Blockchain for More Trust in Government Systems

Rs 500, 10 minutes, and you have access to billion Aadhaar details is what has been flashing in media for some days now. Irony that human intervention can lead to a critical initiative like Aadhaar to be weakened by privacy doubts, hacking vulnerability and no trust. 

So how do we solve the human challenges posed by hackers who look at every angle and one-step forward from the authorities? We could see the options available by focusing on the technology aspect what UIDAI can do to make it more robust and trust worthy for each of the 100 crore subscriber and allow the following social to the right target audience:

1. Benefits of DBTL, PDS, Scholarships & Pensions (NSAP)
2. Linking Usage: Bank Accounts, LPG Connections, Ration cards, NREGA cards
3. Authentication: UIDAI, eKYC

A system more robust which always has promised its subscribers/citizens (users) trust of their data which has been accentuated by the Supreme Court’s landmark judgment, where the Right to Privacy has been termed as a fundamental right under the Indian Constitution. This can be tried to be reached when we have a system which displays the following attributes: 

1. Multiple Copies where no single place to hack with multiple copies to compare and distributed across multiple locations
2. Watchdog through a consensus algorithm which runs on a distributed network and decides which version of data is valid one
3. Secure to provide a tamper free environment for the participants in the network through a self-reviewing system
4. Smart Contracts which provide a mode of exchange which define the rules & penalties just like a regular contract but also automatically enforce these obligations so there is no misuse and unwarranted access to anyone other than the designated authorities/people
5. Open Technology Standards for increased innovation, participation and efficiency 

Blockchaining the Aadhaar is a possibility based on features required however implementation would depend on the government agency especially with the backdrop of Virtual ID (limited period and limited demographic details access).  As a start, options to empower the User can be seen where he/she decides who gets to see his/her limited demographic information and for what time and at the same time the information is validated by the Watchdog. Also provide limited access to service providers for limited time to verify the required data required based on privileges and allow the authority to be watchful of data being accessed.

Blockchain as a definition is a distributed database shared among a network of devices, all of which must approve a transaction before it can be recorded. So, it is essentially a universal ledger of digital records one that’s shared between various parties (P2P-Peer-To-Peer) and can only be updated by consensus of a majority of the participants where once entered, information can never be deleted.

As a thought process we can reuse the existing OTP feature where the user is empowered by allowing him to validate the OTP either received on his phone or application like mAadhaar which would be like a node for the user to validate. The use case can follow the below process:

1. The User has a private key that has been created by himself which allows him to access his information through Node or relevant app.
2. Vendor like telephone agency initiates a request to verify the user’s Aadhaar Details or Citizen wants to update certain information on his account (possible online only or visit Aadhaar Enrollment Centre)
3. OTP received by user on his registered number or email to validate which details which Agency has asked for the data validation and what data is required. OTP is validated
4. System triggers this transaction to create a record in the existing block of the user data.
5. The transaction details are relayed to the network, which includes all users (defined by UIDAI) including: 
1. UIDAI
2. Users
3. Government Officials (Central or/& State)
4. Third party Vendors (Telephone, banking, Insurance etc.)
5. Security Organizations
6. Technology Vendor Partners
7. Other Peer-To-Peer Network users
6. Data Access to be provided or updated is checked for validations like OTP  or signature  or biometrics (if user initiates from home environment)
7. P2P network approves and data gets updated and same is relayed to the User
8. Blockchain update based on user requirement

The advantages of this process would include:

1. Data Secure for user: User would be able to block access to his information based on validation through his device/node if he feels he does not want to share the information
2. Data Access Authentication by User
3. Reuse of current OTP feature
4. Increased Trust as P2P network

However this also comes with a set of challenges like increased network security, more users to be added who not only perform as a Watchdog but also system partners and  data hackings as digital thieves are always one step ahead of whatever anyone does to secure their properties.