New Delhi: Ratings agency Moody’s Investors Service has expressed concerns about security and privacy vulnerabilities in centralised identification systems, such as India’s Aadhaar programme, saying that its biometric readability in hot and humid conditions is questionable.
“The Unique Identification Authority of India (UIDAI) administers Aadhaar, aiming to integrate marginalised groups and expand welfare benefits access…The system often results in service denials, and the reliability of biometric technologies, especially for manual labourers in hot, humid climates, is questionable,” Moody’s said in its report “Decentralised Finance and Digital Assets”, according to The Hindu.
The ratings agency suggested that decentralised identity (DID) systems, such as digital wallets, based on blockchain technology, may be a better solution, as they give users more control over their private data and reduce the risk of online fraud.
The report cited some examples of successful programmes in Catalonia, Azerbaijan and Estonia that have used blockchain-based systems to issue digital identities. “Estonia, known for its fully digitalised public services, has embraced SSI [Self-Sovereign Identity] to grant citizens complete control over their digital identities,” it noted.
In a centralised system, a single entity such as a bank, social media platform or government electoral roll controls and manages a user’s identifying credentials and their access to online resources. That entity can dispose of the user’s identity data – name, address and Social Security number, for example – for internal or third-party profiling purposes,” the report said, adding that such systems offer the least personal data control to users.
The adoption of DID — where personal data is saved in a user’s digital wallet and identity verification takes place not via a single, centralised institution but on a decentralised digital ledger such as a blockchain — increases privacy and reduces the amount of personal information held by intermediaries, Moody’s noted. The DID, it said, can be stored and managed in a user’s portable and reusable digital wallet, rather than by a government, business, employer, or other entity.
However, Moody’s noted that decentralised IDs also pose some challenges. At a broader level, it warned that digital IDs, centralised or not, can cause problems at the social level, as they may strengthen group identities and political divides, particularly if offered by technology and social media companies with significant monopolistic influence.
“Consolidation of control within these entities could lead to a concentration of power over individual identities, shaping perceptions and interactions in the digital realm. Further polarisation of group identities and political affiliations would undermine the goal of a united and diverse digital space,” it added.