Indian government slams Moody's report on Aadhaar, says it is 'baseless'

"A certain investor service has, without citing any evidence or basis, made sweeping assertions against Aadhaar, the most trusted digital ID in the world," read a statement issued by the Indian government.

"Over the last decade, over a billion Indians have expressed their trust in Aadhaar by using it to authenticate themselves over 100 billion times. To ignore such an unprecedented vote of confidence in an identity system is to imply that the users do not understand what is in their own interest," the statement said.

The Indian government said the report in question does not cite either primary or secondary data or research in support of the opinions presented in it.

"The investor service did not make any attempt to ascertain facts regarding the issues raised by it from the Authority. The sole reference cited in the report is in respect of the Unique Identification Authority of India (UIDAI), by referring to its website. However, the report incorrectly cites the number of Aadhaars issued as 1.2 billion, although the website prominently gives the updated numbers," the statement said.

It said the report avers that use of biometric technologies results in service denials for manual laborers in India’s hot, humid climate, an obvious reference to India’s Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGS).

"However, it is evident that the authors of the report are unaware that the seeding of Aadhaar in the MGNREGS database has been done without requiring the worker to authenticate using their biometrics, and that even payment to workers under the scheme is made by directly crediting money in their account and does not require the worker to authenticate using their biometrics," the statement said.

The statement said: "The report ignores that biometric submission is also possible through contactless means like face authentication and iris authentication. In addition, the option of mobile OTP is also available in many use cases."

The Indian government further said: "The report also avers that there are security and privacy vulnerabilities in a centralised Aadhaar system. The factual position in this regard has been repeatedly disclosed in response to Parliament questions, where Parliament has been categorically informed that till date no breach has been reported from Aadhaar database."

The government said the systems are certified as per international security and privacy standards (ISO 27001:2013 for Information Security Management System and ISO 27701:2019 for Privacy Information Management System).

Recently, the G20 Global Partnership for Financial Inclusion (GPFI), in a report prepared by the World Bank, has stated that the “implementation of DPIs such as Aadhaar (a foundational digital ID system), along with the Jan Dhan bank accounts, and mobile phones, is considered to have played a critical role in moving ownership of transaction accounts from approximately one-fourth of adults in 2008 to over 80 percent now—a journey that it is estimated could have taken up to 47 years without DPIs”.

The recent G20 New Delhi Declaration has welcomed the G20 Framework for Systems of Digital Public Infrastructure, a voluntary and suggested framework for the development, deployment and governance of Digital Public Infrastructure (DPI), and welcomed India’s plan to build and maintain a Global Digital Public Infrastructure Repository (GDPIR), a virtual repository of DPI, voluntarily shared by G20 members and beyond.