干达、尼日利亚、萨摩亚和突尼斯都是对MOSIP表现出兴趣的国家。
他说,供应商被私营部门锁定的可能性导致了许多低效率,最终“是人们的钱被浪费了”。
“因此,基金会认为有必要资助一个开源的数字公共基础设施,许多政府可以采取和实施,根据当地情况进行定制,然后使用它为人民提供服务。因此,MOSIP的设计就考虑到了这一点。”
他指出,身份识别系统的设计不仅应该包括穷人,而且应该通过解决排斥风险,使他们受益。
这个想法是基于代码识别、安全、隐私、道德和公平的原则树立一个榜样。他说:“许多国家已经站出来,随着MOSIP走向世界,我们看到对它的需求越来越大。”
MOSIP拥有60多个商业合作伙伴,包括系统集成商、软件提供商和生物识别设备提供商。“所以,这真的是一种生态系统方法。你真的需要私营部门。”
零知识架构
任何处理个人身份信息的系统——无论是税务数据库还是健康数据库——都不可避免地会引发关于隐私和安全的问题。MOSIP对此的答案是“零知识架构”。
Rajagopalan教授说:“这基本上意味着系统没有任何内存。”
首先,设备必须经过认证,表明它是正品。其次,还应该对应用程序进行身份验证,表明它是正确的;第三,在每次发生事务时,也应该对内容或数据进行身份验证。
这就是所谓的零知识架构,因此不存在欺诈或盗窃的可能性。
MOSIP的“隐私和安全设计”文件着眼于许多具有挑战性的场景。
这些挑战包括内部攻击、外部威胁、恐怖主义、内部内战、离线注册、在线/离线验证、撤销能力、在攻击或妥协时隔离和隔离的能力、对安全攻击/威胁的响应、360度分析-隐私的挑战,以及对非技术熟练用户和多语言用户的挑战。
仅仅因为一个人修改了代码并不意味着你可以在生产环境中访问活动系统。我们已经采取了许多安全措施,以避免出现漏洞。”
MOSIP有一个基于多个密钥的硬件安全管理器(HSM)。这些密钥仅对基于各自角色的少数人可用。因此,即使有权限访问系统的人也不能访问整个系统。他们只能访问系统的一部分。
这些是世界银行2018年《识别促进发展倡议》报告的发现,该报告强调了全球识别面临的挑战。
一个国家的识别系统是有效提供公共和私营服务的中坚力量。
这就是模块化开源身份识别平台(MOSIP)进来了。
MOSIP的故事开始于世界银行与班加罗尔的一所科技大学——班加罗尔国际信息技术研究所(IIIT-B)接洽,希望建立一个开源的基本身份系统,在此基础上可以建立国民身份证。
MOSIP是一个模块化的开源身份平台,可帮助政府等用户组织以经济有效的方式实现数字基础身份。
迄今为止,全球已有7170多万人在基于mosip的系统上登记。
基本ID旨在用于访问各种各样的政府和私人服务。
各国在考虑如何最好地建立基本身份识别系统时,面临着若干政策和技术选择。
一旦做出这些选择,各国往往要应对一些共同的执行挑战。这包括确保系统的独特性、互操作性、设计的隐私性、达到规模、避免供应商锁定和保持可负担性。
该项目由比尔和梅林达·盖茨基金会(BMGF)、塔塔信托基金、Omidyar网络该组织和挪威发展合作署(Norad)累计提供了15亿卢比。
印孚瑟斯联合创始人克里斯·戈帕拉克里什南的Pratiksha Trust也承诺为该项目提供100万美元。
“该项目主要是由于Aadhaar的成功而启动的,它在全球闻名,因为许多以公民为中心的服务都是基于它。当世界银行向政府寻求Aadhaar时,由于它是一项专有技术,因此无法共享。然后它联系了IIIT-B,开发类似Aadhaar的软件。”
印度唯一识别局(UIDAI)的设立是为了向印度所有居民颁发名为Aadhaar的唯一识别号码(UID)。
BMGF负责穷人金融服务的高级项目官员Kanwaljit Singh告诉《印度经济时报》,MOSIP的创建是因为其可定制性、可配置性和模块化。
到目前为止,BMGF已向MOSIP捐款1000万美元。
“问题是Aadhaar是针对印度国情定制的。Aadhaar是为10亿人建造的。”
Aadhaar的所有设计选择都考虑到了印度。
他补充说,在设计一个适用于100万人口国家的系统和一个适用于1亿人口国家的系统时,设计选择必须非常不同。
MOSIP目前正在斯里兰卡、多哥、几内亚、埃塞俄比亚、摩洛哥、菲律宾和塞拉利昂等人口多样化的国家使用。
“因为它不需要为10亿人工作,或者它必须在足够小的规模上工作,这样才能快速、可扩展和有效地部署。而且它必须是可定制的。”
例如,萨摩亚的人口是30万,马尔代夫是55万,百慕大是7.2万,IIIT-B正试图为这些国家开发不同的身份识别系统,如MOSIP Lite,因为这些国家不需要庞大的数据中心,人均成本可以降低。
到目前为止,菲律宾已有7100万公民使用MOSIP进行了登记,其中5000万人已获得身份证。在摩洛哥,3600万人口中有15万人获得了唯一的身份号码。
定制的
根据本地环境定制系统是MOSIP独有的。
例如,在摩洛哥,整个系统必须根据当地需求进行定制,因为那里的主要语言是阿拉伯语。
此外,ID系统必须符合当地法规。
菲律宾是一个由7000个岛屿组成的国家互联网连通性是一个挑战。同样,摩洛哥也有偏远的山区移动网络我们是个挑战。
因此,IIIT-B提出了离线认证,即在低端安卓手机中下载身份作为QR码,这可以显示给店主或银行。
在没有移动网络的情况下,他们可以在本地进行身份验证,而不必前往服务器。
目前正在进行的是一种基于自拍的老年人养老金认证系统,这是摩洛哥特别要求的。
“虽然是否使用生物识别技术由各国决定,但只有使用生物识别技术才能捕捉到一个人的独特性。其他标识符,如姓名、出生日期和地址,可以由多人提供,”印度理工学院院长S Rajagopalan教授告诉《印度经济时报》。
各国也可以在没有生物识别技术的情况下发放身份识别号码。
例如,在摩洛哥,只有面部和虹膜扫描被捕获。
根据摩洛哥法律,指纹只能由警方采集。
在菲律宾,指纹、虹膜和面部扫描被捕获。
语音生物识别技术仍处于测试阶段,将在大约两年内推出。
“世界上有10亿人无法证明他们是谁。这是一个可怕而迫切的需求。有17亿人被排除在正规金融体系之外,其中一个原因是他们无法证明自己是谁,”BMGF的辛格告诉印度经济时报。
奥米迪亚网络是最初的支持者之一,迄今为止已经向MOSIP提供了400万美元。
该资助协议为期四年,奥米迪亚网络正在评估今年协议结束后如何继续支持该项目。
奥米迪亚网络负责技术的主管Govind Shivkumar告诉《印度经济时报》:“需要大规模的数字身份技术架构,因为许多国家都想复制印度的例子,尤其是在非洲。”
从历史上看,大多数技术供应商都是私有的专有公司。
他说:“许多非洲和其他国家都存在数据被锁定在特定供应商的问题,因此需要一个开源的数字身份平台。”
一个好的ID系统的原则是包容性、可问责性、隐私性和安全性。MOSIP具有内置的技术属性,以避免滥用这些原则。
MOSIP提供的虚拟ID功能支持可撤销的身份,并防止身份被盗用,因为唯一的身份号码保留在个人和政府中。不与第三方共享。相反,虚拟ID是共享的,可以在一段时间后撤销。
希夫库马尔说:“在很多情况下,中东和平与合作部拒绝与某些人合作,而奥米迪亚网络对此表示支持,因为那里不具备一些人权、民主价值观、隐私和安全方面的特点。”
他补充说,英国国家数据科学和人工智能研究所艾伦·图灵研究所已经在MOSIP的代码中寻找并修复了漏洞。
BMGF的辛格说,在如何建立身份识别系统方面,效率低下。非洲国家最大的问题之一是缺乏身份识别系统。
乌干达、尼日利亚、萨摩亚和突尼斯都是对MOSIP表现出兴趣的国家。
他说,供应商被私营部门锁定的可能性导致了许多低效率,最终“是人们的钱被浪费了”。
“因此,基金会认为有必要资助一个开源的数字公共基础设施,许多政府可以采取和实施,根据当地情况进行定制,然后使用它为人民提供服务。因此,MOSIP的设计就考虑到了这一点。”
他指出,身份识别系统的设计不仅应该包括穷人,而且应该通过解决排斥风险,使他们受益。
这个想法是基于代码识别、安全、隐私、道德和公平的原则树立一个榜样。他说:“许多国家已经站出来,随着MOSIP走向世界,我们看到对它的需求越来越大。”
MOSIP拥有60多个商业合作伙伴,包括系统集成商、软件提供商和生物识别设备提供商。“所以,这真的是一种生态系统方法。你真的需要私营部门。”
零知识架构
任何处理个人身份信息的系统——无论是税务数据库还是健康数据库——都不可避免地会引发关于隐私和安全的问题。MOSIP对此的答案是“零知识架构”。
Rajagopalan教授说:“这基本上意味着系统没有任何内存。”
首先,设备必须经过认证,表明它是正品。其次,还应该对应用程序进行身份验证,表明它是正确的;第三,在每次发生事务时,也应该对内容或数据进行身份验证。
这就是所谓的零知识架构,因此不存在欺诈或盗窃的可能性。
MOSIP的“隐私和安全设计”文件着眼于许多具有挑战性的场景。
这些挑战包括内部攻击、外部威胁、恐怖主义、内部内战、离线注册、在线/离线验证、撤销能力、在攻击或妥协时隔离和隔离的能力、对安全攻击/威胁的响应、360度分析-隐私的挑战,以及对非技术熟练用户和多语言用户的挑战。
仅仅因为一个人修改了代码并不意味着你可以在生产环境中访问活动系统。我们已经采取了许多安全措施,以避免出现漏洞。”
MOSIP有一个基于多个密钥的硬件安全管理器(HSM)。这些密钥仅对基于各自角色的少数人可用。因此,即使有权限访问系统的人也不能访问整个系统。他们只能访问系统的一部分。
One billion people across the globe lack an official proof of identity, essential for financial and social inclusion. One in two women in low-income countries does not have an ID, limiting their access to critical services and participation in political and economic life.
These are the findings of a 2018 World Bank Identification for Development Initiative report that highlights global identification challenges.
A country\u2019s identification system<\/a> is the backbone for effective delivery of public and private services.
These are the findings of a 2018 World Bank Identification for Development Initiative report that highlights global identification challenges.
A country\u2019s identification system<\/a> is the backbone for effective delivery of public and private services.
<\/div><\/div>Governments across the world are exploring ways to develop a multipurpose foundational ID<\/a> system in which individuals receive a unique identifier that they can use for identity assertion and verification.
This is where the Modular Open Source Identity Platform<\/a> (MOSIP<\/a>) comes in.
The MOSIP story began when the World Bank approached the International Institute of Information Technology-Bangalore (IIIT-B), a technology university in Bengaluru, for an open-source foundational identity system on which national IDs could be built.
MOSIP is a modular and open-source identity platform that helps user organisations such as governments implement a digital, foundational ID in a cost-effective manner.
So far, more than 71.7 million people are registered on MOSIP-based systems across the globe.
The foundational ID is intended to be used for access to a wide variety of government and private services.
As countries consider how best to build foundational ID systems, they face several policy and technological choices.
Once these choices are made, countries often grapple with some common implementation challenges. These include ensuring uniqueness in the system, interoperability, privacy by design, reaching scale, avoiding vendor lock-in and maintaining affordability.
This is where the Modular Open Source Identity Platform<\/a> (MOSIP<\/a>) comes in.
The MOSIP story began when the World Bank approached the International Institute of Information Technology-Bangalore (IIIT-B), a technology university in Bengaluru, for an open-source foundational identity system on which national IDs could be built.
MOSIP is a modular and open-source identity platform that helps user organisations such as governments implement a digital, foundational ID in a cost-effective manner.
So far, more than 71.7 million people are registered on MOSIP-based systems across the globe.
The foundational ID is intended to be used for access to a wide variety of government and private services.
As countries consider how best to build foundational ID systems, they face several policy and technological choices.
Once these choices are made, countries often grapple with some common implementation challenges. These include ensuring uniqueness in the system, interoperability, privacy by design, reaching scale, avoiding vendor lock-in and maintaining affordability.
<\/div><\/div>In response to these challenges, the IIIT-B is anchoring the MOSIP project since 2018 as a global public good, Professor Debabrata Das, director of IIIT-B and chairman of the executive committee of MOSIP, told ET.
This is an effort that is being funded by the Bill & Melinda Gates Foundation (BMGF), Tata Trust, Omidyar Network<\/a>, Pratiksha Trust, and Norwegian Agency for Development Cooperation (Norad), which have cumulatively provided Rs 150 crore.
Infosys<\/a> co-founder Kris Gopalakrishnan's Pratiksha Trust has also committed $1 million to the project.
\u201cThe project mainly started due to the success of Aadhaar, which became globally renowned, as many citizen-centric services were based on it. When the World Bank approached the government for Aadhaar, it could not be shared as it was a proprietary technology. Then it approached IIIT-B to develop an equivalent of Aadhaar,\u201d Das said.
The Unique Identification Authority of India (UIDAI) was set up to issue Unique Identification Numbers (UID), named Aadhaar, to all residents of India.
MOSIP was created because of its customizability, configurability, and modularity, Kanwaljit Singh, senior program officer, financial services for the poor, BMGF, told ET.
BMGF has contributed $10 million to MOSIP so far.
\u201cThe issue was Aadhaar was customized to the Indian context. Aadhaar was built for a scale of a billion people,\u201d Singh said.
All the design choices that went into Aadhaar were made with India in mind.
The design choices must be very different when designing a system that should work for a country with a population of one million to a country whose population is 100 million, he added.
MOSIP is currently being used in countries with populations as diverse as Sri Lanka, Togo, Guinea, Ethiopia, Morocco, the Philippines and Sierra Leone.
\u201cBecause it doesn't have to work for a billion people, or it must be working at a small enough scale so that it can be speedy, scalable, and efficiently deployable. And it must be customizable,\u201d Singh said.
For example, the population of Samoa is 300,000, Maldives is 550,000, and Bermuda 72,000, for which IIIT-B is trying to develop different ID systems like MOSIP Lite because these countries don\u2019t need huge data centres and the cost per head can be brought down.
So far, in the Philippines, 71 million citizens have been registered using MOSIP, of which 50 million have been issued identity cards. In Morocco, out of a population of 36 million, 150,000 have been issued unique identity numbers.
Custom-built<\/b>
Customising the system to a local context is unique to MOSIP.
In Morocco, for instance, the whole system had to be customized to local needs because the predominant language there is Arabic.
Moreover, ID systems must comply with local legislation.
The Philippines is a country of 7,000 islands and seamless internet<\/a> connectivity was a challenge. Similarly, Morocco also had remote mountain areas where mobile networks<\/a> were a challenge.
So, IIIT-B came up with offline authentication where the ID is downloaded in low-end Android phones as a QR code, and this could be shown to shopkeepers or banks.
They could locally authenticate without having to go to a server in the absence of a mobile network.
In the works is a selfie-based authentication system for the elderly to avail of pension, which Morocco has specifically requested.
\u201cWhile it is left to the countries whether to capture biometrics or not, the uniqueness of a person can be captured only with biometrics. Other identifiers like name, date of birth and address, can be given by multiple people,\u201d Professor S Rajagopalan, president, MOSIP, IIIT-B, told ET.
Countries can issue identification numbers without biometrics, too.
In Morocco, for example, only the face and the iris scans are captured.
Under Moroccan law, fingerprints have to be captured only by the police.
In the Philippines, fingerprints, iris and face scans are captured.
Voice biometrics is an area that is still being tested, which will be rolled out in about two years.
\u201cThere are one billion people in the world who have no way of proving who they are. And this is a dire and urgent need. There are 1.7 billion people who are excluded from the formal financial system, and one of the reasons for that exclusion is their inability to prove who they are,\u201d Singh of BMGF told ET.
Omidyar Network, one of the initial backers, has so far provided $4 million to MOSIP.
The grant agreement was for four years, and Omidyar Network is evaluating how to continue supporting the project once the agreement ends this year.
\u201cThere was a need for a large-scale digital identity technology architecture because many countries wanted to replicate the India example, particularly in Africa,\u201d Govind Shivkumar, director, responsible technology, Omidyar Network, told ET.
Historically, most technology vendors were private proprietary companies.
\u201cMany African and other countries have had issues with their data being locked in with a specific vendor and hence there was a need for an open-source digital identity platform,\u201d he said.
The principles of a good ID system are inclusivity, accountability, privacy, and security. MOSIP has technological attributes built in to avoid abuse of these principles.
The virtual ID feature offered by MOSIP enables a revocable identity and prevents stealing of identity as the unique identification number stays with the individual and the government. It is not shared with a third party. Instead, a virtual ID is shared, which can be revoked after a certain period.
\u201cWe have had many cases where MOSIP has refused to work with certain actors and Omidyar Network has supported that because some of the human rights attributes, democratic values, privacy and security attributes, were not there,\u201d Shivkumar said.
The Alan Turing Institute, UK\u2019s national institute for data science and artificial intelligence, has looked for vulnerabilities in MOSIP\u2019s code and fixed them, he added.
Singh of BMGF said that there had been a big inefficiency in how ID systems were being built. One of the biggest problems that African countries had was a lack of an ID system.
Uganda, Nigeria, Samoa, and Tunisia are among countries that have shown interest in MOSIP.
The possibility of vendor lock-in at the hands of the private sector was leading to many inefficiencies and ultimately \u201cit was the money of the people that was being wasted,\u201d he said.
\u201cSo, the Foundation felt that there was a need to fund an open-source digital public infrastructure which many governments could take and implement, customize it to their local conditions and then use it to provide service to their people. So, MOSIP was designed with that in mind,\u201d Singh added.
The ID systems should be designed not only to include the poor, but also to benefit them, by addressing the risks of exclusion, he pointed out.
The idea was to set an example based on principles of code identification, security, privacy, ethics, and fairness. \u201cMany countries have come forward and we are seeing more demand for MOSIP as it goes out into the world,\u201d he said.
MOSIP has more than 60 commercial partners from system integrators, software providers to biometric device providers. \u201cSo, it's really an ecosystem approach. You really need the private sector,\u201d Singh added.
Zero knowledge architecture<\/b>
Any system that handles personally identifiable information - whether it is a tax database or health database - invariably leads to questions about privacy and security. MOSIP\u2019s answer to this is a \u2018zero knowledge architecture\u2019.
\u201cIt basically means the system does not have any memory,\u201d Prof Rajagopalan said.
First, a device must be authenticated saying it is genuine. Second, the application should also be authenticated saying it is correct, and third, the content or data should also be authenticated every time a transaction takes place.
This is known as the zero-knowledge architecture so that there is no possibility of fraud or theft.
There are many challenging scenarios that MOSIP\u2019s \u2018privacy and security by design\u2019 document looks at.
These include internal attacks, external threats, terrorist, internal civil war, offline registration, online\/offline verification, ability to revoke, ability to quarantine and isolate upon attacks or compromise, response to security attack\/threats, challenges with 360-degree profiling \u2013 privacy, and challenges on non tech-savvy users, and multi-lingual users.
\u201cMerely because one modifies the code doesn\u2019t mean you can get access to the live system in a production environment. We have put many security safeguards in place to avoid a breach,\u201d Rajagopalan said.
MOSIP has a Hardware Security Manager (HSM) which is based on multiple keys. These keys are available only to a few people based on their respective roles. So, even people who have permission to access the system cannot access the entire system. They can access only a part of the system.
<\/div><\/div>
This is an effort that is being funded by the Bill & Melinda Gates Foundation (BMGF), Tata Trust, Omidyar Network<\/a>, Pratiksha Trust, and Norwegian Agency for Development Cooperation (Norad), which have cumulatively provided Rs 150 crore.
Infosys<\/a> co-founder Kris Gopalakrishnan's Pratiksha Trust has also committed $1 million to the project.
\u201cThe project mainly started due to the success of Aadhaar, which became globally renowned, as many citizen-centric services were based on it. When the World Bank approached the government for Aadhaar, it could not be shared as it was a proprietary technology. Then it approached IIIT-B to develop an equivalent of Aadhaar,\u201d Das said.
The Unique Identification Authority of India (UIDAI) was set up to issue Unique Identification Numbers (UID), named Aadhaar, to all residents of India.
MOSIP was created because of its customizability, configurability, and modularity, Kanwaljit Singh, senior program officer, financial services for the poor, BMGF, told ET.
BMGF has contributed $10 million to MOSIP so far.
\u201cThe issue was Aadhaar was customized to the Indian context. Aadhaar was built for a scale of a billion people,\u201d Singh said.
All the design choices that went into Aadhaar were made with India in mind.
The design choices must be very different when designing a system that should work for a country with a population of one million to a country whose population is 100 million, he added.
MOSIP is currently being used in countries with populations as diverse as Sri Lanka, Togo, Guinea, Ethiopia, Morocco, the Philippines and Sierra Leone.
\u201cBecause it doesn't have to work for a billion people, or it must be working at a small enough scale so that it can be speedy, scalable, and efficiently deployable. And it must be customizable,\u201d Singh said.
For example, the population of Samoa is 300,000, Maldives is 550,000, and Bermuda 72,000, for which IIIT-B is trying to develop different ID systems like MOSIP Lite because these countries don\u2019t need huge data centres and the cost per head can be brought down.
So far, in the Philippines, 71 million citizens have been registered using MOSIP, of which 50 million have been issued identity cards. In Morocco, out of a population of 36 million, 150,000 have been issued unique identity numbers.
Custom-built<\/b>
Customising the system to a local context is unique to MOSIP.
In Morocco, for instance, the whole system had to be customized to local needs because the predominant language there is Arabic.
Moreover, ID systems must comply with local legislation.
The Philippines is a country of 7,000 islands and seamless internet<\/a> connectivity was a challenge. Similarly, Morocco also had remote mountain areas where mobile networks<\/a> were a challenge.
So, IIIT-B came up with offline authentication where the ID is downloaded in low-end Android phones as a QR code, and this could be shown to shopkeepers or banks.
They could locally authenticate without having to go to a server in the absence of a mobile network.
In the works is a selfie-based authentication system for the elderly to avail of pension, which Morocco has specifically requested.
\u201cWhile it is left to the countries whether to capture biometrics or not, the uniqueness of a person can be captured only with biometrics. Other identifiers like name, date of birth and address, can be given by multiple people,\u201d Professor S Rajagopalan, president, MOSIP, IIIT-B, told ET.
Countries can issue identification numbers without biometrics, too.
In Morocco, for example, only the face and the iris scans are captured.
Under Moroccan law, fingerprints have to be captured only by the police.
In the Philippines, fingerprints, iris and face scans are captured.
Voice biometrics is an area that is still being tested, which will be rolled out in about two years.
\u201cThere are one billion people in the world who have no way of proving who they are. And this is a dire and urgent need. There are 1.7 billion people who are excluded from the formal financial system, and one of the reasons for that exclusion is their inability to prove who they are,\u201d Singh of BMGF told ET.
Omidyar Network, one of the initial backers, has so far provided $4 million to MOSIP.
The grant agreement was for four years, and Omidyar Network is evaluating how to continue supporting the project once the agreement ends this year.
\u201cThere was a need for a large-scale digital identity technology architecture because many countries wanted to replicate the India example, particularly in Africa,\u201d Govind Shivkumar, director, responsible technology, Omidyar Network, told ET.
Historically, most technology vendors were private proprietary companies.
\u201cMany African and other countries have had issues with their data being locked in with a specific vendor and hence there was a need for an open-source digital identity platform,\u201d he said.
The principles of a good ID system are inclusivity, accountability, privacy, and security. MOSIP has technological attributes built in to avoid abuse of these principles.
The virtual ID feature offered by MOSIP enables a revocable identity and prevents stealing of identity as the unique identification number stays with the individual and the government. It is not shared with a third party. Instead, a virtual ID is shared, which can be revoked after a certain period.
\u201cWe have had many cases where MOSIP has refused to work with certain actors and Omidyar Network has supported that because some of the human rights attributes, democratic values, privacy and security attributes, were not there,\u201d Shivkumar said.
The Alan Turing Institute, UK\u2019s national institute for data science and artificial intelligence, has looked for vulnerabilities in MOSIP\u2019s code and fixed them, he added.
Singh of BMGF said that there had been a big inefficiency in how ID systems were being built. One of the biggest problems that African countries had was a lack of an ID system.
Uganda, Nigeria, Samoa, and Tunisia are among countries that have shown interest in MOSIP.
The possibility of vendor lock-in at the hands of the private sector was leading to many inefficiencies and ultimately \u201cit was the money of the people that was being wasted,\u201d he said.
\u201cSo, the Foundation felt that there was a need to fund an open-source digital public infrastructure which many governments could take and implement, customize it to their local conditions and then use it to provide service to their people. So, MOSIP was designed with that in mind,\u201d Singh added.
The ID systems should be designed not only to include the poor, but also to benefit them, by addressing the risks of exclusion, he pointed out.
The idea was to set an example based on principles of code identification, security, privacy, ethics, and fairness. \u201cMany countries have come forward and we are seeing more demand for MOSIP as it goes out into the world,\u201d he said.
MOSIP has more than 60 commercial partners from system integrators, software providers to biometric device providers. \u201cSo, it's really an ecosystem approach. You really need the private sector,\u201d Singh added.
Zero knowledge architecture<\/b>
Any system that handles personally identifiable information - whether it is a tax database or health database - invariably leads to questions about privacy and security. MOSIP\u2019s answer to this is a \u2018zero knowledge architecture\u2019.
\u201cIt basically means the system does not have any memory,\u201d Prof Rajagopalan said.
First, a device must be authenticated saying it is genuine. Second, the application should also be authenticated saying it is correct, and third, the content or data should also be authenticated every time a transaction takes place.
This is known as the zero-knowledge architecture so that there is no possibility of fraud or theft.
There are many challenging scenarios that MOSIP\u2019s \u2018privacy and security by design\u2019 document looks at.
These include internal attacks, external threats, terrorist, internal civil war, offline registration, online\/offline verification, ability to revoke, ability to quarantine and isolate upon attacks or compromise, response to security attack\/threats, challenges with 360-degree profiling \u2013 privacy, and challenges on non tech-savvy users, and multi-lingual users.
\u201cMerely because one modifies the code doesn\u2019t mean you can get access to the live system in a production environment. We have put many security safeguards in place to avoid a breach,\u201d Rajagopalan said.
MOSIP has a Hardware Security Manager (HSM) which is based on multiple keys. These keys are available only to a few people based on their respective roles. So, even people who have permission to access the system cannot access the entire system. They can access only a part of the system.
<\/div><\/div>
Follow and connect with us on Twitter<\/a>, Facebook<\/a>, Linkedin<\/a>, Youtube<\/a><\/div>","NumberOfSentences":{"minfo":"80.0","minfoseo":"80-0"},"AutomatedReadabilityIndex":{"minfo":"14.0","minfoseo":"14-0"},"LastPublishMilliTime":{"minfo":"1662344565846","minfoseo":"1662344565846"},"ReadabilityGradeLevel":{"minfo":"College","minfoseo":"college"},"ShelfLife":{"minfo":"Year","minfoseo":"year"},"GadgetsMarkedReviewed":{"minfo":"0","minfoseo":"0"},"HashCode":{"minfo":"-159415456","minfoseo":"-159415456"},"latestnewsflag":{"minfo":"1.0","minfoseo":"1-0"},"canonicalURL":{"minfo":"https:\/\/economictimes.indiatimes.com\/tech\/technology\/a-foundational-id-system-to-give-identity-to-millions-across-the-globe\/articleshow\/93969453.cms","minfoseo":"https\/economictimes-indiatimes-com\/tech\/technology\/a-foundational-id-system-to-give-identity-to-millions-across-the-globe\/articleshow\/93969453-cms"},"NumberOfCharacters":{"minfo":"10763.0","minfoseo":"10763-0"},"NumberOfWords":{"minfo":"1693.0","minfoseo":"1693-0"},"key":{"0":{"keyid":"14888536","value":"foundational id","smid":"0","keynameseo":"foundational-id","keytype":"","keycount":"totalcount","weightage":"100"},"1":{"keyid":"14373485","value":"mosip","smid":"0","keynameseo":"mosip","keytype":"","keycount":"totalcount","weightage":"90"},"2":{"keyid":"14888537","value":"modular open source identity platform","smid":"0","keynameseo":"modular-open-source-identity-platform","keytype":"","keycount":"totalcount","weightage":"90"},"3":{"keyid":"14888538","value":"mosip iiit-bengaluru","smid":"0","keynameseo":"mosip-iiit-bengaluru","keytype":"","keycount":"totalcount","weightage":"80"},"4":{"keyid":"14896878","value":"mosip identity platform","smid":"0","keynameseo":"mosip-identity-platform","keytype":"","keycount":"totalcount","weightage":"80"},"5":{"keyid":"720827","value":"mobile networks","smid":"0","keynameseo":"mobile-networks","keytype":"","keycount":"totalcount","weightage":"60"},"6":{"keyid":"211875","value":"omidyar network","smid":"0","keynameseo":"omidyar-network","keytype":"","keycount":"totalcount","weightage":"20"},"8":{"keyid":"6354512","value":"infosys","smid":"0","keynameseo":"infosys","keytype":"","keycount":"totalcount","weightage":"20"},"9":{"keyid":"6354512","value":"infosys","smid":"0","keynameseo":"infosys","keytype":"","keycount":"totalcount","weightage":"20"},"10":{"keyid":"144698","value":"identification system","smid":"0","keynameseo":"identification-system","keytype":"","keycount":"totalcount","weightage":"20"}},"authorsplit":{"author":{"artau":"Suraksha P","aunameseo":"suraksha-p","artauid":"479244511","artauemail":"suraksha.p@gmail.com","auFullName":"Suraksha P","pubname":"TOI","designame":"Correspondent","audetailsxml":{"details":[]},"aulinksxml":{"links":{"link":[]}},"auagencyid":"87654328","auagencyname":"THE TIMES OF INDIA NEWS SERVICE","autype":"GENERAL"}},"similarlytagged":[{"msid":"93992306","stname":"A foundational ID system to give identity to millions across the globe","artsyn":"A Bengaluru varsity has been working on a project to enable citizens to get foundational IDs to avail of various services from their respective govts.","seolocation":"telecomnews\/a-foundational-id-system-to-give-identity-to-millions-across-the-globe","seolocationalt":"A foundational ID system to give identity to millions across the globe","url_seo":"a-foundational-id-system-to-give-identity-to-millions-across-the-globe"}],"primeid":0,"storytags":{"categoryTag":{"sectionid":"49830939","sectionname":"TelecomNews","seolocation":"telecomnews","seolocationalt":"telecomnews"},"otherTags":[{"keyid":"14888536","value":"foundational id","smid":"0","keynameseo":"foundational-id","keytype":"","keycount":"totalcount","weightage":"100"},{"keyid":"14373485","value":"mosip","smid":"0","keynameseo":"mosip","keytype":"","keycount":"totalcount","weightage":"90"},{"keyid":"14888537","value":"modular open source identity platform","smid":"0","keynameseo":"modular-open-source-identity-platform","keytype":"","keycount":"totalcount","weightage":"90"},{"keyid":"14888538","value":"mosip iiit-bengaluru","smid":"0","keynameseo":"mosip-iiit-bengaluru","keytype":"","keycount":"totalcount","weightage":"80"},{"keyid":"14896878","value":"mosip identity platform","smid":"0","keynameseo":"mosip-identity-platform","keytype":"","keycount":"totalcount","weightage":"80"},{"keyid":"720827","value":"mobile networks","smid":"0","keynameseo":"mobile-networks","keytype":"","keycount":"totalcount","weightage":"60"},{"keyid":"211875","value":"omidyar network","smid":"0","keynameseo":"omidyar-network","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"6357247","value":"internet","smid":"0","keynameseo":"internet","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"6354512","value":"infosys","smid":"0","keynameseo":"infosys","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"6354512","value":"infosys","smid":"0","keynameseo":"infosys","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"144698","value":"identification system","smid":"0","keynameseo":"identification-system","keytype":"","keycount":"totalcount","weightage":"20"}],"filterTags":[]},"formattedTags":{"companyTags":[],"otherTags":[{"name":"modular open source identity platform"},{"name":"mosip identity platform"},{"name":"identification system"},{"name":"mosip iiit-bengaluru"},{"name":"foundational id"},{"name":"mobile networks"},{"name":"omidyar network"},{"name":"internet"},{"name":"infosys"},{"name":"infosys"},{"name":"mosip"}],"newsCategoryTags":[{"name":"TelecomNews","seolocation":"telecomnews"}],"breadcrumbTags":["foundational id","mosip","modular open source identity platform","mosip iiit-bengaluru","mosip identity platform","mobile networks","omidyar network","internet","infosys","infosys","identification system"],"filterTags":[]},"breadcrumbTags":["foundational id","mosip","modular open source identity platform","mosip iiit-bengaluru","mosip identity platform","mobile networks","omidyar network","internet","infosys","infosys","identification system"],"Alttitle":{"minfo":""},"Altdescription":{"minfo":""},"amp_url":"\/\/www.iser-br.com\/amp\/news\/a-foundational-id-system-to-give-identity-to-millions-across-the-globe\/93992306"}" data-news-images="null" data-newsletter-by="0" data-newsletter-date="a" data-hasbottomcarousel="" data-alldetailsopen="0" data-multipleanalyticshit="" data-deeplink="https://ettelecom.app.link?$deeplink_path=" data-socialshareformat="default">
