Technology On Aadhaar PDF
Technology On Aadhaar PDF
Technology On Aadhaar PDF
Agenda
Aadhaar at a Glance Technology Strategy Architecture Enrollment
Process Status
Authentication
Fingerprint PoC Iris Poc
Conclusions
Authentication
Fingerprint PoC Iris Poc
Conclusions
India
1.2 billion residents
640,000 villages, ~60% lives under $2/day ~75% literacy, <3% pays Income Tax, <20% banking ~800 million mobile, ~200-300 mn migrant workers
Vision
Create a common national identity for every resident
Biometric backed identity to eliminate duplicates Verifiable online identity for portability
Authentication
Fingerprint PoC Iris Poc
Conclusions
Biometric Strategy
Multi-modal: Improve de-duplication accuracy using multiple modalities
10 Fingerprint, 2 Iris, Face
Multi-Vendor
Risk Mitigation
No Vendor Lock-in
Overall Strategy
Best of breed through standards & open source Sourcing from multiple suppliers Leverage market forces for technology improvement Create national standards wherever necessary through extensive consultation Build eco-system
Device certification Operator certification Empanelment of enrollment agencies IT and other suppliers training for state level reengineering apps
Technology Stack
Multi-platform client All 3rd party interfaces abstracted through standard API layer (VDM, ABIS, Language Support, Linux with virtualization at OS layer MySQL as RDBMS Java application Apache Hadoop (HDFS, Hive, Pig, etc.) stack for large scale compute and distributed storage RabbitMQ (AMQP standard) as messaging framework Drools for rules engine Several other open source libraries
Authentication
Fingerprint PoC Iris Poc
Conclusions
Architecture Principles
Design for scale
Every component needs to scale to large volumes Millions of transactions and billions of records Accommodate failure and design for recovery
Open architecture
Use of open standards to ensure interoperability Allow the ecosystem to build libraries to standard APIs Use of open-source technologies wherever prudent
Security
16
End to end security of resident data Use of open source Data privacy handling (API and data anonymization)
No single point of bottleneck for scaling Asynchronous processing throughout the system
Allows loose coupling various components Allows independent component level scaling
17
Open Architecture
Aadhaar Services
Core Authentication API and supporting Best Finger Detection, OTP Request APIs New services being built on top
Biometric Standards
ISO 19794-X CBEFF MINEX IREX PIV - FP
UID Specifications
Enrolment Device Authentication Device
Authentication
Fingerprint PoC Iris Poc
Conclusions
Enrollment Process
Enrollment process
Demographic Data
Compulsory data: Name, Age/Date of Birth, Gender and Address of the resident. Conditional data: Parents/Guardian details Optional data: Phone no., email address
23
Biometric Data
Residents Photograph
Residents Iris
UID Middleware
Standardization of the ABIS interface Highly distributed, concurrent, fault tolerant architecture Continuous unit and accuracy testing on the production system
Test using real data (probes representative) No information is provided to ABISs to distinguish probes from real data Continuous testing of data integrity
99.943%
Enrolment Volume
29
60+ registrars - State Governments, Banks, India Post, Financial Institutions etc
FNIR
Probe size: 32,000 False accept: 11
@ Gallery = 84 Million
De-duplication Conclusion
Competitive advantage of using 3 ABIS & SDKs
Continuous FPIR/FNIR measurements Possible to maintain low FPIR/FNIR over wide range of gallery size
Authentication
Fingerprint PoC Iris Poc
Conclusions
Authentication
YES
Name, gender, DoB, Age, Address, Mobile, Email,
OR
NO
38
Diverse subjects
Manual labor Senior and children benefit programs
Mobile GPRS network Variety of applications 1st in the world to operate on-line Auth.
Proof of Concepts
9 PoC over 12 months across India 50,000+ subjects Study
Coverage or FTE Devices # of fingers, # of eyes Image quality Demography Network, mobility
Proof of Concept
Scenario
Conducted in the real field environment Real subjects representing local demography Production system & network
Technology
17 distinct scanner models Every resident verifies on ALL devices Images captured at source
Throughput Performance
10 million authentications in 10 hours Average response time around 200 milliseconds or 295 concurrent requests/sec. Performance test environment consisted of
15 blade servers including database servers, biometric matching servers, messaging server, caching servers, and audit logging servers. Configuration: x86 Linux dual CPU 6-core.
FP Conclusions
Achievable Accuracy (for 98.2% of population)
FRR < 1% with two best finger fusion FRR < 2.5% with one best finger
Device Certification
More selective devices improve FRR by 2X Placement guide can also improve FRR materially PIV compliance insufficient indicator FAP 20 very useful
Field accuracy test should be part of device certification Throughput of 1M/hr is easily achievable
Authentication
Fingerprint PoC Iris Poc
Conclusions
Set-up
4 single eye, 4 dual-eye cameras Every resident verifies on ALL devices Production system & network 5,000 subjects semi-rural location
Poc
9 83 8
2X Seniors
6-15 years
Mysore
18
77
India
0%
18
78
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Coverage
Single-eye cameras
3.32
0.79
Authenticated in first try
95.89
99.29
Accuracy
Auth mode Single eye camera Dual eye camera Single eye 96.21% N/A
Two eye
99.54%
99.73%
High accuracy is possible using both single eye and dual eye cameras Use of second IRIS improves accuracy by 3%
FRR
0.33%
0.31%
0.27%
0.23%
0.22%
0.21%
FAR
Age Distribution
Age wise DET Curves (2 Iris, 2 Attempts)
1.20% 1.00% 1.06%
0.80%
0.87%
0.84%
0.81%
< 15
FRR
0.60%
15-60
0.40%
>60
0.20% 0.19% 0.00% 1.00E-06 1.00E-05 1.00E-04 1.00E-03 0.14% 0.14% 0.14%
FAR
Overall accuracy is > 98.94% for all age categories. Children performed best, followed by adults & seniors
Observations
Two irises authentications provide significant improvement in accuracy and coverage over one iris. Second attempt only marginally improves accuracy. Focus, motion blur or gaze not a major source of false rejects (Matcher 2 seemed to compensate for it)
Device Observations
Device ergonomics affects Better capture aid for operator and residents can significantly improve image capture
Actionable feedback visual aid (LCD on camera, slit for operator for focus) Appropriate visible light source cameras that block ambient light .
Improved capture algorithm for special eye conditions KIND 7 image formats
Iris Conclusions
Over 99.5% population coverage is possible for on-line iris authentication. True accept rate of over 99% is possible Failure : Due to eye surgery (ICCE) (<0.3%) Devices
Both single eye and dual-eye work Easy to train, easy to use Further improvement through capture aids
Authentication
Fingerprint PoC Iris Poc
Conclusions
Biometric Challenges
Conclusive quality measures at capture point
Quality @collection point is everything
Conclusions
Standardize for vendor and technology neutrality
Process standards Technology standards (APIs) and certification Multi-vendor , multi-modal approach Use of open source
Ecosystem approach to scaling Security and privacy by design Data driven analytics for transparency and continuous improvement
58
Thank You