Aadhaar enabled Public Distribution System in Delhi

KEY FACTS
The average Aadhaar authentication failure rate for AePDS of Delhi in March 2018 was 1.3%. 19482 ration cards failed authentication during this period in March 2018

97% of all successful fingerprint and Iris based authentication requests received response from UDIAI within 2 seconds

Failure rate for OTP based authentication was 18% as compared to .5% and 2% for finger and Iris based authentications respectively

High authentication attempt days are marred by frequent disconnection between ePOS devices and PDS server.
Study Methods and Data Sources

Data from the Aadhaar enabled Public Distribution System (AePDS), Department of Consumer Affairs Food & Civil Supplies Government of Delhi was used for this analysis. AePDS is online portal containing data uploaded from ePOS devices used in fair price shops (FPS) for distribution of subsidized food grains. This website is updated daily. For further information about AePDS, including the data, visit the AePDS website at: http://epos.delhi.gov.in.

All the data for the analysis was scraped from the website for the period of 1st to 30th March 2018 and analysed using open source tools.

Summary

The Public Distribution System (PDS) in Delhi employs Aadhaar to authenticate the identity of its beneficiaries. The authentication takes place at the Fair Price Shops (FPS), wherein an individual eligible to receive subsidized food grains is required to furnish proof of possession of a ration card and must undergo Aadhaar authentication. The authentication workflow includes biometric and OTP based authentication.

The focus of this study is to characterize the main attributes of Aadhaar enabled public distribution system(AePDS) in Delhi and to assess the relative impact of essential components of AePDS system on allocation of entitlements to the beneficiaries of the PDS system in Delhi in the month of March 2018.

The Aadhar authentication attempts for 1.55 M ration cards were made in Delhi’s AePDS in the month of March 2018. Out of these, 19482 ration cards failed Aadhaar authentication. UIDAI’s Aadhaar authentication services were found to be extremely responsive. 97% of all successful authentication requests received response from UIDAI within first two seconds of their generation at the ePOS machines and 65% out of these were responded within one second of their generation. 70% of all OTP based authentications were authenticated in more than 20 seconds.149 authentications out of 1.5M were found to take more than sixty seconds to authenticate.

Aadhaar enabled public distribution system(AePDS) has three major components. The ePOS machine at the PDS shop, the state PDS server and the Aadhaar authentication services managed and provided by UIDAI. For efficient delivery of Aadhaar authentication enabled services to the beneficiaries these three components must function in tandem with high efficiency. The state PDS stores the digitized ration cards of all the beneficiaries and logs each transaction generated by the ePOS device present in the PDS shop. Even temporary unavailability of the state PDS server greatly impacts the time taken to authenticate a beneficiary. PDS entitlement offtake is characterized by abrupt surge in authentications attempts in the first half of each month. Any disruption of services by PDS server during this period aggravates the inconvenience caused to beneficiaries.

During the month of March 2018, the state PDS server of Delhi was found frequently inaccessible by the ePOS devices specially on days with higher number of authentication attempts by beneficiaries. The state PDS server’s throughput was observed to abruptly decrease for short durations of time during hours of day with high authentication attempts.

These observations demand a detailed study of the efficiency of the state PDS server under different load conditions and days to identify existence of any plausible underlaying technical issue or bottlenecks in the AePDS authentication ecosystem.

Background

Aadhaar authentication enables residents to prove their identity based on their demographic and/or biometric information captured during Aadhaar enrolment. Aadhaar authentication in public distribution system was introduced to make the process of identification of beneficiaries (a) convenient, by avoiding the need of multiple identity documents and (b) accurate, by using biometrics and/or OTP to accurately authenticate the identity of a beneficiary. Aadhaar authentication is also expected to bring in transparency and efficiency in the PDS by curbing corruption and leakages.

The Public Distribution System (PDS) in Delhi is Aadhaar-enabled. Delhi AePDS uses three modalities for authentication, two of which are of Biometric (fingerprint and Iris)-based and the third one being OTP (One- time password)-based. To receive their food grains entitlement from the public distribution system the beneficiaries must correctly establish their identity by utilizing the ‘Aadhaar authentication framework’. The authentication takes place at the network of Fair Price Shop (FPS) spread across the nine districts in Delhi. Each FPS is equipped with an ePOS (Electronic Point of Sale) machine. These handheld devices act as an interface between beneficiary and the Aadhar authentication ecosystem.

Aadhaar authentication request for each beneficiary is generated using these ePOS devices. After retrieving the details of a beneficiary’s ration card from the state PDS server a request for authentication is send to UIDAI’s Aadhaar authentication services which only responds with a yes/no and no personal identity information is returned as part of the response. The first modality for authentication available to the beneficiary is finger print- based and if due to some reasons finger biometric based authentication is not successful then Iris and OTP are provided as part of the contingency plan.

The state PDS server contains the repository of the digitized ration cards of all eligible beneficiaries of the PDS system in the state. It also records details of every successful and fail authentication transaction generated by the ePOS devices. PDS server has an important role in the Aadhaar enabled public distribution system(AePDS). For efficient delivery authentication services of the beneficiaries, high efficiency of PDS server and UIDAI authentication services is extremely important specially on days with high authentication attempts. Underperformance of either these components can result in inconvenience to the residents.

This data brief focuses on understanding the key features of Aadhaar enabled public distribution system in Delhi. The objective is to examine the relative difference in usage and efficiency of different modalities of Aadhaar authentication used by beneficiaries. We then identify different components of Delhi AePDS and examine their role in efficient delivery of authentication services.

Key Findings

Aadhaar authentication failure

Aadhaar authentication attempts for 1.5M ration cards were made in Delhi AePDS in the month of March 2018. In that, about 19482 ration cards failed authentication during the same period. North West(.27M) has the maximum number of active ration cards followed by North East(.25M). New Delhi district has the least(.06M) number of active ration cards. In absolute numbers South West Delhi (2869) has the highest number of cards which failed authentication failure.

Out of every 1000 active ration cards in a district, 3 ration cards per 1000 failed fingerprint-based authentication in North West Delhi as compared to 6 cards per 1000 in South West resulting in highest number of authentication failures in the district.

In each district of Delhi, at least 90% authentications were observed as fingerprint based. 15% of all finger print-based authentications failed in South West and North East District.

In New Delhi for every 1000 active ration card, 9 cards failed authentication due to fingerprint-based authentication, which was also found to be the - highest among all nine districts. Followed by East Delhi where for every 1000 active cards, 7 failures were registered due to fingerprint-based authentication.

Biometric data mismatch was the leading cause of finger print based authentications in all the districts.

Three modalities of Aadhaar authentication are provided in Delhi AePDS two of which are biometric based (fingerprint and Iris) and the third is OTP-based wherein, a password is send to the registered mobile number of beneficiary. 19482 active ration cards were found to have failed authentication. Biometric based (finger and Iris) authentication constitutes 53% of total authentications (figure 3).

The ePOS device accepts fingerprint-based biometric as the preferred mode of authentication. 90 % of total authentication attempts in the state utilized fingerprint- based biometric less than 1% of which failed.7% of total authentications were Iris-based out of which 2% authentications failed.

It’s interesting to note here that OTP was used to authenticate only 3% of all active cards ration cards but the authentication failures due to OTP constitute 47% of the total authentication failures in Delhi AePDS in the month of March 2018.It was also observed that 18% of all OTP based authentication failed.

No OTP-based authentication was observed in Delhi AePDS data after 17th March(figure4). OTP-based authentication can be considered as contingency for cases where biometrics of a resident can’t be used for authentication. Number of reasons cause OTP-based authentications to fail which may include improper seeding of mobile numbers in PDS system, mobile network issues, lack of awareness etc.

Components of Delhi’s AePDS and their role in service delivery

The efficiency of the UIDAI’s Aadhaar authentication service is evident from the daily data available for maximum and minimum time taken by UIDAI’s authentication services to authenticate the 1.5M cards of Delhi AePDS in March 2018.

97% of these cards were authenticated by UIDAI’s authentication services within 2 seconds of generation of authentication request on the ePOS machines. Remaining 2.5% ration cards were authenticated by UIDAI between 15 to 30 Seconds. Only 140 cards were found to take more than 70 seconds to authenticate. The daily median of maximum time taken to authenticate a beneficiary was found just above three seconds (figure 5).

ePOS devices in AePDS can be operated only by designated PDS dealers who must establish their identity by using Aadhaar authentication at least once a day. These hand-held ePOS devices connect the beneficiaries with Aadhaar authentication service provided by UIDAI with assistance of the state PDS server.

Using the beneficiary authentication attempt and active ePOS device’s reset count data available on Delhi AePDS portal, it was observed that in month of March days with relatively higher number of authentication attempts were marred by frequent disconnection of ePOS devices from the state PDS server (figure 6).

ePOS disconnections are manifested by frequent restarts of ePOS machines, delayed or no response from the state PDS server and decreased efficiency of the ration shops. The down time of these ePOS machines aggravates the inconvenience of the beneficiaries specially on days with higher authentication attempts.

The Delhi AePDS is characterized by surge in number of authentication attempts during the first half of each month. In the month of March more than 85% of the beneficiaries claimed their entitlement during this period.

It was also observed that on daily basis in March the number of Aadhaar authentications were found to be highest during 10am in the morning up to 1pm in the afternoon. 40% all total successful authentication attempts(1.5M) by beneficiaries were made during these hours. Authentication attempts again pick-up pace in the afternoon starting from 4pm and lasted till 7pm in the evening during which 30% of all successful authentication attempts for the month were made(figure 7).

For efficient delivery of authentication services its essential for all components of the state AePDS framework to incessantly contribute to provide authentication services specially during peak authentication data traffic hours.

The ration card details of beneficiaries are retrieved from the state PDS server before every AePDS authentication attempt. The details of each transaction are logged into the PDS server only after which a transaction is considered successful. Failure of either of these activities results in disruption of delivery of authentication services and results in consequent inconvenience to beneficiaries which is manifested inform of waiting time in queues or requirement to revisit the PDS shop when PDS server’s services are restored.

Using PDS shop level transactional data, the PDS server’s hourly throughput was observed to abruptly fall during peak hours (10am to 1pm & 4pm to 7pm) of authentication activities. These disruptions in authentications were observed frequently in the first half of the month. At the PFS shops these disruptions are manifested in form inability of the ePOS to establish a connection with state PDS and non- responsive ePOS devices.

Policy implications

Delhi’s Aadhaar enabled public distribution system (AePDS) provides three modalities for Aadhaar authentication to beneficiaries. The fingerprint-based Aadhar authentication is most frequently used with 90% of authentications taking place through it and less than 1% of these authentications failing. 97% of biometric-based authentications in Delhi AePDS were found to be authenticated by UIDAI within 2 seconds of their generation on the ePOS machines. Only 1.5% authentications out of total 1.55M authentications were found to take between 15 to 30 seconds. This signifies the responsiveness of the Aadhaar authentication services provided by UIDAI.

OTP based authentications wherein, an OTP is send to the registered mobile number of beneficiary constituted 3% of total authentication attempts. The average time taken for OTP-based authentication was 26 seconds whereas for biometric based methods was found to be less than 1 second. The minimum time of response for authentication of an OTP was found 19 seconds. 90% of all OTP based authentication took more than 22 seconds. These observations indicate the inefficiency of the OTP based authentication mechanism and the effectiveness of biometric of biometric based authentication mechanism in Delhi AePDS. OTP based authentication mechanism are considered a contingency for authentication cases where biometric based authentication is not possible due to network limitations or frequent failures.

Given the proven efficiency of Iris-based authentication system, only 7% of all authentications in the state were Iris-based. It’s interesting to note that 22% PDS shops have never used Iris scanner for authentication. It could be due to unavailability of device at the shop or lack of knowledge of using the Iris device. Since only 2% of the OTP based authentication failed requires more widespread use of this modality of authentication and could used instead of OTP based authentication provided availability and frequent usage of Iris scanners at PDS shops.

Further Research

This data brief seeks to establish a foundation for identifying issues surrounding the Aadhaar enabled public distribution (AePDS) in Delhi and while doing so we were able to pose some questions for further research in following areas:

  1. Using the entitlement allocation and authentication failure data, a coherent story of how people access the AePDS (Aadhaar enabled PDS) in Delhi could be created to get better insights of how the beneficiary access the AePDS.
  2. Inconsistency in usage of different modalities of authentication were observed across the districts, identifying the underlying cause for this phenomenon could be useful in reducing the number of authentication failures.
  3. New Delhi district has relatively higher number of fingerprint-based failure. A through study of the causes for the factors leading to it could help improve authentication services in the district.
  4. OTP based authentication is considered as contingency for biometric authentication failures but considering its poor performance in the state requires scrutiny of the implementation mechanism of this modality.
  5. A detailed study of the throughput of the PDS server under different load conditions and days to identify existence of any plausible underlaying technical issue or bottlenecks in the AePDS authentication ecosystem is required.

Dashboard