In a world where increasingly information is currency and "data is the new oil", ownership of information and verification of identity become the deeds to the land from under which the black gold bubbles up. Digital footprints contain a vast amount of information that can be used for fair means and foul. For consumers in developed economies, the challenge for those who value their privacy is how to limit access to their information, and prevent commercial enterprises and government agencies knowing more about them than they care to share. For others, the personalized services they can obtain are well worth the price of their browser history. As one speaker remarked at Mondato Summit Asia, "With Apple you pay for your privacy. With Google you pay with your privacy."
The calculus for consumers in developing markets is somewhat different. The first (and for many still only) digital footprint that most people in emerging economies have is their mobile phone usage, which increasingly is also a portal for internet access. The key question for these consumers is how they can leverage their data to gain access to credit and services from which they were previously excluded: in other words, financial and economic inclusion.
Hello, I'm 202-555-1234
The problem, then, is one of identification and verification that will unlock a consumer's data vault in a manner that consumers, businesses and government can all trust. Increasingly, many governments are seeing compulsory biometric SIM registration as the solution, making a phone number as synonymous with an individual as a national I.D. or social security number, thereby overcoming KYC/AML and other regulatory hurdles. The results, however, have been mixed.
Whether a country has a national I.D. system or not makes an important difference in whether and how countries approach this issue. In this area, countries fall into one of three categories:
- Countries with a biometric national I.D. system
- Countries with a non-biometric national I.D. system
- Countries without a national I.D. system
This difference in background conditions obviously makes it easier for some countries to implement biometric SIM registration than others. Countries that do not already have a national I.D. system in place clearly have the biggest hurdles to overcome in terms of digital infrastructure and governmental capacity; collecting and securing citizens' biometric information is a mammoth undertaking that requires significant investment of public funds - very often in countries with already strained national budgets.
Carrots and Sticks
Bangladesh and Pakistan have more deeply rooted mobile money markets than India, even though they have both fallen victim to the "[OTC trap](/otc/)". Nevertheless, in recent years the two countries have attempted to introduce the compulsory registration or re-registration of SIM cards, accompanied by biometrics, partly as a response to terrorist attacks in the countries (although, as the GSMA has repeatedly [noted](http://www.gsma.com/newsroom/blog/mandatory-real-name-registration-prepaid-sim-card-users-considerations-policymakers/), there is no empirical evidence that such actions lead to a reduction in crime.) The results, however, highlight the systemic nature of problems across national ecosystems, and how there is no quick fix.
As the GSMA pointed out in a 2013 report into the compulsory registration of SIM cards, the costs of such a move are high, and the benefits unclear. Mexico, for example, introduced a similar measure in 2009, only to abandon the scheme three years later after quantifiable benefits became hard to pinpoint, while Ghana had to have a do-over of its (non-biometric) SIM registration just three years after its first compulsory registration drive, due to high levels of fraud in the system. While prior, compulsory SIM registration can ease the way for mobile money account opening, the experience of numerous markets is that without secure digital identities the full benefits are not realized.
Pakistan's SIM re-registration program was tied to the taking of biometrics (a digital thumbprint), in conjunction with the country's pre-existing National Database and Registration Authority. Although the policy resulted in 27 million SIM cards being blocked after they were not re-registered, within a three month period the government successfully registered over 100 million SIMs. It is unclear whether this success will fight crime, but a significant side-benefit has been the fact that each biometrically-registered SIM has now satisfied KYC requirements for the opening of mobile money accounts. This in itself will not solve Pakistan's OTC problem, but it has cleared a significant hurdle, and proves the power of threatening to disconnect a citizen's mobile phone in achieving governmental objectives that would otherwise be much harder to attain.
Further, as India has demonstrated with the success of its astonishingly ambitious [Aadhaar](/India-part-1/) scheme, where political will exists, even in a country as large and diverse as India, it is possible to register almost 90% of the population in just a few short years (which in India's case amounts to an astounding [1.1 billion](https://portal.uidai.gov.in/uidwebportal/dashboard.do) people.) Although in India's case the initial financial inclusion goal attached to the promotion of Aadhaar was the provision of bank accounts (as [discussed](/india-part-1/) by *Mondato Insight* in 2015), the government of India's recent demonetization efforts and approval of the first batch of specialized [payments bank licenses](/post-offices-a-crucial-piece-of-digital-finance-infrastructure/) point towards a future of further digitization of the country's payments infrastructure.
The private sector has quickly demonstrated the benefits and efficiencies of leveraging Aadhaar. Reliance Communications (soon set to be the third largest MNO in India after the completion of its merger with Aircel) last fall distributed free "Jio" brand 4G-LTE SIM cards that could be activated via an Aadhaar-based e-KYC process. While this helped the company in keeping up with demand, the level of technology required in-store meant that only larger retail outlets were equipped to handle e-KYC, while everywhere else had to make do with pen and paper. And while this shows that capacity needs to expand, it also demonstrates the integrity of the system: access to the system is only provided through approved outlets whose users must themselves use their own biometrics to access the system, thereby providing a form of a "double lock" on the system.
India's ambitions do not stop with physical locks, however. The country is currently consulting on the expansion of an Aadhaar-linked "digital locker." Perhaps more of a digital filing cabinet than a locker, the project originiates with the Ministry of Electronics and I.T. and uses military-grade security to allow citizens to create a Cloud-based storage space into which approved government entities can push digital versions of important documents such as driving licenses and voter registrations. A potential expansion is being considered, to enable technology that would allow the sharing of the information, at the citizen's request, with other approved entities, such as educational establishments and financial institutions. If these digital lockers can become secure repositories for a citizen and consumer's full digital identity, India's digitization agenda will be rapidly accelerated.
Quite a Combination
Taken together, India and Pakistan have demonstrated the power of the combination of SIM cards and biometrics. Biometrics have the power to greatly transform the nature of SIMs from communication chips and turn them into identity keys. Conversely, SIM cards have the power to incentivize and coerce citizens into creating digital identities, the power of which they may not even recognize. And these digital identities may hold the key to the remote activation of mobile money accounts, thus extending financial inclusion to the farthest remote corners of the earth.
What should be kept in mind, however, is that these systems are only as solid as they are secure, and as things tend to digitization, the personal consequences of fraud and identity hacks will be much greater. So all though biometric identification may be the future of greater financial inclusion, there is always a dark side, and regulators should tread carefully.
Image courtesy of NEC Corporation of America
Click here to subscribe and receive a weekly Mondato Insight direct to your inbox.