India wants tech firms to embed govt's encryption tech in devices

Some, like Apple and Google, will resist but failure to join can limit access to vast market

BANGALORE • India's relationship with the global tech industry has become increasingly fraught.

This year alone, the government has banned Facebook's free Web service and declined to exempt Apple from rules which require it to locally source 30 per cent of its goods if it wants to sell through its own retail stores.

Now India could force companies to use technology cooked up in a government-funded lab. The initiative is part of a national biometric identity programme called Aadhaar (Hindi for foundation). Millions of Indians use fingerprint and iris-scan authentication to access a range of public and private services that now includes banking.

Failure to join the effort could limit the tech industry's access to a vast and growing market, but companies like Apple and Google are expected to resist opening up their phones and operating systems to the Indian registration, encryption and security technology.

"There will be lots of pushing and shoving by the technology companies," says Mr Neeraj Aggarwal, managing director of Boston Consulting Group in India. "It will be a battle of ecosystems, and companies will do their best to hold on to their own."

Once Indians access Aadhaar using the government's encryption, the likes of Apple and Google would lose the ability to track users online, forfeiting the ability to mine that data to sell ads or other products and services.

A few weeks ago, government officials invited executives from Apple, Microsoft, Samsung Electronics and Google to a meeting to discuss embedding Aadhaar encryption into their technology. None of the companies will comment on what transpired at the gathering - and Apple did not show up at all.

Mr Ajay Bhushan Pandey, who runs the Unique Identification Authority of India and convened the meeting, says the industry representatives listened politely and were non-committal.

But Mr Pandey says he was frank about the government's position, telling his visitors: "Go to your headquarters and work this out so that we can have Aadhaar-registered devices."

Aadhaar is the world's largest such programme: In September 2010, India's government began collecting citizens' biometric and demographic data, storing them in a centralised database and issuing a unique 12-digit ID number to every man, woman and child. 

As of April this year, more than one billion people had signed up, or about 83 per cent of the population.

Designed, in part, to help thwart criminals who siphon off billions of dollars in welfare payments each year, Aadhaar helps authenticate millions of poor citizens so the government can send money in lieu of food, fuel and fertiliser subsidies, as well as pension and guaranteed work payments directly to their bank accounts electronically.

Civil liberties and citizens' groups say the programme violates Indians' privacy; others warn that Aadhaar's servers could be hacked and national security compromised.

But the government is moving ahead and, in recent weeks, has rolled out a digital payments infrastructure built on top of the programme.

The idea is to bring financial services to a nation where millions have never set foot inside a bank, let alone opened an account.

"We are doing 5 million authentications daily, and with Aadhaar-compliant devices, that number will grow exponentially," Mr Pandey says. "There is a solid business case for technology companies to enable Aadhaar services."

But once Indians access Aadhaar using the government's encryption, the likes of Apple and Google would lose the ability to track users online, forfeiting the ability to mine that data to sell ads or other products and services.

On the other hand, foreign tech companies could be at a competitive disadvantage if they don't go along because Indian companies, such as Flipkart, Paytm and Snapdeal, are already making their digital payments and services compatible with Aadhaar.

Samsung is the only global device-maker currently making an Aadhaar-friendly device - a tablet that is reportedly selling well. Microsoft is said to be working with the government to link Skype with the Aadhaar database so the video-calling service can be used to make authenticated calls.

Fresh from battles with Washington over encryption, Apple, Google and other US tech companies are less likely to compromise without a fight.

For now, the Indian authorities are asking politely. That could change. Earlier this year, New Delhi mandated that, starting next year, all mobile phones sold in India must have a panic button women can push when attacked.

Mr Nandan Nilekani, who co-founded the leading tech services firm Infosys and helped create the national authentication programme, says the government could do exactly the same thing with Aadhaar.


A version of this article appeared in the print edition of The Straits Times on September 15, 2016, with the headline 'India wants tech firms to embed govt's encryption tech in devices'. Print Edition | Subscribe