[lifeisstillgood]

If I get it:

India has a biometric database with 1B people on it!

... wow ... just wow ...

And adding new people to it is now compromised by a publically available hack, although getting 1B biometrics on board must have had an error rate that would be scary anyway.

The UUID created is needed almost everywhere, like driving license numbers elsewhere.

How much of the scare is "People can be added once but under incorrect names" perhaps wiping out criminal pasts? or "people can be added more than once"

The second is surely a search problem?

[mtgx]

Good luck to the government changing everyone's biometrics now. This is why biometrics should never be used for something like this, especially when it requires a centralized entity to store all the biometric data, making it a very appealing target to all the malicious hackers in the world.

At least Apple, etc, keep the a hash of the biometric data in a secure enclave on each device. Storing biometric data in a centralized database is beyond reckless, no matter who does it.

[captn3m0]

There is a court case pending judgement in the Supreme Court on the "needed almost everywhere" part. The judgement is expected soon. https://www.bloombergquint.com/aadhaar/2018/03/21/the-key-ar...

The ability to add people is problematic - once you have unverified additions, you can't trust whether even real biometrics were used for it, so it wouldn't even necessarily show up as a duplicate.

Search: Biometrics matching has a lot of failures (5% of 1billion is still a huge number).

[lmcm82]

Maybe I'm in the wrong here, but I imagine most civilised countries have a database with biometrics of all of its citizens, at least fingerprints.

[svs]

Biometric collection is always for specific purpose. General purpose, compulsory biometric ids exist only in Malaysia IIRC.

[forapurpose]

> Biometric collection is always for specific purpose.

But if you add up all the specific purposes, most/all people are included.

[ajdlinux]

In the Anglosphere we've traditionally been quite wary of national ID databases for our own citizens, for better or worse.

Most governments of foreign countries I have visited (US, many parts of Asia) have my fingerprints. The Australian government doesn't (to my knowledge, anyway).

[A2017U1]

Any Australian with a driver's license or passport most definitely has their facial biometrics stored. Any visitor to the country also is subject to it.

This has been in existence for over a decade and I'm astonished people aren't aware of that.

[ajdlinux]

Right, I do know that (The Capability(tm)!) and for some reason I just mentally exclude facial recognition from the term "biometrics". OP specifically said "at least fingerprints" - it's good to have a reminder that facial biometrics still count as biometrics too, and they're lower on the hierarchy than fingerprints.

[A2017U1]

From my experience going from clean shaven to a small beard can throw the whole system off and requires manual intervention rather than going through the automatic gates. Fingerprints surely would be more accurate.

Have no idea whether foreigners have to give fingerprint scans at Australian customs, it's common practice throughout Asia.

[captn3m0]

Not a lot: https://en.wikipedia.org/wiki/Countries_applying_biometrics

There are restrictions on how vast this database is allowed to be and what all it can be linked to, in most cases.

[lmcm82]

I live in Spain and they take your fingerprint when they make your ID card. I'm pretty sure that goes into a database, so they have the fingerprints of all citizens.

[robin_reala]

Same in Sweden, but in the UK there’s no national database of citizens, and therefore no fingerprints associated.

[snaky]

And not only of its citizens.

https://en.wikipedia.org/wiki/Biometric_passport

[Freak_NL]

They don't use UUID do they? Just a 12-digit UID.

[padmabushan]

without any hack, one person can be enrolled multiple times if it is done from different zones (mandal/district). There are brokers who can arrange this (and ofcourse charge upto 5k INR)

I guess the search is only limited to these zones.