Aadhaar generation & issue

Aadhaar Generation involves process like quality check, packet validation, demographic and biometric de-duplication etc. Aadhaar is generated successfully only if:

  • Quality of enrolment data meets prescribed standards laid down by UIDAI.
  • The enrolment packet passes all the validations done in CIDR
  • No Demographic/Biometric duplicate is found

If any of the above conditions is not satisfied, then Aadhaar number will not be issued and the enrolment gets rejected. The processes leading to Aadhaar generation are explained below.

Uploading Enrolment Data to CIDR

Each enrolment data is in a form of software packet which gets encrypted after completion of enrolment in the client itself and is uploaded to the central ID repository (CIDR) using the upload client provided to the Enrolment Agencies by UIDAI. The uploaded packet records are maintained in the client software to prevent duplicate packets being uploaded to the server, thus saving the processing time as well as packet rejection. All the data transfer to the server is performed using secured file transfer Protocol and so there is no chance of leakage of data to any unauthorised agency. The documents received from individuals seeking to enrol are also scanned and becomes part of enrolment packet which is uploaded to CIDR.

CIDR Sanity Checks: Each enrolment packet is exhaustively checked for validity – checksums, packet meta data, etc. – in the CIDR DMZ using automated process before it is moved to the production zone of CIDR for processing.

Data Archival: In CIDR, the contents of packet are read and stored in a table before archiving to ensure that the data is kept securely. The archival system has the following requirements:

  • All original packets (enrolments, updates, etc.) are required to be archived as-is, and “forever”, ensuring high availability, and zero data loss
  • Archived packet is kept securely and separated from core enrolment and authentication systems.
  • Archival system may allow on-demand data retrieval with appropriate access control and approvals.
  • Regular back up of Archived data is taken to ensure zero data loss.

Main Processing Pipeline

After the sanity checks pass, the enrolment packet is passed onto the main processing pipeline. At a high level, this includes the following stages:

Automated Data Validation: Following validation checks are done in CIDR for demographic data

  • Name & Address validations
  • Language Validations
  • Pincode and Administrative regions
  • Operator, Supervisor, Introducer Validations
  • Other Data & Process Validations

Demographic De-duplication: Demographic De-duplication: Demographic de-duplication is used primarily to catch trivial duplicates (non-fraudulent cases where all the demographic fields are identical) that are inadvertently submitted to the system, e.g., when an individual seeking to enrol has not received Aadhaar number few days after enrolment and decides to re-enrol at an enrolment station again. It is also used to de-duplicate children under the age of 5 year as biometrics data is not captured for children as per UIDAI policy. The goal of demographic de-duplication is to filter these cases and hence reduce the number of trivial duplicates going for biometric de-duplication.

Manual Quality Checks: Enrolment packets are sent for manual quality checks, where various quality check operators check the data for demographic and photo quality issues. This includes sanity tests against the individual photo – existence of human image, gross errors in gender and age, gender and photo mismatch as well as issues with the captured data (eg. transliteration errors).

Biometric De-duplication: Once a packet passes all validations, and demographic checks, it is sent to the biometrics sub-system for biometric de-duplication. Automated Biometric Identification System ( ABIS) from 3 different vendors is used to ensure the highest levels of accuracy and performance. The vendors are incentivised based on their accuracy and performance to ensure that they continue to improve the performance of their systems. These vendors are provided with individual's anonymized biometrics along with a reference number (generated in CIDR) without disclosing identity of the individuals seeking to enrol. The ABIS system compares the individual's biometrics with all existing biometrics in their gallery to find duplicates, if any.

Manual Adjudication: All duplicates identified by ABIS systems are sent to the adjudication module. The purpose of this module is to ensure no individual’s enrolment is rejected due to potential false matches of the ABIS systems.

Aadhaar Issuance

Aadhaar number is allotted after determining the uniqueness of the individual seeking to enrol. The demographics data of individuals seeking to enrol is associated with this Aadhaar number and so it can be used as an identity proof. This information is also sent to the authentication systems, so that authentication of Aadhaar number holder can be performed successfully.

Aadhaar Letter Delivery

After Aadhaar generation, the data is shared with print partner. The print partner is responsible for printing the letter (including tracking information), and delivering it to the logistics partner. The logistics partner (India Post) is then responsible for the delivery of the physical letter to the Aadhaar number holder.