Did you know the most expensive material in the world is Antimatter and it valued at $62.5 trillion per gram.approximately.
A software engineer mind is devils workshop. Every time we see a new software we start reviewing the software for quality, usability, scalability, availability, security & performance without even getting access to the software code.Over the time as we came to know about different implementation of Aadhar services,for example Aadhar being used to log daily attendance of Mumbai BMC (Bombay Municipal Corporation) employees, my concern was how many hits would the Aadhar server withstand if we use #Aadhar authentication for 'services that don't really need Aadhar validation' If every Municipal Corporation across #India starts accessing #Aadhar Server every time employees enters and leaves office, I wonder how many servers would be required ?
It also made me wonder if we ares misusing the Aadhar services for everything sundry just because we have a new gadget in hand! Using Aadhar for services that don't really require identity verification is bad design and we need to be concerned about it. BMC employer attendance is an example of misuse of Aadhar verify the identity of an employee everyday in fact 2 times a day? is the next step tp use Aadhar to take attendance of school children from kg to post-graduation? What purpose is Aadhar identity verification serving? Would it not be simpler to continue with a local automated attendance service (most companies already have had it) instead of hitting the Aadhar server? I won't repeat the 'Misuse of Aadhar for BMC attendance' example as I have explained the issue in another post on my blog (Whats is wrong with Aadhar Software System ? (Part-1))
The other point we should worry about is hackers, simply because no internet based service is safe from hackers. The alleged data leaks are concern for most Indians because UIDAI has not been able to arrest the guilty and since they have not arrested the Tribune reporter as of 6th Feb 2018 there is reason to believe that the data leak incident was REAL. From the facts reported by media I have done an Virtual-Technical-Analysis ( no there is no such term as VTA, I just coined it myself and I am laying claim to the IP rights) of what could be wrong with Aadhar System and I would be more than happy if someone can prove my analysis wrong. Assuming a data leak has happened or can happen if a expert hacker group decides to target Aadhar database. After all if hackers could breach the security of Pentagon intranet, what in TODAYS AADHAR IMPLEMENTATION makes us so confident that Aadhar security cannot be breached? We have honest gentleman politicians in India so I will not go into the use-case where a political party decides to access financial data about certain individual or group of individuals because that would be an illegal activity yet its a potential risk we need to consider. What if a future government decides to use the Aadhar data to target a group of people?
For a commoner like me the worry is that if my data is leaked, the personal data can be sold to marketing companies and I will lose my privacy. Some entity with access to my Aadhar data can easily associate the Aadhar data with my financial data (banks, stock, insurance, credit card purchases etc) and I could be subject of blackmail or kidnapping or even corrupt government officials - Tribune report exposes that it was corrupt officials who breached the data and UIDAI was not even aware till Tribune published the news report. So enough reasons for a civilian/commoner to worry. Right?
Take a use case of a enemy country that buys the leaked data thought multiple intermediaries so the Corrupt Patriot who sells the data to a marketing company would actually be selling it to an enemy like Pakistan. Now why would Pakistan buy Aadhar data? Well soon #Aadhar number will be linked to
1) SIM number
2) Bank Account
3) Credit card
4) Land purchase records
5) Children School and other services
So from Aadhar data and Credit card company data I can write a book on an army officers daily routine.
Where does he live?
What did he study? What is his skill set? Is he a fighter pilot or a grenadier?
What toothpaste does he use? What flavor of corn-flex does he like ( his wife's credit-card is also linked to Aadhar and card is linked to man's bank account - Damit! Everything financial is linked!)
Does the person take a bus or car to office (from credit card used at tolls)?
Where is the address of the person's office? What time does he return home? (time from toll plaza where you used credit-card to pay toll, his mobile tower data)
How many hours does he speak on cellphone? Who are the ppl on his mobile call list?
If he is an army officer is he on leave or at work? What is his current posting? (credit-card usage location)
What brand of clothes does he wear? Which restaurant does he usually eat at? Can he afford the clothes? Does he have expensive taste and is he in debt and hence easy target for honey-trap?
Imagine if enemy gets the #Aadhar data of a security personal they will have all details about each army personnel including
1) Count of service men in armed forces
2) The current posting of each service men
3) How many men are deployed at a given post?
4) What is age of each service man.
5) What is his credit history
6) What are his vices if any
So practically everything that is linked by Aadhar and everything required to profile and lay a honey-trap, can be pulled out if you get access to a persons Aadhar data. Now that could be a big risk for the armed services. By linking Aadhar to financial transactions we are creating a rich data-bank that is bloody valuable and magnet to hackers and enemy and services should introspect if they need to raise their concern with the government. I am sure armed forces cannot be excused from Aadhar but if the government understands the risk it can revisit its Aadhar Vision and use Aadhar for extending social benefits as was the original plan and not make it a Hop On Hop Off Bus.Other examples of using Aadhar for school admissions and hospital admission are glaring lapses in the Aadhar vision. These are basic services that citizen has right to and you cannot force people to use Aadhar to get heath care, especially when they are not using government sponsored health care. The aim of government in making Aadhar mandatory for getting health seems to be to keep a tab on the expenses which is unfair and invades privacy and recently a woman lost her life when hospital refused admission as she could not produce Aadhar card.
So how do the progressive nations protect this data-bank? They don''t have to protect any bio-metrics data bank. Every nation that has some kind of UID never use it to link financial data of a citizen and they do not capture bio-metrics because of the huge responsibility to protect the identity of a citizen. USA thought of using bio-metrics in early 40s and the parliament ruled against it. There are couple of countries that use blockchain for e-governance but even these countries (eg Estonia) do not have Aadhar like system. Instead they have a chip ID that holds UID of the person and if you lose the chip-id you can block it within seconds (something like losing a credit card.) Chip is used to verify that you are you and no data is shared with service providers . The Estonia chip-id is not used to validate your personal details like Aadhar uses to verify the address and other details when you buy a cell sim card. Since the chip id is a card that is not linked to internet, it can be used to validate your identity but cannot provide access to other financial transactions of the citizen. India should have thought on these lines before hurrying to extend Aadhar to sundry services.
Some will say you are scaring the common man with you examples of what could happen but do you know whats wrong and do you have a solution? Yes as a software professional I do know whats wrong or at least I think I know what is wrong with Aadhar. I know why we have faced certain issues that were reported and by reasoning I can tell you what are the potential issues of the future that Aadhar 'seems' to have overlooked and how to build a robust UID.
As I posted in my earlier blog post, 'Open Letter to decision makers', the first thing to do is to accept that Aadhar is a revolutionary system that needs to onboard all political parties. We cannot have new
Aadhar vision every 5 years as & when there is political changes at the center and we cannot have political parties fighting on Aadhar Vision. Once you have a documented Aadhar Vision then hand it to the IT guys to finetune the Aadhar Vision (what is doable) and then define a Aadhar Roadmap (What to implement 1st and so on) and then create a solution that takes care of 1.3 billion Indian and growing. Once the vision is decided there should a a well defined change management process to do any change to the vision, one smart pants should not be able to change the vision without approval of change control board. Change control is how we maintain sanity in the software development world or else we would never stop accepting changes from the business that gets ambitious bright new ideas every week!
Final words of advise, like a civil architecture, well designed foundation is the most critical element for the success of a software. If you have laid a foundation to build Taj Mahal and after a year you decide to erect a Burj Khalifa instead of Taj Mahal then you need to start from zero and design and build a new foundation or else the Burj Khalifa will collapse even before the 10th floor is laid down. When we build software for fortune 100 companies they have best domain experts and software architects working for them to advise them and ensure that the IT service provider has designed a good system. Change in governments usually changes the entire setup of governance and I think that's why governments miss the services of IT experts with huge experience of architecting large complex software using proven Software Development Methodology (Whats that!). When you are embarking Digital Journey make sure you hire experienced architects who have developed software for Fortune 100 companies and have burnt their hands few times. Let the architects drive the vision or else when you go in production the lack of vision will drive everybody crazy. Before implementing anything new make sure you know the risks and have a risk mitigation plan. When I read about Aadhar glitches and see UIDAI get into a huddle, I wonder why it was not documented as a risk and why there was no risk mitigation plan to counter the risk! Purpose of this post was to share some thoughts with personals from services and then let them as questions. My worst fear is Aadhar data of our armed forces in the hands of a enemy country and we should not let that happen just because some ambitious politicians ranting Digital Mantra and with no understanding of Software Development Methodology (process followed to build software) implements some crazy Aadhar services to earn some browny points with the voters.
A software engineer mind is devils workshop. Every time we see a new software we start reviewing the software for quality, usability, scalability, availability, security & performance without even getting access to the software code.Over the time as we came to know about different implementation of Aadhar services,for example Aadhar being used to log daily attendance of Mumbai BMC (Bombay Municipal Corporation) employees, my concern was how many hits would the Aadhar server withstand if we use #Aadhar authentication for 'services that don't really need Aadhar validation' If every Municipal Corporation across #India starts accessing #Aadhar Server every time employees enters and leaves office, I wonder how many servers would be required ?
It also made me wonder if we ares misusing the Aadhar services for everything sundry just because we have a new gadget in hand! Using Aadhar for services that don't really require identity verification is bad design and we need to be concerned about it. BMC employer attendance is an example of misuse of Aadhar verify the identity of an employee everyday in fact 2 times a day? is the next step tp use Aadhar to take attendance of school children from kg to post-graduation? What purpose is Aadhar identity verification serving? Would it not be simpler to continue with a local automated attendance service (most companies already have had it) instead of hitting the Aadhar server? I won't repeat the 'Misuse of Aadhar for BMC attendance' example as I have explained the issue in another post on my blog (Whats is wrong with Aadhar Software System ? (Part-1))
The other point we should worry about is hackers, simply because no internet based service is safe from hackers. The alleged data leaks are concern for most Indians because UIDAI has not been able to arrest the guilty and since they have not arrested the Tribune reporter as of 6th Feb 2018 there is reason to believe that the data leak incident was REAL. From the facts reported by media I have done an Virtual-Technical-Analysis ( no there is no such term as VTA, I just coined it myself and I am laying claim to the IP rights) of what could be wrong with Aadhar System and I would be more than happy if someone can prove my analysis wrong. Assuming a data leak has happened or can happen if a expert hacker group decides to target Aadhar database. After all if hackers could breach the security of Pentagon intranet, what in TODAYS AADHAR IMPLEMENTATION makes us so confident that Aadhar security cannot be breached? We have honest gentleman politicians in India so I will not go into the use-case where a political party decides to access financial data about certain individual or group of individuals because that would be an illegal activity yet its a potential risk we need to consider. What if a future government decides to use the Aadhar data to target a group of people?
For a commoner like me the worry is that if my data is leaked, the personal data can be sold to marketing companies and I will lose my privacy. Some entity with access to my Aadhar data can easily associate the Aadhar data with my financial data (banks, stock, insurance, credit card purchases etc) and I could be subject of blackmail or kidnapping or even corrupt government officials - Tribune report exposes that it was corrupt officials who breached the data and UIDAI was not even aware till Tribune published the news report. So enough reasons for a civilian/commoner to worry. Right?
Take a use case of a enemy country that buys the leaked data thought multiple intermediaries so the Corrupt Patriot who sells the data to a marketing company would actually be selling it to an enemy like Pakistan. Now why would Pakistan buy Aadhar data? Well soon #Aadhar number will be linked to
1) SIM number
2) Bank Account
3) Credit card
4) Land purchase records
5) Children School and other services
So from Aadhar data and Credit card company data I can write a book on an army officers daily routine.
Where does he live?
What did he study? What is his skill set? Is he a fighter pilot or a grenadier?
What toothpaste does he use? What flavor of corn-flex does he like ( his wife's credit-card is also linked to Aadhar and card is linked to man's bank account - Damit! Everything financial is linked!)
Does the person take a bus or car to office (from credit card used at tolls)?
Where is the address of the person's office? What time does he return home? (time from toll plaza where you used credit-card to pay toll, his mobile tower data)
How many hours does he speak on cellphone? Who are the ppl on his mobile call list?
If he is an army officer is he on leave or at work? What is his current posting? (credit-card usage location)
What brand of clothes does he wear? Which restaurant does he usually eat at? Can he afford the clothes? Does he have expensive taste and is he in debt and hence easy target for honey-trap?
Imagine if enemy gets the #Aadhar data of a security personal they will have all details about each army personnel including
1) Count of service men in armed forces
2) The current posting of each service men
3) How many men are deployed at a given post?
4) What is age of each service man.
5) What is his credit history
6) What are his vices if any
So practically everything that is linked by Aadhar and everything required to profile and lay a honey-trap, can be pulled out if you get access to a persons Aadhar data. Now that could be a big risk for the armed services. By linking Aadhar to financial transactions we are creating a rich data-bank that is bloody valuable and magnet to hackers and enemy and services should introspect if they need to raise their concern with the government. I am sure armed forces cannot be excused from Aadhar but if the government understands the risk it can revisit its Aadhar Vision and use Aadhar for extending social benefits as was the original plan and not make it a Hop On Hop Off Bus.Other examples of using Aadhar for school admissions and hospital admission are glaring lapses in the Aadhar vision. These are basic services that citizen has right to and you cannot force people to use Aadhar to get heath care, especially when they are not using government sponsored health care. The aim of government in making Aadhar mandatory for getting health seems to be to keep a tab on the expenses which is unfair and invades privacy and recently a woman lost her life when hospital refused admission as she could not produce Aadhar card.
So how do the progressive nations protect this data-bank? They don''t have to protect any bio-metrics data bank. Every nation that has some kind of UID never use it to link financial data of a citizen and they do not capture bio-metrics because of the huge responsibility to protect the identity of a citizen. USA thought of using bio-metrics in early 40s and the parliament ruled against it. There are couple of countries that use blockchain for e-governance but even these countries (eg Estonia) do not have Aadhar like system. Instead they have a chip ID that holds UID of the person and if you lose the chip-id you can block it within seconds (something like losing a credit card.) Chip is used to verify that you are you and no data is shared with service providers . The Estonia chip-id is not used to validate your personal details like Aadhar uses to verify the address and other details when you buy a cell sim card. Since the chip id is a card that is not linked to internet, it can be used to validate your identity but cannot provide access to other financial transactions of the citizen. India should have thought on these lines before hurrying to extend Aadhar to sundry services.
Some will say you are scaring the common man with you examples of what could happen but do you know whats wrong and do you have a solution? Yes as a software professional I do know whats wrong or at least I think I know what is wrong with Aadhar. I know why we have faced certain issues that were reported and by reasoning I can tell you what are the potential issues of the future that Aadhar 'seems' to have overlooked and how to build a robust UID.
As I posted in my earlier blog post, 'Open Letter to decision makers', the first thing to do is to accept that Aadhar is a revolutionary system that needs to onboard all political parties. We cannot have new
Aadhar vision every 5 years as & when there is political changes at the center and we cannot have political parties fighting on Aadhar Vision. Once you have a documented Aadhar Vision then hand it to the IT guys to finetune the Aadhar Vision (what is doable) and then define a Aadhar Roadmap (What to implement 1st and so on) and then create a solution that takes care of 1.3 billion Indian and growing. Once the vision is decided there should a a well defined change management process to do any change to the vision, one smart pants should not be able to change the vision without approval of change control board. Change control is how we maintain sanity in the software development world or else we would never stop accepting changes from the business that gets ambitious bright new ideas every week!
Final words of advise, like a civil architecture, well designed foundation is the most critical element for the success of a software. If you have laid a foundation to build Taj Mahal and after a year you decide to erect a Burj Khalifa instead of Taj Mahal then you need to start from zero and design and build a new foundation or else the Burj Khalifa will collapse even before the 10th floor is laid down. When we build software for fortune 100 companies they have best domain experts and software architects working for them to advise them and ensure that the IT service provider has designed a good system. Change in governments usually changes the entire setup of governance and I think that's why governments miss the services of IT experts with huge experience of architecting large complex software using proven Software Development Methodology (Whats that!). When you are embarking Digital Journey make sure you hire experienced architects who have developed software for Fortune 100 companies and have burnt their hands few times. Let the architects drive the vision or else when you go in production the lack of vision will drive everybody crazy. Before implementing anything new make sure you know the risks and have a risk mitigation plan. When I read about Aadhar glitches and see UIDAI get into a huddle, I wonder why it was not documented as a risk and why there was no risk mitigation plan to counter the risk! Purpose of this post was to share some thoughts with personals from services and then let them as questions. My worst fear is Aadhar data of our armed forces in the hands of a enemy country and we should not let that happen just because some ambitious politicians ranting Digital Mantra and with no understanding of Software Development Methodology (process followed to build software) implements some crazy Aadhar services to earn some browny points with the voters.
No comments:
Post a Comment