Safeguard Aadhar: CAG’s audit of UIDAI reveals worrisome laxity. It needs to improve fast

News: CAG presented its performance audit of Aadhaar’s regulator, Unique Identification Authority of India (UIDAI). The audit covered its mature phase, from 2014-15 to 2018-19. CAG’s audit portrays an unsatisfactory picture of the systems and processes in UIDAI.

How does the UIDAI function?

UIDAI operates Aadhar through a layer of subcontractors. So, when an applicant’s biometrics are uploaded to the Central Identities Data Repository, it may be executed by the third layer of subcontractors. A similar system is in place when a financial intermediary seeks to authenticate the identity of a potential customer by using the Aadhar database.

What does the CAG report state?

CAG’s report shows looseness in the process:

1. UIDAI neither has granular data nor is it able to pinpoint the cause of failure. For example, UIDAI is unable to identify the cause of authentication failures, which causes people to pay to update their biometrics.
2. Issue of duplicate Aadhaar
3. Lack of oversight of subcontractors: Many failed to get their operations audited annually.

All these have bearing on data security.

Way forward:  UIDAI must have more robust systems in place. Need for better grip on data and subcontractors is required.

Source: This post is created based on the article “Safeguard Aadhar: CAG’s audit of UIDAI reveals worrisome laxity. It needs to improve fast”  published on 7^th April 2022 in Times of India.