The potential of a Digilocker
explosion of technology has led to a rapid rise in digital assets and transactions. Today most private and public services are available through websites or apps, providing convenience and access to everyone.
But for most businesses, managing the operational aspects can demand dealing with third parties, in addition to their customer base, which can be time consuming, costly and even a risky proposition. Identity verification is a key process for which companies spend significant time and money. Failure to effectively conduct this verification can bring in huge risks for the organisation.
One key area is the documentation process to establish the identity of an individual (vendor or customer) as well as an enterprise. Almost all service requests today—such as: job applications, passport and visa applications, bank accounts, loans, leasing or purchasing of property for rent or purchase—require some form of an individual’s documents.
With time, regulatory reforms and self-governance policies have put added onus on the verification process for customers, third parties and business partners. That said, the risks associated have increased in the form of document tampering or damage due to wear and tear. For large-scale use, the Digilocker could be an effective solution. The digital locker (Digilocker) is a document storage, verification and utility service that was launched by the government under the Digital India initiative.
The intent was to eliminate the need for providing original and physical identity-related or other important documents for an individual’s verification, and move to a technology-enabled and secure digital environment.
Through the Digilocker, an individual can upload a document, self-attest it through an electronic signature, and subsequently share it as and when required. The storage capacity offered per user is 1 GB, without any limit on the number of documents that can be uploaded to it. The usage has seen an uptick since its launch, with reports stating that currently there are 2.1 million registered users and 2.4 million documents have been uploaded on the platform. Many documents are directly uploaded by the public-sector and government agencies, and can be accessed or shared through registered repositories. The documents cannot be modified or tampered, thereby ascertaining their authenticity online.
Digilocker is a web-based platform and can also be accessed through smartphones by using a mobile app. Individuals can sign up using their Aadhaar number and get a dedicated cloud storage space to upload their documents.
In a typical scenario, organizations seeking an individual’s information will have to raise a request online to get access. The user in question will then get a notification and would have to grant permission to accessing as well as viewing that particular document. Its USP is that requesters will only be able to view the file after they get an approval from the user. The read-only feature offers an added safety benefit.
Digilockers can be used beyond identity-related documents, and include other key documents such as salary slips and rent receipts. Many banks have already started using it for various purposes, including reviewing documents for loan applications. Additionally, schools and colleges are using this facility for admission processes, while hospitals are using it to store medical reports.
Digilocker has the potential to become an important tool against fraud and corruption. The platform can be used to deter identity thefts, protect data, enhance paperless governance and mitigate vulnerabilities around compromises as it has robust access controls. Some of its other benefits include:
1. Reducing administrative overheads and enabling easy access of service; 2. It is an environment-friendly initiative that would reduce paper usage; 3. Applying for identity cards and availing many services can have a quicker turnaround time as authentic documents will be easily accessible; 4. Deterring financial fraud to a certain extent as all documents are validated and then shared with the requestor; 5. All data would remain on servers located in India, and; 6. Two-factor authentication using mobile one-time passwords (OTPS) provides and additional layer of security.
Personal data is not dealt with seriousness by many people and this can lead to data breaches wherein information can be copied and shared freely, without the individual’s consent or knowledge. Spams and telemarketing have become an annoyance due to free sharing of personal data picked up from physical document copies. Fraudsters can also engage in identity theft, impacting individuals as well as corporations. There is a heightened need for awareness around the usage and benefits of a Digilocker, and assessing the platform’s ability to manage the volume and security complexities in one of the largest marketplaces.
The future of document management has the potential to be transformed with technologies such as Digilocker.
Amit Jaju is partner, forensic technology and discovery services, EY India.