Aadhaar authentication failure in Public Distribution System: Andhra Pradesh, December 2017
The Public Distribution System (PDS) in Andhra Pradesh uses Aadhaar to authenticate the identity of its beneficiaries. The authentication takes place at the Fair Price Shop (FPS), wherein an individual eligible to receive subsidized food grains is required to furnish proof of possession of a ration card and must undergo biometric-based Aadhaar authentication.
The focus of this study is to examine the fingerprints-based Aadhaar authentication of ration card holders in Andhra Pradesh for the first fortnight of December 2017.
The Aadhar authentication attempts for 3.77 M ration cards were made in Andhra Pradesh’s PDS between 1st and 16th December 2017. Out of these, 94,030 ration cards failed Aadhaar authentication. The highest number of authentication failures occurred in the East Godavari district, with 14,307 authentication failures. The average authentication failure rate for the state (of all active cards) was 2.5%. Failure rates for YSR Kadapa (5.2%) and Vizianagarm (5.1%) were more than twice the state’s average.
Several reasons for failure of biometric-based authentication include biometric mismatch, invalid Aadhaar number, invalid biometric status, and missing biometric data in Central Identity Data Repository (CIDR) etc. Among these, around 92% of the authentication failures were caused due to biometric mismatch, placing it as the leading cause of Aadhaar authentication failure in the state. Interestingly, the study of distribution of failures at the sub-district (mandal) level suggests that the number of authentication failures are not tightly correlated with the number of ration cards.
Biometric mismatch could occur due to number of factors, including improper collection of biometrics during authentication, foreign material on finger or the surface of scanner, low finger image quality etc. The current error reporting mechanism adopted by UIDAI does not clearly specify which of these factors caused biometric mismatch resulting in repetitively failed authentication attempts by the beneficiaries. Improvements in the authentication error reporting mechanism is therefore suggested, so that the resident can know clearly the exact reason for the authentication failure.
Further, given the high prevalence and uniform geographic spread of biometric mismatch, a more detailed study of this cause of failure is required. One possible solution to bring down the number of biometric mismatches could be to make best finger detection (BFD) compulsory for all the eligible beneficiaries. BFD is a methodology of identifying the finger(s) of a resident with the best biometric deta¬ils, done using BFD Application programming Interface (API) provided by UIDAI.
The Public Distribution System (PDS) in Andhra Pradesh is Aadhaar-enabled. To receive their food entitlements, beneficiaries must establish their identity utilizing the ‘Aadhaar authentication framework’. The authentication takes place at the Fair Price Shop (FPS), wherein an individual eligible to receive the subsidized food grains is required to undergo Aadhaar authentication. The ration card issued to a household is linked to its members’ Aadhaar numbers. The total number of active ration cards in the state is around 12M. East Godavari and Guntur have over 1.4M ration cards each. Guntur district has the highest number of fair price shop (FPS) outlets (2,394), followed by East Godavari (2,136).
Aadhaar authentication enables residents to prove their identity based on their demographic and biometric information captured during Aadhaar enrolment. Aadhaar authentication in PDS was introduced to make the process of identification (a) convenient, by avoiding the need of multiple identity documents and (b) accurate, by using biometrics to authenticate the identity of the beneficiary. Aadhaar authentication is also expected to bring in transparency and efficiency in the PDS by curbing corruption and leakages.
It should be understood that the Aadhaar authentication system is not a 100 percent accurate system, irrespective of the modality selected for authentication. Aadhaar authentication attempts may result in failure due to several reasons. These are termed as ‘authentication failure errors’ and are logged in the Aadhaar enabled PDS (AePDS) information system of the Andhra Pradesh civil supplies department.
This data brief examines biometric-based Aadhaar authentication trends for ration card holders in Andhra Pradesh for the first fortnight of December 2017.
Aadhaar authentication failure was highest in Vizianagaram
The Aadhar authentication attempts for 3.77 M ration cards were made in Andhra Pradesh’s PDS between 1st and 16th December 2017.
In that, about 94,030 ration cards failed authentication during the same period. Of all 13 districts of Andhra Pradesh,
East Godavari had the highest number of Aadhaar authentication failures (14,307 ration cards), followed by Visakhapatnam (10,068) and Vizianagaram (7,348) (see Figure 1).
East Godavari and Guntur have over 1.4M ration cards each. Guntur (2394) has the highest number of FPS outlets in a district followed by East Godavari (2136).
The civil supplies department of AP announces the total quantity of grains allocated (Qa) to an FPS before the start of a month. This quantity is computed based on the total number of beneficiaries registered at the FPS. Without portability, the total quantity of grains sold in a month (Qs) at the FPS will be no more than Qa as only registered beneficiaries can procure their grains from an FPS. Hence, all instances where Qs > Qa (or Qs/Qa > 1) are an indication of usage of portability.
It is important to note that this measure is a conservative estimate of the true utilization of portability. This is because even at an FPS with Qs < Qa, grains could have been procured by beneficiaries not registered to the FPS.
Aadhaar authentication failure rate was highest in YSR Kadapa (5.2%) and Vizianagaram (5.1%) districts
The average authentication failure rate (of all active cards) for the state was 2.5%. Failure rates of four districts are above the state’s average, namely YSR Kadapa (5.2%), Vizianagaram (5.1%), East Godavari (3.3%) and Vishakapatnam (2.9%). (Figure 2). In fact, failure rates for Vizianagaram and YSR Kadapa districts were more than twice the state’s average.
The leading cause of authentication failure is biometric data mismatch
Several reasons were identified for the failure of Aadhaar authentication, including biometric mismatch, invalid Aadhaar number, invalid biometric status and missing biometric data in CIDR. Among these, about 92% of the authentication failures were caused solely due to biometric mismatch (92%), placing it as the leading cause of authentication failure in the state (Figure 3). Biometric mismatch could happen due to several reasons. For example, the Aadhaar holder gives biometric information (fingerprint/iris) on a scanner but the information is not identified by the Aadhaar database. This could be due to factors such as dry/oily finger, humidity, foreign material on scanner, or poor NIST Fingerprint Image Quality (NFIQ ).
Apart from the factors listed above, authentication failures also resulted due to reasons such as Aadhaar cancelled, locked biometrics, and technical errors (Figure 4). The most common of these three is Aadhaar cancelled (0.2%), thus requiring the resident to re-enroll for a new Aadhaar number. Locked biometrics (0.16%) lead to authentication failures when Aadhaar card holders unwittingly lock their Aadhaar biometrics, unaware of the fact that authentication will fail if the biometrics are locked. Finally, technical reasons (0.35%) for authentication failure includes duplicate requests.
Since a large share of authentication failures are attributed to a single cause (i.e. biometric mismatch), a more detailed study of the factors that influence ‘mismatch’ of beneficiary biometrics is required.
Distribution of authentication failure in Sub-district (mandals)
About 55% of mandals in the state have less than twenty thousand ration cards and remaining mandals have above twenty thousand ration cards. Visakhapatnam (Urban) has highest number of ration cards (0.4M) (Figure 5(a)).
Each mandal in the state has an average of 35 active fair price shops (FPS). Authentication failures for every 10 ration shops in a mandal was found highest in Visakhapatnam Urban (Circle I, II, and III) (280) followed by Kakinada, East Godavari (176) (Figure 5(b)). About 35% of all authentication failures (per 10 FPS) in the mandals of the state is localized in four districts (Figure 5(b)), namely East Godavari, West Godavari, Srikakulam and Vizianagaram. Moreover, we observe that authentication failures are not tightly correlated with the number of ration cards (Figure 5 (a) & (b)).
Figure 6 identifies districts which have high variation in authentication failure across mandals in the district. For example, East Godavari and West Godavari have approximately the same number of active ration cards across the mandals, but East Godavari has mandals with higher authentication failure. Hence, we need to anlayse the factors resulting in different failure rates for mandals with approximately similar number of ration cards and PDS
Aadhaar numbers may fail biometric authentication
About 5,264 ration card holders failed authentication in both November and December 2017 (Figure 7). The leading cause of authentication failure for this subset of ration cards was biometric mismatch (86%), followed by missing biometric data in CIDR (8%). This could be an indication of poor biometric quality during enrollment.
It is interesting to note that about 92% of authentication failures in December 2018 were caused due to biometric mismatch. Biometric mismatch could occur due to numerous factors including improper collection of biometrics during authentication, foreign material on finger or the surface of scanner, low NFIQ value of scanned fingers etc. The current error reporting mechanism adopted by UIDAI does not clearly specify which of these caused the first authentication failure. Instead, it only specifies the generic term ‘biometric mismatch’. Hence, it is more time consuming for residents to authenticate in their following visit. We therefore suggest improvements in the error reporting mechanism of the authentication API, so that the resident knows clearly the exact reason for the authentication failure.
Moreover, given the high prevalence and uniform geographic spread of biometric mismatch in Aadhaar authentication, a more detailed study of this cause of failure is required. One possible solution to bring down the number of biometric mismatches could be to make best finger detection (BFD) compulsory for all the eligible beneficiaries. BFD is a methodology of identifying the finger(s) of a resident with the best biometric details. This identification is done using BFD API, a set of programming library used to implement the BFD algorithm. This service could be made available at common service centers set up by state governments for delivering government-to-citizen services at a minimal or no cost. The purpose of using BFD is to enable the resident to exactly know which of their finger is best suited for biometric authentication thus making the process of biometric authentication more convenient.
This data brief seeks to establish a foundation for identifying issues surrounding the Aadhaar enabled public distribution (AePDS) in Andhra Pradesh and while doing so we were able to pose some questions for further research in following areas:
- Using the entitlement allocation and authentication failure data, create a coherent story of how people access the AePDS (Aadhaar enabled PDS) in Andhra Pradesh.
- Identify physiological and technical reason that lead to Biometric Data Mismatch and whether best finger detection (BFD) can minimize the instances of this particular authentication failure.
- Identify reasons for variation in authentication failure across mandals with similar number of beneficiaries.
- Using the authentication failure and demographic data (age, location, occupation etc.) identify geographies / communities / occupations / locations that are more prone to authentication failure.
- Study the utility of alternative mechanisms (e.g. OTP based authentication, Iris scanner, manual allocation etc.) of authentication of beneficiaries for allocation entitled benefits.