Data Updation Process

The UIDAI has defined broad guidelines at this stage for the updation of demographic and biometric data collected during enrolment, which are as follows:
1. Demographic data updations will be required if there was an error in enrolment or when a resident changes his address / name etc. Biometric data updation will be required for children, and other residents in case of accidents / other loss.
2. The data updation process for demographic data will be a simple process involving document verification standards defined for the enrolment process. Biometric data will also be updated using the same devices and process used for enrolment.
3. Registrars need to maintain atleast a skeletal enrolment network in their respective locations, after the ‘enrolment sweeps’ are completed to facilitate ongoing updation of their databases. Long term/Permanent enrolment stations need to be established by the Registrar at Taluk/Block/Municipality level, so that the residents can continue to enroll even if they have missed the first opportunity. These could be touch points for the residents in case they want to get their data updated.
Details of charges along with further guidelines on the process will be defined by the UIDAI, when this process commences.
Monitoring & Audits
A strong monitoring and audit process is critical to drive rigor in the execution of the processes defined above. Keeping in mind the need to have consistent and standardized implementation, the monitoring & audit process will serve as a control mechanism for the UIDAI and Registrars to deliver on the same.
A twofold process is envisaged at this stage:
Version 2.0 – April 2012 Page 20
1. MIS Analytics & Exception Reports: the UIDAI will generate a set of standard reports for daily / weekly / monthly monitoring of process performance. Additionally, a set of exception reports will be generated for fraud detection, to flag performance issues etc. Registrars can review the list of standard reports on offer and add/modify to the list.
2. Audits: in addition to MIS based monitoring, the UIDAI will conduct sample audits in the entire gamut of enrolment, training, logistics, grievance resolution and updation processes for controllership purposes. It is recommended that Registrars setup a similar process to audit the performance of Enrolment Agencies and other partners they engage with.
As a part of strategy review, it has been decided that demographic and other errors like biometric mix up, process violations would invite Penalties which would be deducted from the amount payable to the Registrar every month. UIDAI will share details with the Registrars who will be required to make detailed enquiries and take follow up action since they have contractual agreements with the enrolment agencies for error free data.

Query and Grievance Handling

The UIDAI has setup a Contact Centre to manage all queries and grievances and serve as a single point of contact for the organization. 1. The key stakeholders serviced by the Contact Center are Residents, Registrars, Enrollment Agencies, Authentication User Agencies and Authentication Service Agencies. 2. The Channels of Communication are Phone: Toll Free 1800 180 1947. 7AM to 11 PM. Monday to Saturday. (Currently not available on Sundays & National Holidays) Letter: PO Box 1947, Bangalore 560 001 Fax: 080-2353 1947 E-Mail: help@uidai.gov.in Languages Supported: Hindi, Kannada, Marathi, English, Telugu, Bengali, Tamil, Punjabi and Malayalam. 3. There are two operational sites of contact center one in Bangalore and the other one in Karnal. 4. Any resident seeking enrollment is given a printed acknowledgement form with an ENROLMENT NUMBER, that enables the resident to make queries about her/his enrolment status through any communication channel of the contact centre. 5. The Contact Centre services Enrolment Agencies/Operators on basic technical queries through a Technical Helpdesk only in English and Hindi language. 6. The Registrar is expected to put in place a Team that would serve to quickly address any matters requiring resolution that may pertain to the Registrar, but may be conveyed to the UIDAI Contact Centre. 7. Queries / grievances which need Registrar/Enrolment agency involvement will be transferred to the Registrar appointed Nodal officer through web link http://110.234.122.102/aadhar/ui/loginpage.aspx. (For login credentials e-mail may be sent to arajhansuidai@gmail.com or
Version 2.0 – April 2012 Page 19
amitar@sparshindia.com.) The Time taken for resolutions to be resolved

Aadhaar Generation

This is an automated process run by the CIDR and is described below for reference:
1. Once CIDR receives the enrolment data, it carries out the necessary quality and validation checks & readies for de-duplication.
2. CIDR will run the de-duplication algorithm to match the details of a resident enrolment request with existing entries in the database. Biometric data in the enrolment record i.e., finger and iris prints will be used for the same to ensure uniqueness.
3. If no match is found, Aadhaar no. is issued and letter generated for the same. If duplicate is found, a rejection Letter is generated to inform the resident that a duplicate record exists. If process/data errors are identified, rejection letter is generated and the resident is asked to re-enrol.
4. Details of the final status on each of the Enrolment Nos. will be shared electronically with respective Registrars and Enrolment Agencies periodically.
Last Mile Logistics
This process refers to the Communication of the Aadhaar Number to the Resident by means of a letter:
1. All successful enrolments are communicated through a Letter to each resident, delivered utilizing the Speed Post Service of India Post. UIDAI may also launch a web based Aadhaar letter facility subject to technical and security considerations.
2. Rejections to the enrolment process are also communicated through a Rejection Letter.
Version 2.0 – April 2012 Page 18
3. Undelivered letters are returned to the UIDAI. The resident may request for a letter at a later date by making a request to the Contact Centre.
4. Residents can also check their Aadhaar status directly at website http://www.uidai.gov.in/ using their Enrolment Numbers.

Aadhar Card Data Capture

The Go-live readiness workshop should have been completed and all requirements verified as met, before a Registrar proceeds to this step.
After an enrolment centre is ready, Enrolment Agencies can begin the process of capturing residents’ demographic and biometric data as follows:
1. Capture demographic data :
a. Aadhaar Enrolment/Correction form (containing KYR fields) and Registrar’s KYR+ form (if applicable) is filled by the resident. The data can also be extracted from a pre-filled database. Filling Aadhaar Enrolment/Correction form is mandatory and will be required - even in case of prefilled data.
b. Verify the identity and address of the resident as per defined standards. The verification methods are basis :
i. Document based verification – where the Proof of Identity / Address/Date of Birth/ Relationship documents are verified by the Registrar’s representative
ii. Introducer based – where Introducers authorized by the Registrar, authenticate the identity and address of the resident
iii. Head of Family based – where Head of Family endorses family members based on Proof of Relationship Documents.
Version 2.0 – April 2012 Page 16
c. The Operator must check Resident’s consent for Information sharing and Aadhaar enabled Banking services and record the same.
2. Once demographic data is captured, the operator will proceed to collect biometric data :
a. Exceptions if any (missing finger / eye for eg.,) are recorded as per guidelines detailed in the Enrolment Process Manual
b. Facial Image, Iris and Fingerprints are captured
3. Ask resident to verify if the demographic and biometric data displayed on the screen are accurate; print consent letter and issue acknowledgment once resident confirms accuracy.
4. EA then exports data and transfers to the UIDAI either by uploading the data packets using online sftp mode or by sending the hard disk/memory stick to UIDAI. UIDAI shall soon be discontinuing the practice of receiving data through hard disks and all data must be uploaded through SFTP.
5. File the documents for storage with the Registrar and UIDAI Document Management System (DMS). Instantaneous scanning of resident documents at enrolment centers and integration with their data packets will become mandatory from October 2012.
First Mile Logistics
This process refers to the transfer of digitized enrolment data from the enrolment station to the UIDAI’s Central ID Repository (CIDR)
The Registrar has two options for transferring enrolment data to the CIDR:
1. by directly uploading data to CIDR - using Aadhaar sftp client.
2. via memory sticks/hard disks sent through suitable courier service.
Data must be uploaded to CIDR within 20 days of enrolment.
Monitoring Data Transfer & Recovery of Lost Data: It is expected that each Laptop being used for enrolment will connect to the internet periodically to synch stations with CIDR (Central Identification Data Repository). To enable this, availability of a data stick is mandated.
a. Synching stations informs CIDR in advance, what data to expect.
b. For the data records successfully received at CIDR, the process for deletion of such data residing at the enrolment station is triggered automatically.
Version 2.0 – April 2012 Page 17
c. In cases where there is a problem with data records received from this enrolment station, a fresh instruction for EXPORTING this data again is generated automatically.
Hence this connectivity, at periodic intervals, is vital to ensure proper housekeeping and management of the data transfer process.
Station Sync must be ensured at least once in ten days.

Enrolment Process Of Aadhar Card

Setup & Preparation
In order to start enrolments, the Registrar has to complete the following activities, many of which can run in parallel and would have commenced post the Project Initiation Workshop:
1. Enrolment Planning – As a part of the Enrolment Planning workshop, the Registrar is advised to finalize the targeted enrolment nos., locations to be covered and timelines for the same. This data can in turn be used to plan the no. of Enrolment Stations needed, locations for the same, devices needed, operators to be staffed etc. It is strongly recommended that the Registrar enroll all residents of the locality and not limit it to their beneficiaries/ customers. ‘Sweeping’ all residents will give Registrars the benefits of economies of scale and optimizing on the cost of enrolment per resident. However, the Registrars can identify districts, in a phased manner, for the launch of Aadhaar enabled services and focus on enrolment sweep in these districts rather than spreading the entire effort thinly across the State/UT.
2. Define KYR+ fields if any are to be collected and initiate technology integration with respect to data capture API and logistics. Also finalize if pre-enrolment data from existing databases are to be used during enrolment. The Aadhaar Application Software for enrolment should be ready for deployment. See Annexure for details of the Enrolment Software.
3. Identify Enrolment Agencies – Registrars can consider using only agencies from the list empanelled by the UIDAI or they may identify through other sources. If Non-Empanelled Agencies are used, UIDAI strongly advises that these agencies be subject to same terms and conditions of work which apply to the empanelled agencies.
4. Subcontracting has serious impact on the quality and security of data. Agreement with enrolment agencies should have conditions to discourage sub-contracting. Model RFP/Q templates and the list of empanelled agencies have been published on the UIDAI portal.
5. Detailed station deployment plan needs to be uploaded by Enrolment Agency and approved by the Registrar using an online mechanism
Version 2.0 – April 2012 Page 14
developed by UIDAI. Online appointment scheduling should be encouraged for better crowd management at the centers.
6. Procure infrastructure and equipment including biometric devices as per standards defined by the UIDAI for setting up an enrolment centre through the designated enrolment agencies.
7. It is recommended that the Registrar must insist on Enrolment agencies using only Operators/Supervisors who have been trained, certified and their Aadhaar numbers have been generated. Operators/Supervisors may be trained using the modules / agencies that the UIDAI has empanelled for Enrolment Operator training; alternatively, the Registrar can ask operators to cover the modules in ‘self-study’ mode and appear for the test directly. All Enrolment Operators need to be tested and certified, keeping in mind the significant impact they have in collecting good quality and accurate data from residents. See Annexure for details of the Training modules.
8. Registrars must Review Pin Codes in Aadhaar Client Master Data and get Pin Code information corrected and completed prior to starting enrolments in their area.
9. Print and distribute Aadhaar Enrolment/Correction Forms. Registrars can have a separate form for capturing KYR+ data.
10. Define an integrated Information, Education & Communication Plan & Material leveraging the content developed by the UIDAI. The UIDAI’s IEC guidelines list in detail the different kinds of stakeholders to engage (PRI members, introducers, influencers etc.) and the recommended messages and media to use for each of them. The IEC plan lists the activities to be triggered 45/30/15/ 7 days before commencing enrolments. See Annexure for details.
11. Registrar should also identify an Officer to whom all relevant grievances may be forwarded; and two senior officers for managing escalations of the same. The Joint Working Subgroup should also develop probable queries / grievances that can come from the beneficiaries & correct responses for them; finalize the process & turnaround time for responding to the queries/grievances.
12. Before enrolments start, Registrars will need to identify Introducers who can help enroll beneficiaries who lack PoA/PoI documents. They can also leverage CSOs to better reach marginalized residents, act as Introducers,
Version 2.0 – April 2012 Page 15
and build awareness among them to mobilize enrolments from this group.
13. Identify Verifiers and ensure their presence at the enrolment centre during the operational hours of the centre for verifying resident’s documents.
14. Finally if Financial Inclusion solution will be a part of the enrolment process, then work with the UIDAI to identify Banks to partner with; define processes as required to implement the Financial Inclusion solution.
15. Review the Enrolment Centre Setup checklist and verify if all required activities are completed.

Guidelines for Financial Assistance of Aadhar

1. In order to reduce the financial burden of implementing Aadhaar, the Authority has been provided funds by the Central Government to assist the Registrars. To operationalise this arrangement, the States will have to provide the Authority, with details of the Registrar (name and account) through which they would like to receive the assistance.
2. Assistance will also be provided to develop ICT infrastructure; specifically for integrating existing software applications of partner agencies, procurement of hardware and software, engaging consultants / resource persons to advise partner agencies , engaging software agencies, developing cloud applications at the national level for the large scale social sector schemes and providing integration support. Details of the program are available on our website.
3. Identify Enrolment Agencies – Registrars can consider using only agencies from the list empanelled by the UIDAI or they may identify through other sources. If Non-Empanelled Agencies are used, UIDAI strongly advises that these agencies be subject to same terms and conditions of work which apply to the empanelled agencies.
4. Subcontracting has serious impact on the quality and security of data. Agreement with enrolment agencies should have conditions to discourage sub-contracting. Model RFP/Q templates and the list of empanelled agencies have been published on the UIDAI portal.
5. Detailed station deployment plan needs to be uploaded by Enrolment Agency and approved by the Registrar using an online mechanism

Key Policy Highlights

The following is a brief extract of the policy guidelines pertaining to Registrars:
1. The Registrar is a partner of the UIDAI in the implementation of the UID project.
2. The Registrar is under an obligation to enroll residents following the protocols, standards, process and guidelines laid down by the UIDAI.
3. The Registrar is required to ensure the security and accuracy of data (particularly biometric data) collected from residents.
Version 2.0 – April 2012 Page 11
4. Registrars may retain the biometric data collected from residents enrolled by them, if they have clearly articulated strategy for safe custody and utilization of these enrolment packets. The Registrar will have to exercise a fiduciary duty of care with respect to the data collected from residents and shall bear liability for any loss, unauthorized access to and misuse of data in their custody.
5. In order to ensure data integrity and security, the biometrics captured shall be encrypted upon collection by using the encryption key defined by the Registrar. The UIDAI has defined security guidelines for the storage of biometric data in order to give some guidance to the Registrar. The Registrar shall have to define their own security policy and protocols to ensure safety of the Biometric data. In the interest of transparency, it is recommended that the Registrar inform the resident that they will be keeping the biometric data and also define how the data will be used and how it will be kept secure.
6. The Registrars must retain the Aadhaar Enrolment/Correction Form, copy of Proof of Identity / Address/Date of Birth/Relationship and Consent for enrolment documents in proper custody till the time they are handed over to the UIDAI appointed agency for document management.
7. In case of disputes with respect to enrolment of residents, the Registrar is required to co-operate with UIDAI in resolving the matter and shall provide access to necessary background documents and other matters of evidence necessary to resolve the dispute.
8. The Registrar is required to support the UIDAI in conducting audits and checks on the enrolment process and follow the directions of the UIDAI in order to make the system compliant with the UIDAI enrolment framework.
9. NSR will keep UIDAI Regional Office (RO) informed of enrolments within their own premises. Engagement in enrolment activities proposed outside their own premises in any particular State will be approved by the State level UIDIC.
10. Registrars need to define a ‘data updation’ process in order to keep the resident data accurate and complete in their respective databases.
See Annexure for details of the Legal Framework governing Aadhaar.