A progress update on the roll out of one of the world’s most ambitious biometrics-based national identity card project
by Victor March
Since the start of the government of Indonesia’s multi-modal biometrics-based National Electronic ID Card (e-KTP) program in August 2011, record enrollments are being achieved across the country’s population of 172 million ID-eligible residents.
More than 103 million people have been enrolled and de-duplicated in one year with 80% or 140 million residents of the eligible population already enrolled and 85% already processed. Statistics show that over 1 million de-duplication transactions are being achieved in a single day in the data center and 600,000 enrollments being achieved in a single day in the field. In addition 60 million ID cards have been printed.
Population
Indonesia has the fourth largest population in the world after China, India and United States with 1,128 ethnic groups, 746 languages, 6 religions and 244 indigenous belief systems. The country is an archipelago with 17,504 islands, 33 provinces, 497 regencies, 6,659 subdistricts and 77,088 villages. All this combines to present a huge challenge with many variances for the Indonesian Government’s ambitious program.
As many residents held multiple local IDs, there was a need to ensure a unique national ID was brought to bear as existing IDs were easy to forge, thus facilitating the potential for fraud. In addition, lack of traceability was seen as a cause for national security threats, as well as disputed voters registry, hindrances to public services and the unmanageability of multiple data sources. Taking all these factors into account, the e-KTP program was introduced to establish a system which allows public services to optimize delivery rather than spending time on identity verification, provide an accurate and consolidated data source for national development planning and voting and above all, addressing national security threats through traceability.
Database
According to the Indonesian Government, the overarching goals were to build an accurate national population database, ensuring the unique identity of residents. Its practical objectives were to enroll 172 million residents (over 17 years old) within two years; to implement an automated biometric identification system for ensuring unique identities; and to issue electronic identification cards that are unique and authentic in 2011 and 2012.
The program duration of two years was of strategic importance to support the country’s general elections in 2014 (by February 2013, the data of potential voters has to be ready), according to Dr. Husni Fahmi, Chief of Population Administration at the Ministry of Home Affairs and head of the e-KTP technical team.
Other factors
The wider vision surrounding e-KTP embraced other factors deemed important by the Government:
- inclusion – giving the poor equal opportunity to participate in the identity revolution.
- financial – creating a new secure infrastructure for financial transactions to promote economic growth
- commercial: leveraging identity in support of loyalty programs
- interoperability: cooperation with Malaysia MyKad and other countries where strong economic exchanges are in place.
Geography
Before the program could get underway, there were a number of geographic and communication challenges to overcome, such as deployment in rural areas, accessibility and logistical distribution, electrical power and generator fuel availability as well as limited bandwidth (VSAT) and network outoutage. In addition, more than 72,000 operators, who were previously unfamiliar with biometrics, needed to be trained, enrollment equipment to 7,000 locations needed to be deployed and residents for enrollments in a distributed environment had to be mobilized through decentralized program management. Technologically the quality of biometric enrollment data and an immediate quality check on enrollment devices presented further challenges.
National consensus was achieved through appeals to Parliament with a voters registry and national development plan, to central government for population administration to improve public services, to local governments for cutting down on fraud and an ppeal to residents citing convenience, citizen-centric benefits and accountability.
The solution, which led to scalability in a short period of time, was to create an ecosystem with standards for best practices that allowed each enrollment site to operate autonomously, with separate but coordinated operations via a supervision team assisting in the harmonization of operations.
Scalability and accuracy with the requirement to de-duplicate 1 million records per day, was achieved through the implementation of a multimodal biometric identification system with fusion of iris, fingerprint and face biometrics through a judicious leveraging of iris’ speed and accuracy.
Technologies
As mandated by the Act Number 23 Year 2006 about Population Administration, each ID card is equipped with security code and electronic record. Furthermore, in the Presidential Decree Number 26 Year 2009 the security code is identified as fingerprints for ensuring unique identities and the electronic record is defined as chip (smart card) for storing biodata, signature, photo and fingerprints, as well as for securing the ID card.
Each sub district and regency is connected through a virtual private network for transmitting enrollment data to the Data Center of the Ministry of Home Affairs in Jakarta. Enrollments can be done either online or offline when network is not available. For ensuring unique identities represented by a single identity number or referred to as NIK, deployed a multimodal automated biometrics identification system was deployed which deduplicates identities based on fingerprint, iris, and face recognition either individually or in fusion. Multimodal biometrics ensures inclusive enrollments of citizens and improve accuracy and speed of identification. By March 2012, the technical team had collected around 43 million enrollments and out of the 40,634,588 records, received in the Data Center, the identification system found 3,240 adjudicate records and 82,695 were duplicate records.
Among the duplicates found around 50-60% were mixed biometrics from different people which was mostly unintentional. The requirement for the NIK number before biometric enrollment acts as an deterrent for people trying to intentionally try more than once and thus the real duplicates were observed to be low and under 0.09%.
Enrollments
The number of enrollments increased significantly after all enrollment stations were deployed; 11,283,614 records were collected in November 2011 and 10,802,207 records in December 2011. The highest number of enrollments per day in 2011 was 455,000 and the highest number of de-duplicated records per day in 2011 was 501,000. With strong local government support and enthusiasm of people to enroll, the e-KTP team says it has seen unprecedented mobilization of people. The local government provided operators, electricity and basic infrastructure, campaign, invitation to all eligible households, and some local governments provided an incentive to sub districts enrolling most people.
Enrollment services usually start at 9 am until 10 pm and some services until 2 am in the morning. People are willing to wait for enrollment until very late at night. Some of them have to travel long distances through difficult terrain such as forests, mountains, rivers, and sea. Operators effectively enrolled citizens in 183.25 seconds on average for verifying biodata, taking photo, and capturing signature, fingerprint and iris followed by operator verification. Hence, the number of enrollments per day, which was originally expected to be 300 records per day have increased to more than 550 records in many densely populated locations. Thus expected enrollment rates have been met. In addition, the enrollment system ensures capturing high quality biometrics data by providing live feedback and invoking multiple attempts if the quality is below expectation. The enrollment records which contain biodata, images, templates and diagnostic information are transferred effectively from local stations to the data center.
The average size of packets is 550.37 KB with average transmission time is 51 seconds per record at 78 Kbps effective bandwidth and 31 seconds per record at 128 Kbps effective bandwidth. The identification system at the data center is equipped with message queue servers (MQ) to receive records from local stations. The middleware fetches the records from the MQ to perform the multimodal de-duplication and update the Identity Management System. Other services feed the card printing and card management systems. The Business intelligence layer delivers the statistics via a public portal and analytics via the analytics team. The identification system meets our accuracy, throughput and response time requirements.
During the regular operations the system processed all the records with very minimal backlog in the field.
For accuracy the expected requirement for the system is FPIR (false match) of 0.01% and FNIR (false reject) of 3%. The accuracy of the system is continually measured using live data, ground truth data and pilot project data (approximately 96,000 records finger only) from 2009.
Accuracy rates
In all the cases, according to e-KTP statistics published midway in the program, the system has met the accuracy requirements in the following rate areas:
- Biometric Accuracy: measured performance on the real operational large-scale production e-KTP system with the citizen enrollment database size
- Citizen Failure to Enroll (FTE): zero. As per the policy not even a single citizen should be denied the e-KTP card so every person is enrolled as long as the information he or she provides is correct
- Biometric Failure to Enroll (FTE): zero. Since all three modalities are used for deduplication there has been no enrollment where the citizen has missing all three modalities. This implies that all the citizens can be deduplicated using biometrics. Finger and Iris Failure to Enroll Rate is 0.107%, which means that 99.983% of the population can be uniquely identified by the using finger and iris biometric. The remaining (0.107%) are de-duplicated using face biometric and issued a card.
- False Positive Identification (FPI): 0.008%. This means that on average assuming 500,000 records processed daily 50 records are sent for manual adjudication. We have a manual adjudication that reviews and resolves these cases based on demographics, face, and finger and iris comparison
- False Negative Identification (FNI): 0.18%. This implies that 99.82% of all duplicates submitted to the biometric de-duplication system are correctly detected by the system as duplicates. Following are the statistics on quality for the various modalities measured so far. Biometric Modality Value
- Finger Failure to capture 0.24% Finger Failure to enroll at least one finger 1.23% Low Quality Finger 3.6%
- Iris Failure to capture 0.4% Iris Failure to enroll one iris 0.19% Low Quality Iris 0.05%
- Face Failure to enroll 0.001%
- Both iris and finger failure to enroll 0.107%