Centre for Internet & Society

This note explores the three connections between finance and security and demonstrates the cost implications of operating a centrally designed identity management system as proposed by the UID. In doing so, it shows how the monitoring, storing, and securing of transactional data in a centralized database fall short of meeting the project's objectives of authentication, and thus is an additional cost. Further, it is argued that the blanket monitoring of the transaction database is not an effective method of detecting fraud, and is an expensive component of the project.

  • Operating a centralized identity management system that requires the use of a remote database for every transaction is always more expensive than a decentralized identity management system that could optionally use a local database.  

Centralized database costs

  1. Both public and private keys must be centrally stored
  2. All transactions require connectivity for the sending and  receiving of authentication of data, and have an associated  connectivity cost
  3. Securing all data at a  central database has  augmented costs      

Decentralized database costs   

  1. Only the public key must be centrally stored
  2. Some transactions require connectivity for the sending and receiving of authentication data
  • The cost of building an identity management system that includes recording, monitoring, and securing each transaction is more than the cost of building only an identity authentication system.  The goal of the project is to identify a person. Recording each transaction will add unnecessary cost. 
Cost of identity authentication system  
Cost of monitoring transactions   > Cost of identity authentication system
 Cost of securing transaction data  
  • Increasing security or fighting fraud can be done in two ways - having a targeted approach or through blanket monitoring. The UID scheme, through the monitoring of the transaction database featuring trillions of transaction by 1.2 billion people is a blanket approach, and will provide lower return on investment than a targeted approach.                                                                                                     
The views and opinions expressed on this page are those of their individual authors. Unless the opposite is explicitly stated, or unless the opposite may be reasonably inferred, CIS does not subscribe to these views and opinions which belong to their individual authors. CIS does not accept any responsibility, legal or otherwise, for the views and opinions of these individual authors. For an official statement from CIS on a particular issue, please contact us directly.