Covid-19 spurs national plans to give citizens digital identities
– Prof S Rajagopalan, PGP 1979
International Institute of Information Technology, Bangalore
Conceived as a digital public good as part of IIIT Bangalore’s efforts in promoting open source applications for societal development, MOSIP’s potential impact could not be more relevant or apparent.
MOSIP, an open-source platform developed in India, will be central to many of those efforts.
WHEN MILLIONS of migrant workers were forced by India’s sudden covid lockdown to return to their villages from the cities where they worked, many feared destitution. But Aadhaar, the country’s pioneering biometric ID system, came to the rescue. Under an income scheme for farmers launched in 2014 that would have been impossible without Aadhaar, $1.5bn was transferred digitally and at speed into the bank accounts of 30m people, with little waste or fraud and almost no distribution cost.
Because 1bn accounts are linked to people’s Aadhaar identity numbers, India has been able to channel help to where it has been most needed with remarkable efficiency. Contrast that with America, where 90m paper cheques were laboriously sent through the mail, accompanied by a signed letter from President Donald Trump.
Covid has had a way both of exposing the weakest links in societies and of acting as a spur to innovation. Rich countries without national digital-ID systems can scrape through, thanks to myriad other ways people have of proving who they are—driving licences, credit cards, social-security numbers and so on. But for poor countries, the problem of getting covid-related help to their most vulnerable citizens is made infinitely more difficult when you do not know who they are or what services, such as health care and income support, they are entitled to.
Around the world, 1bn people have no formal proof of identity. More than 80% of them live in sub-Saharan Africa and the less well-off parts of Asia. Less than half of African children under five have their births registered. The poorest, women and those living in rural areas are least likely to have officially recognised IDs.
Something as seemingly straightforward but critically important as a vaccination registry to record who has had a jab and who has not, is easy to set up if you have a foundational digital-ID system to build it on, but much harder if you do not. Nandan Nilekani, the co-founder of Infosys, one of India’s largest IT-consulting and systems-integration firms, and the driving force behind Aadhaar, believes that the system will be crucial to authenticating digital certificates as a proof of vaccination.
Many governments in Africa and Asia have been inspired by the success of Aadhaar, which since its inception in 2009 has enrolled 1.3bn people. It has streamlined the delivery of services and payments, cut corruption, boosted financial inclusion and hugely raised participation in India’s digital economy. Before covid struck, encouraged by the launch of World Bank’s ID4D (“Identification for Development”) programme, which started in 2014, countries such as Morocco, the Philippines and Myanmar went to Delhi in search of help. But there is now a new sense of urgency.
However, Aadhaar is a complex system with its own set of application program interfaces, known as the India Stack, that could not easily be replicated. Having learned lessons from Aadhaar, Mr Nilekani proposed a different approach: building an open-source foundational ID platform that could be taken up by any country free of charge. The result is MOSIP, which stands for Modular Open Source Identity Platform.
With financial support from the World Bank, two countries—Morocco and the Philippines—are implementing national ID schemes based on MOSIP, which will be rolled out early next year. Three more—Ethiopia, Guinea and Sri Lanka—are working on pilots. Several others, including Ivory Coast, Togo and Tunisia, are keen on using MOSIP. There are plans for countries across west Africa to have a shared interoperable ID platform, allowing cross-border authentication. The aim is that by 2023, at least ten countries will be operating MOSIP-based digital-ID platforms and it will have become an international standard, each country having learned from the others’ deployments. And the covid emergency is lengthening the queue of countries at MOSIP’s door.
The MOSIP project, which got going in March 2018, is nested in Bangalore’s International Institute of Information Technology (IIIT-B) and endowed with funding of $16m from the Omidyar Network, the Bill and Melinda Gates Foundation and Tata Trusts. What it set out to do was to give countries with far less IT capacity than India’s a basis for establishing a cost-effective foundational identity system that was, in effect, “Aadhaar in a box”. Bangalore, according to C.V. Madhukar, Omidyar’s lead on digital identity, was the obvious place to base MOSIP. It could draw on technical know-how from Mr Nilekani’s original Aadhaar team, who were mostly still there, and on the resources of the iSPIRT Foundation, an organisation of volunteer engineers who donate their time to build software as a public good.
From the outset the MOSIP group, which is led by S. Rajagopalan, the entrepreneurial head of IIIT-B’s Innovation Centre, was clear on two points. The first was that MOSIP should be a standard-bearer for “good” digital ID. It had to be designed with a “citizen-centred” approach that ensured safety (protecting individual privacy and ensuring inclusion) and accountability (policies to limit use cases to those which are of general benefit and which cannot be perverted for purposes such as political suppression).
Countries applying to use MOSIP must assure its governing executive committee that as well as having sufficient digital infrastructure (or adequate funding to put it in place), their intentions for the system are benign and the underlying policy framework is robust. It is not a guarantee against misuse, but it is a worthy statement of principle.
The second was that MOSIP should be open-source, allowing all its protocols to be seen, developed and strengthened by collective effort. As Professor Rajagopalan says: “A lot of eyes are better than a few.” His vision is for MOSIP to become a thriving open-source project in which a community of developers and system integrators contribute to the long-term support and growth of the platform.
It was critical that implementing countries, though still needing to hire a professional systems integrator, would own the underlying identification platform including the software that supports it. Mr Madhukar notes that because national digital-ID systems are inherent monopolies, a key requirement for most countries is to avoid the perils of being locked into a single proprietary technology. MOSIP allows them to work with multiple application vendors, and remain in overall control of the system.
Because of its modular design (which separates the functions of each program into independent and interchangeable components) and configurability (which allows flexible solutions to real-world problems and simplifies deployment and maintenance), MOSIP can be adapted to different country contexts, laws and varying levels of digital infrastructure. Ease of customisation gives countries the option to pick the features they want to buy “off-the-shelf” and those they want to develop bespoke. For example, they can choose different modes of authentication, from biometrics to mobile one-time passwords. Another big decision that MOSIP leaves to its clients is whether to go for hosting the platform on national premises or the quicker, more scalable solution of the cloud. Either way, governments, rather than a third-party outfit, will own all their own data.
Over the next year or so, says Mr Madhukar, the MOSIP team will concentrate on “handholding” implementing countries and learning from them what works (and what does not) and further developing the architecture to integrate with a wide range of commercial software producers, while still avoiding the perils of vendor lock-in.
A big challenge for the future, as the number of countries wanting to use MOSIP grows, will be the capacity of local IT talent to build on the platform and create the data application layers to ensure interoperability with national registries and services. That will require the resources to train local providers and systems integrators, while also building a small community of developers that can be parachuted in to deal with specific problems. Without additional funding from philanthropic donors and the World Bank, or more help in kind from tech giants such as Google and Amazon, those efforts will stall.
That would be a pity. Chris Yiu, who leads the technology and policy team at the Tony Blair Institute for Global Change, is optimistic both about what digital ID in lower-income countries can achieve and how MOSIP can help. The institute is working with Oracle, a business computing firm, to establish vaccination registries across Africa. Mr Yiu says that “covid has played a forcing function” in making countries determined to run their health-care and welfare systems more efficiently and see digital-ID systems as the vital platform for doing so.
Other good things can come from that. Well-designed digital-ID systems, he argues, play a vital role in building trust in both government-to-citizen and citizen-to-citizen transactions, each of which are crucial drivers of social capital (those networks and relationships which are the bedrock of thriving societies) and economic development.
Source: The Economist