A number of countries are creating digital identities for their citizens, in part to improve the delivery of public services. India and Estonia are leading the pack.
Creating a ‘coalition of the positive’ in India: An interview with Nandan Nilekani
The chairman of the Unique Identification Authority of India explains how documenting the existence of every living resident will change the country.
Eric Braverman and Mary Kuntz
When Nandan Nilekani assumed the chairmanship of the Unique Identification Authority of India, in 2009, he knew he was taking on a monumental task—to document the existence of every living resident of the country. Nilekani is leading the development of a national database that assigns a unique identification number to each of India’s more than one billion residents. A cofounder and former CEO of outsourcing giant Infosys, Nilekani was named one of the 100 Most Influential People in the World by Time magazine in 2006 and 2009. In May 2012, he spoke with McKinsey’s Eric Braverman and Mary Kuntz in New York about the rewards and challenges of launching this ambitious nationwide ID program, which could have a tremendous impact but has also engendered controversy.
McKinsey: Enrollment in the ID program began in September 2010, and today more than 200 million Indians are in it. Why have so many people enrolled?
Nandan Nilekani: Well, identity rights are very important for participation in the formal economy. Having a document that proves your identity is the basis for owning property. It’s the basis for getting basic entitlements or pensions or scholarships. It’s the basis for travel. India is becoming more of a migrant society—people are moving from villages to cities, from north to south, from central to coastal India. And when they move, they have to prove to the local establishments who they are, or else they can’t open a bank account, buy a mobile connection, or get a job.
The West has fairly well-developed ID systems. In India, we have around 25 million births a year, but as recognized in the UNICEF report, many births are unregistered and there is no equivalent of a Social Security number, like in the United States. Thus many Indians don’t have any document that proves their existence vis-á-vis the state government. That’s the basic problem we’re trying to solve. But the game-changing dimension of our ID platform is that it’s digital.
McKinsey: What impact has the program had on India’s government?
Nandan Nilekani: It will have a huge impact on public-service delivery and, in turn, on residents’ satisfaction with the way government works. The platform we created is an open API, so other entities—say, banks and telecom companies—can embed our APIs to verify someone’s identity before that person withdraws money or buys a SIM card for a mobile phone. So, for example, if a person is entitled to a pension, all the government has to do is say, “Send this amount to this ID number.” That ID number translates into a bank account, and the money gets credited to the account. The government doesn’t even have to know where the bank account is. Residents will be empowered because they’ll be able to access public services from anywhere. We can authenticate a person online, so services can be delivered online, via mobile phones, or at physical service-delivery locations.
McKinsey: Bringing banks and telcos into such a consortium has raised concerns about privacy and civil liberties. How are you addressing those concerns?
Nandan Nilekani: We used a lot of design principles to make the ID system as privacy enabled as possible. For example, the information we collect from individuals is very simple: just the name, address, date of birth, and gender, with e-mail addresses and phone numbers optional. We also have biometric data, but we use this only to prevent duplication (to make sure a person gets only one unique ID number) and also for authentication. We don’t share people’s data with banks; the banks’ data aren’t shared with the ID system. So whether a person is withdrawing 100 rupees or 1,000 rupees is known only to the bank. You can think of it as a federated architecture, where each player knows only his or her part of the activity.
McKinsey: What does it take for a federated architecture such as this to work?
Nandan Nilekani: There are two big components to our system: the enrollment system and the authentication system. The enrollment system is a distributable, scalable architecture; we have our technology platform running in about 27,000 locations. The enrollment data are encrypted and then sent to our database for issuing unique ID numbers, so that requires massive back-end computing facilities. The authentication system, however, is cloud based. An authentication request—from a bank, for instance—would come over the mobile network. We verify that person’s identity, and we send the answer back.
McKinsey: It sounds like “big data” plays a role in making this work.
Nandan Nilekani: You can’t manage 27,000 enrollment stations, around 50,000 operators, and a million enrollments a day without big data. At any given point, we can say how many people enrolled, where they enrolled, how long each biometric capture took, how many retries the operator had to do per enrollee. We have that level of granularity in our performance data analytics so we can distinguish good operators from bad operators—which is important because we pay them based on how many people they enroll. Big data is crucial to performance management.
Also, we intend to publish our enrollment data after it has been made anonymous. If somebody wants to analyze enrollments by state, gender, or age, they can just download our data, which is machine readable. You can find out, for example, that a particular region is underserved, because the number of authentication requests from there is low. As the system matures, there’ll be more of this type of analysis. And again, it’s a balance between enabling such analysis and protecting privacy.
McKinsey: How will you measure the progress of the ID program? In two years, what will you be looking for to declare it a success?
Nandan Nilekani: You’re asking me to make forward-looking statements, something I avoided at my old job. But I’ll make one now—our goal is to have at least half a billion people on the system by 2014, which will make this one of the world’s largest online ID infrastructures. That’s one metric of success.
A second measure of success is to have two or three major applications of this ID infrastructure. The government can use it for electronic benefits transfer—that is, to pay out entitlements, pensions, and other benefits. The government can also use the system for subsidy transfers. Half of the $60 billion the Indian government spends on benefits and entitlements is for subsidies on food, fuel, and fertilizer. The government is looking into converting those subsidies into cash transfers—at least in the case of fertilizer and fuel—as opposed to offering the products at lower prices.
McKinsey: You mentioned your old job. What are some lessons for making major change happen that you have drawn from your experience as an entrepreneur?
Nandan Nilekani: One is the need for speed in implementation—the bias for action. Another is the ability, which is crucial in business, to recognize gaps and niches in the market.
But one area where the public sector is very different from the private sector is the amount of time you have to spend on consensus building and stakeholder navigation. In the private sector, you’re answerable to your management, your board, investors, maybe financial analysts. In the public sector, the number of stakeholders is much larger—the federal government, state and city governments, the media, activists, the public—and they often have different agendas and ideologies. Navigating all this, while preserving the integrity of your approach, requires a lot of negotiation.
McKinsey: You’ve encountered opposition from certain interests. How have you dealt with that?
Nandan Nilekani: Obviously, a transformational change like this will meet resistance from certain groups. To overcome barriers, what we try to do is, first of all, to make the people our champions. The people who enroll in the system become the voice of the system. Part of our strategy is to link the ID to benefits because, fundamentally, the ID is optional. So we’re taking a benefits-oriented approach—for example, if there’s an immunization program that requires an ID, then all the children required will get the ID. Another part of our strategy has to do with speed of execution. We launched the platform in 14 months, and as you mentioned we’ve already enrolled 200 million people. A third thing is that we’ve tried to create a “coalition of the positive.” A lot of people now have a stake in the success of this project. Banks and telcos, for example, have an interest in helping us make it work.
McKinsey: Other countries are experimenting with digital-ID programs and are trying to scale them. What advice can you give these countries?
Nandan Nilekani: They should have a scalable architecture right from the beginning. We could scale to 27,000 enrollment stations in one year because we built an entire ecosystem—there was a software platform, a hardware platform, a training platform for operators. We had many partners so that the load would get shared. We did a lot of things architecturally to drive scale.
But what’s equally important is that we expect to see a lot more innovation because of the platform’s open API. That’s the best way to do this: the government builds the platform but makes it open so that individual creativity and entrepreneurship can build more solutions.
Ultimately, what we’d like to accomplish in this role is to create a thriving application ecosystem around the platform. Over the next few years, we’d like to see more apps developed by both the public and private sectors—and the fact that so many people are enrolled in the system will, we hope, spur more developers to build applications. We want to create a virtuous cycle between applications and enrollment. We also want to make sure that there’s a sustainable organization that can continue to deliver on the promise of this transformational project.
E-government in Estonia
An innovative platform gives residents easy access to both public and private services—and could be a model for other countries.
Elana Berkowitz and Blaise Warren
Challenge: After gaining independence from the Soviet Union, in 1991, Estonia, one of the smallest nations in Europe, was left with little public infrastructure and virtually no commercial activity. It needed to build high-functioning government services for its residents and the fledgling private sector.
Emerging solution: Estonia’s government doubled down on technology, investing aggressively in efforts to bring services and citizens online. In 2003, it launched the first version of its e-government portal (www.eesti.ee), which offered secure online access to a handful of government services. Today, Estonia’s 1.3 million residents can use electronic ID cards to vote, pay taxes, and access more than 160 services online, from unemployment benefits to property registration. Private-sector entities, such as banks and telecommunications companies, also offer services through the state portal—and thus have an incentive to invest in maintaining the infrastructure backbone. More than 90 percent of the country’s people now have electronic ID cards, and every day approximately 10,000 users visit the portal.
In Estonia’s capital, Tallinn, the spire of St. Olaf’s Church towers over a walled city of cobblestone streets and buildings dating back 800 years. Tallinn’s medieval center belies Estonia’s technological sophistication: the country has one of the world’s highest rates of Internet connectivity—more than 75 percent overall and nearly 100 percent for people 35 or younger. It also boasts one of the world’s most advanced and comprehensive e-government systems. The state portal makes the public’s interactions with and participation in government faster, more convenient, and less expensive.
Government services and beyond
Most residents of Estonia have e-ID cards that enable access to the state portal. Users swipe them through a reader (now pre-installed on all new computers or available separately for less than €10) and confirm their identity with a personal identification number. Through the portal, residents can perform an ever-expanding range of tasks: apply for unemployment benefits, file for parental leave, access notary services, pay taxes (94 percent of taxes are declared online), and register new companies.
Last but not least, they can vote: Estonia is, to date, the only nation where citizens can cast online ballots in every type of election, from local to parliamentary. When Estonia held the world’s first binding election using Internet voting, in 2005, a mere 2 percent of voters cast ballots online; in the 2011 parliamentary election, that number rose to nearly 25 percent. The cost of each online vote is just half that of a paper vote, even factoring in the initial capital investment in the system.
The state portal’s offerings aren’t limited to government-provided services; Estonians can also use the system to connect with private-sector entities, such as banks, telecom providers, and energy companies. When banks in Estonia realized that the government-designed e-ID authentication system was more secure than alternatives, they began requiring customers to use government e-IDs when transferring large amounts of money. Today, customers can log into their bank accounts directly from the state portal. They can also claim loyalty rewards at the local cinema, purchase bus tickets, pay electricity and phone bills, and renew medical prescriptions. A private educational foundation has even developed, within the state portal, a Web site called e-School, which parents, students, and teachers can use to access grades and assignments.
A number of national governments—including those of Belgium, Germany, Italy, and the Netherlands, as well as a handful of Middle Eastern countries—have launched or are planning to launch e-ID card programs. None of them are as far along the path as Estonia. Other countries expanding their programs can take inspiration from how it overcame some foundational challenges.
Building the user base quickly. Because the system would require an upfront investment of approximately €50 million to €100 million, the government knew it needed a critical mass of users—quickly. When the portal first launched, its services were limited. Indrek Vimberg, managing director of the Estonian Information and Communication Technology (ICT) Demo Center, jokes that at first, “all you could do with the e-ID cards was scrape flies off your window.” To attract users, the government offered a 30 percent discount on public transportation to people who registered with the e-ID system. The number of e-ID cardholders increased 213 percent in 12 months.
Creating a technological platform that provides for low-cost expansion. The government wanted to develop a system that could incorporate innovative applications, not in existence at the time of launch, from the public and private sectors safely and at low cost. The solution: X-Road, a secure data-access platform that connects existing databases, allowing users to access data seamlessly from different sources. X-Road does not require building new databases or integrating existing ones into a master database. Rather, all the data remain separate—each government agency maintains its own, in the original format, on its own servers. (A list of the queries users have put to the system is the only data X-Road itself maintains.) X-Road can also link to the databases of private companies, thus allowing e-ID cardholders to access both private data (such as their personal bank accounts) and government records (such as their tax returns) through one interface. Since the government allows companies to use its authentication technology to verify the identities of their customers, many more services can be built on the e-ID platform. That will substantially increase the user base.
X-Road’s decentralized architecture has two benefits. First, it reduces the likelihood of a damaging cyberattack—in fact, a 2007 attempt to disrupt the services of Estonia’s central government resulted in nothing more than very brief downtime; the government’s portal and databases all remained stable. Second, connecting information to the X-Road system isn’t prohibitively expensive. According to Andrus Aaslaid, counselor to the Ministry of Economic Affairs and Communication (in the Department of State Information Systems), the country’s total investment in e-government solutions is approximately €50 million a year.
Addressing privacy concerns. Estonia had to ensure that residents understood and were comfortable with how and where their data were being used. It supplemented its e-government systems architecture with an audit function and legislation to enable Estonians to control their privacy and the use of their personal data. Every Estonian can review the full history of inquiries about him or her, including police-, banking-, and health-related inquiries. If a user does not recognize or approve of an inquiry, he or she can file a complaint with Estonia’s Information Services Agency. These internal controls have worked: in 2009, a police officer was suspended for inappropriately accessing public records.
Estonia’s residents can opt out of making their data accessible. A user’s health records, for example, are by default available for viewing by all licensed doctors, so they can look across a large patient database for common conditions and treatments. But patients can block access to their electronic medical records. This kind of system, Estonia’s government believes, has significant benefits, but it may not be tenable in countries that put greater emphasis on personal privacy rights.
Siim Raie, director of the Office of the President of the Republic, explains Estonia’s e-government leadership by noting that “In so many things, we had to start from scratch—so we were free to make big choices.” Indeed, Estonia’s e-government platform has made great strides in connecting public agencies, private citizens, and commerce. It will continue to evolve: for example, the country recently expanded the e-ID system to include a mobile ID service accessible through smartphones equipped with SIM cards. More innovations will be coming soon. Liia Hanni, program director of the E-Governance Academy and a former member of Estonia’s parliament, says that “In Estonia, we can add e to almost every affair of life.”