advertisement
The use of face authentication for Aadhaar is unlikely to work in the way that Unique Identification Authority of India (UIDAI) has envisioned. This sentiment has been shared by noted experts in the domain, who believe that implementing face ID (as part of the two-factor authentication) has come ‘too little too late.’
While they accept that implementing the two-factor authentication (2FA) is the right move, they’re not sure how the UIDAI will be able to execute it across different parts of the country by 1 July, the day when the feature is supposed to come into the system.
But before we tell you what we think is going to happen, let’s take a look at what the official circular from UIDAI has to say about the matter and why this feature is being added.
Also Read: Chehra Hai Ya Aadhaar ID? UIDAI Rolls Out Face Authentication
And how is the UIDAI going to make this feature work? According to Ankush Johar of Infosec Ventures, an IT security company, UIDAIs face ID feature is basically going to see if the likeness of the original image is the same as the image that was taken while registering for the Aadhaar card.
Also Read: Aadhaar’s Dirty Secret Is Out, Anyone Can Be Added as a Data Admin
Let’s put its use-case into a real-life example now. A person heads to collect his monthly ration, where the vendor is likely to have an entry-level phone/tablet.
He will take a picture with that, which will check with the server where your original picture resides to see if there is a likeness of that image.
But that’s where the big concern lies.
This situation is bound to arise, especially when UIDAI plans to use the single face photo which is already there in the database.
Ever since the announcement was made, many people started co-relating the face authentication feature with Apple’s iPhone X. But sadly, Ankush is confident that UIDAI’s tech is nowhere close to how Apple’s face ID works.
In addition to that, he points out the big difference between UIDAI and Apple’s implementation of the feature.
While Ankush is pleased that the 2FA has been finally put into place, but in hindsight they feel these measures are being taken without actually considering its viability, especially with respect to executing them.
India isn’t going to be the first country to implement face authentication, but using 2FA could reduce the instances of mass breaches, as accessing data of millions of users simultaneously becomes harder to execute.
But their appreciation comes with a word of caution, and the recent security mishaps compel them into mentioning that.
So, there is a high possibility that UIDAI might have to take the source picture of the people one more time, making it mandatory for those who aren’t able to use fingerprint or iris IDs right now.
All this has made them believe that bringing Face ID into the equation, is not going to make any qualitative difference and the number of people using it is likely to be miniscule.
(We Indians have much to talk about these days. But what would you tell India if you had the chance? Pick up the phone and write or record your Letter To India. Don’t be silent, tell her how you feel. Mail us your letter at lettertoindia@thequint.com. We’ll make sure India gets your message)
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)