The Quantum Hub

Authors: Deepro Guha & Aishwarya Viswanathan
Published: April 29, 2022 in the Mint

As of 2021, India had issued over 1.31 billion digital identity cards via its Aadhaar platform, and over 1.1 billion digital vaccine certificates via its CoWin platform. More recently, its Unified Payments Interface (UPI), crossed the $1-trillion mark in transaction values after it recorded 5 billion transactions in a month for the first time in March 2022.

What makes these numbers come alive is the sheer speed at which these digital platforms have achieved this scale of operation. And while this digitisation journey began in 2010 with Aadhaar to empower Indian citizens, in recent times India has discovered that its home-grown digital solutions can not only be leveraged to further its own development agenda, but also support its wider diplomatic efforts.

Aadhaar’s open architecture that allows for scalability and vendor neutrality has already resulted in several countries approaching India to either replicate the model or at the very least take note of its technology to develop their respective digital ID systems. The most recent development on this front includes a grant to Sri Lanka to implement its own digital ID program, modelled on the Aadhaar experience.

In a similar vein, India’s National Payments Corporation of India (NPCI) – the developer of UPI – is also providing technological assistance through licensing and consulting for building real time payment systems to countries across the world. This is being done to both help countries establish their own payment systems, while also further integrate UPI with international payments infrastructure. So far, Bhutan has adopted UPI standards for its Quick Response (QR) deployment and Nepal has fully deployed the UPI platform – becoming the first country outside of India to do so, and the RBI and the Monetary Authority of Singapore MAS have announced a project to link their respective fast payment systems, UPI and PayNow. In April 2022, BHIM UPI went live across the UAE.

These recent collaborations hint at India’s commitment to nurturing ecosystem efforts to build and strengthen its digital diplomacy. There are two key factors that have enabled India to emerge as a leader in building and exporting such technology.

First, India’s IT sector, with an estimated value of over US$ 150 billion, and an employer of nearly 4.5 million people – has consistently remained a key driver of economic growth. In fact, India’s talent pool in the ICT ecosystem is also increasingly participating in developing and maintaining India’s digital infrastructure. For instance, the Digital Infrastructure for Vaccination Open Credentialing (DIVOC), an open-source vaccine management platform created by a private collective of technologists, eGov Foundation of India, has been leveraged by other nations, including Jamaica, Sri Lanka, Indonesia and the Philippines, to streamline their Covid-19 vaccination process.

Second, India’s strong political will and deliberative policy making – has been crucial in providing high-level direction to steer ecosystem efforts. For instance, Ministry of Electronics and Information Technology’s decisions to incentivize the use of open technology, through Policy on Adoption of Open Source Software, Policy on Open APIs, Policy for Open Standards etc., has expedited the creation of digital public infrastructure and digital public goods. An example of the benefits of such technology is the use of open APIs to leverage the Aadhaar database for providing services like eKYC, DigiSign etc.

The government has also recognized the importance of including diverse stakeholders in the initial decision making for building such digital infrastructure. This is crucial, as these are parts of highly technical ecosystems, and thus require specialized administration, which goes beyond traditional bureaucratic expertise. A prime example of this is the creation of an ONDC Council, which comprises experts from bureaucracy, finance, retail trade, coding etc. Once activated, the Open Network for Digital Commerce (ONDC) will allow various e-commerce entities to showcase their products/services on a common platform, thus potentially introducing greater competition in e-commerce in India.

The governments recognition of the importance of digital public goods led diplomacy also highlights the key role these instruments will play in an emerging new world order.

For example, in light of growing global risks (like wars, pandemics etc.), creation of such infrastructure in areas critical to the functioning of the global economy (like finance), will both increase India’s resilience and further its strategic advantage. This is why in December 2021, a parliamentary panel proposed India building an alternative to the SWIFT network (which has now been used to impose economic sanctions against Russia in retaliation against its invasion of Ukraine).

Furthermore, building indigenous digital solutions that can create interoperable systems between jurisdictions (like UPI), and potentially reduce compliance, transaction costs etc., can garner global goodwill for India. For example, Estonia’s X-Road open software ecosystem, which has recently allowed for cross border data exchange between Estonia and Finland, is a marker in global standard setting and has allowed Estonia to build impressive soft power in the technology domain.

As the world navigates a new wave of rising geopolitical tensions, the need for building resilience while fostering new forms of cooperation becomes more relevant than ever before. In this regard, India’s advances at laying out its own digital Belt and Road have been noteworthy, and something worth keeping our eyes on.

Authors: Aparajita Bharti & Nikhil Iyer
Published: May 19, 2022 in the Economic Times

The Justice Sri Krishna Committee Report on a Free and Fair Digital Economy, which was the basis for the Personal Data Protection Bill, was released in July 2018. Until then, India had 16 unicorns – startups with a valuation of US$ 1 billion or more. Since then, there have been 84 more unicorns (as of May 2022). The upcoming law on data protection, currently under deliberation by the Ministry of Electronics and Information Technology, must create a conducive growth environment so that India’s startup ecosystem keeps thriving.

Broadly speaking, this law will set industry standards for data protection, resulting in enhanced customer trust in the digital economy. However, some provisions in the Personal Data Protection Bill 2019 and the Joint Parliamentary Committee’s (JPC) 2021 report merit a deeper discussion around the implications especially for India’s start-ups.

Startups around the world use various services and plug-ins to conduct their business efficiently, ranging from services that help with sending emails to customers, shipping, marketing, payments, etc. Often, these services are offered by global tech companies, who may be using foreign servers for their purposes, and who send processed data back to India to the concerned startup. Going by the JPC’s suggestions, these entities may need to obtain the DPA’s approval for each contract or scheme to be used for cross-border data transfers, which may deny approval on grounds of ‘public policy’ or ‘state policy’. This is an onerous requirement, which will require substantial resources from both the startups, and the Government. It is especially worrisome as the export-focused Information Technology/ IT enabled Services industries are crucial cogs in India’s growth story. Over half of these exports are to the USA, with another quarter to Europe.

There is also immense uncertainty over how non-personal data (NPD) will be regulated. NPD is data which is stripped of any personally identifiable information or which is anonymised, e.g. weather data, geospatial data, telemetry data, travel data, etc. The ability to process this data in innovative and creative ways, often through proprietary methods is important for startups, for which they invest significant technical and financial resources. Any law which mandates sharing of NPD, is bound to affect their incentives to invest in data collection, storage, analytics, etc., as it will interfere with the companies’ intellectual property rights over their datasets. This provision can also make Indian start-ups less attractive to global funders.

Further, neither does the current Bill, nor the JPC’s suggestions, forbid the Central Government from accessing foreign data once it is in India. This has raised concerns that India may not meet data adequacy requirements – essentially, it may fail to offer adequate protection to data that is imported into India for processing. Indian startups that look to process the world’s data will find these as impediments, as other countries may forbid their companies from sending citizens’ data to India.

Another cause of concern is for start-ups focused on building products for children. According to the Bill, Indian companies creating products and services for children in edtech, gaming, social media, etc. will have to contend with a high age of consent at 18 years, even as other countries allow children to consent to data processing at a much younger age- 13 in the USA, or 16 years, as under the GDPR in Europe. India’s current Bill also puts a blanket ban on profiling children, making customisation of services difficult, e.g., to use AI to offer customised programs for children in a classroom as per their learning abilities – further disincentivising innovation for this target group.

With regulatory ambiguity on key issues, the Indian startup story is at a crossroads today. On the one hand, recent months have indicated that the market is bullish about their prospects, going by the investments they have attracted. Investors have backed startups across a range of sectors – fintech, SaaS, e-commerce, travel, healthcare, education, etc., many of which have become unicorns. On the other hand, by imposing such requirements, we risk tempting Indian founders to register their startups outside India to avoid onerous compliance. An overzealous data protection framework can, therefore, undo decades of progress that the Indian start-up ecosystem has made.

While the Indian government’s aspiration to be a global thought leader in tech regulation is appreciable, straying too far from global benchmarks can have unintended economic consequences. One hopes that the next version of the Bill that the Government brings to Parliament, will take into account the aspirations of India’s entrepreneurs, to whom we are looking to create millions of jobs of the future.

We owe it to India’s daughters and their parents the same right to care for each other and be cared for by each other as we have for sons in our society, in life or in death.

Author: Aparajita Bharti
Published: June 03, 2022 in the Hindustan Times

Imagine a married couple without any children. The husband and wife work their whole lives, build their property and stash away savings in a joint bank account – hoping it will help in taking care of their ageing parents. Yet, when they die suddenly, without a will, all of their movable and immovable property is transferred to the husband’s parents. The wife, although economically independent and empowered, fails to provide for her parents because the 1956 Hindu Succession Act (HSA) which applies to 80% of India’s population including Buddhists, Sikhs, and Jains, dictates different schemes of property devolution for men and women if they do not have a surviving spouse or children: All of the husband’s property goes to his natal family, but the women’s property devolves to her in-laws.

Sections 15 and 16 of HSA are a point of contention in two landmark cases, one before the Supreme Court (SC) and another before the Punjab and Haryana High Court. In the first case earlier this year, the SC asked the government for its views. Shockingly, the government backed these provisions, failing to take into account the increased role of women in the economy, vastly changed family structures since 1956, and the blatant gender discrimination that this law legitimises.

On the one hand, we have laws such as The Maintenance and Welfare of Parents and Senior Citizens Act, 2007 which holds ‘all children’ equally responsible for the welfare of their aging parents and based on which successive judgements have emphasized that married daughters are responsible for their parents. On the other hand, we have provisions such as Section 15 in the HSA which systematically take away the right from daughters to provide support for their parents in the event of her untimely death. When the law exhorts daughters to care for their parents at par with sons, it also needs to provide an equal footing to both sons and daughters in the case of devolution of property after their death.

The changing demography adds more urgency to the need for reform. India’s Total Fertility Rate (the number of children an average woman will bear in her life) is 1.6 in urban areas and 2.1 in rural areas, indicating that fewer couples have children, and those who do have fewer children. In addition, the proportion of couples with only two daughters who accepted sterilisation more than doubled from 16% 1992-1993 to 33.6% in 2015-2016 (National Family Health Survey-4/NFHS-4), indicating higher acceptability of daughters as only children than earlier. Further, 42% of women own a house, and 32% of women own land jointly or independently. All these numbers indicate that women now hold more assets, they are the sole providers for their aged parents more often, and they do not leave behind children after their death as often. So, the number of people affected by HSA will only increase over time.

The Hindu Succession Act in its current form perpetuates the belief that women solely belong to their ‘married household’ after their marriage – a commonly cited reason for the preference for a male child as parents consider sons a safer insurance for their old age. No wonder, according to NFHS 5, the number of married people who want more sons than daughters is still several times the number who want more daughters than sons.

A paper published by National Institute of Public Finance and Policy in 2020 examined these provisions in HSA and suggested an amendment along the lines of the Goa Succession, Special Notaries and Inventory Proceeding Act, 2012, and the Indian Succession Act, 1925, which put men and women on par when it comes to devolution of property. The existence of these legislations points to the fact that legal precedents for an equal scheme of devolution already exist and parts of Indian society have already had years of experience with them.

One hopes that taking cognisance of the scholarship available on this topic, the government will revise its stance and bring an amendment to the Hindu Succession Act in the Parliament to correct this injustice. In the meanwhile, one also hopes that progressive states will amend these provisions given that succession is a concurrent subject. In absence of sincere efforts to root out the patriarchal biases from our laws, campaigns such as ‘Beti bachao, Beti padhao’ will fail to change long-held prejudices. We owe it to India’s daughters and their parents the same right to care for each other and be cared for by each other as we have for sons in our society, in life or in death.

Author: Aparajita Bharti is a daughter, also the Founding Partner of The Quantum Hub, a Delhi based policy research and consulting firm

Image credit: Feminism in India

This International Women’s Day is a reminder that we must strive for a gender-inclusive economic recovery and not lose the strides made in women’s empowerment in the last few decades on account of the pandemic

Authors: Sona Mitra, Mayank Mishra & Nikhil Iyer
Published: March 05, 2022 in the Hindustan Times

The Covid-19 pandemic has caused serious economic disruptions. As we celebrate International Women’s Day (IWD), a focus on gender-responsive economic recovery is imperative to counter the disproportionate impact of the pandemic on women, especially in India.

The majority of the working women (around 91%) in India are in informal employment, characterised by job insecurity, income volatility, and the absence of social safety nets that prevent and assuage the impact of economic shocks. According to the State of Working India Report 2021, by December 2020, nearly 47% women suffered a permanent job loss, compared to 7% men.

Even though the Periodic Labour Force Survey (PLFS) 2019-20 reported an improvement in female labour force participation rate (FLFPR) for women aged 15 and above – 30%, against 24.5% and 23.3% the previous two years – scholars have disputed these gains. As per the latest official data, FLFPR had dropped to 21.2% in January-March 2021, with the female unemployment rate increasing to 11.8%, against 10.6% a year ago. (PLFS Quarterly 2021).

The informal sector lacks access or awareness of financial services, new modes of payment banks/platforms, and the requirements needed to access credit. For women workers, the hurdles to access are compounded by a lack of access to smart gadgets and the knowledge of using them.

The pandemic has also severely hit the women-owned MSMEs. The disruption caused by the successive lockdowns has led to a loss of revenue and business discontinuity for MSMEs, including women-owned ones. The Indian entrepreneurial ecosystem is heavily skewed – the last published economic census (2013-14) revealed that women-owned enterprises comprised only 13.8% of the total number of enterprises. Most of them are small businesses. Further, women entrepreneurs in India face issues like lack of skills, training, and support, adversely impacting their professional journey. In such a scenario, the pandemic may push women entrepreneurs out of the market, who may find it harder to return.

For a gender-responsive recovery, targeted and accessible government assistance is important to improve women’s access to jobs and earnings. Moreover, it is not only important to arrest the decline in FLFPR but also sustain the gains made in women’s economic empowerment, which clearly leads to positive spill-over effects on family planning, maternal and child health, investment in child’s education, etc. In this context, we outline a few proposals from our paper on a Gender Responsive and Inclusive Economic Recovery in the COVID-19 Context.

Let us begin with urban employment. There has been a discussion around the need for a national urban employment programme to complement the National Rural Employment Guarantee (MGNREGA) since the later part of 2020.

States such as Tamil Nadu have also implemented similar programmes. The scheme could inbuild minimum workdays guaranteed for women, with mandates on urban local bodies to pursue gender-responsive works and IEC campaigns. Such programmes have the potential in facilitating women back into the labour force.

Women are also securing opportunities in the emerging digital-enabled gig economy, particularly in platform work in the service domain. However, this form of employment is still precarious and needs social security coverage. The Code on Social Security was passed in 2020, which includes mention of platform and gig workers; however, its implementation is yet to be felt. Recent reports suggest 10 crore unorganised workers have registered on the e-Shram portal, of which about eight lakh are gig workers. The Government of India may consider providing incentives for platforms to offset the implementation costs that digital platforms will have to incur to provide social security to their workers.

To prepare women for industry 4.0, India has to provide skilling and training in digital and business skills tailored to the future of work. In line with the government’s priority to bring India online, women should be equipped to exploit the internet’s opportunities. Existing gender resource centres under the National Rural Livelihoods Mission (NRLM) and National Urban Livelihoods Mission (NULM), where women access information on schemes, entitlements, etc. could be upgraded to impart these skills. The PMKVY should include provisions for digital training of young girls.

And finally, prompt action is necessitated to redress the disproportionately (six times) high time Indian women spend on care work, which has worsened during the pandemic and has driven many women to withdraw from the labour force. Therefore, it is imperative that infrastructural provisions that reduce time spent on household chores and enable child and elderly care be provided to women at every nook and corner of the country. This would entail ensuring basic infrastructure such as water supply, road connectivity, energy, and clean fuel access. In addition, the universalisation of creches needs to be approached with utmost seriousness.

Further, as India has one of the worst health/education worker to population ratios, these are areas in which women can potentially find opportunities. Researchers at the Azim Premji University estimate that regularising the jobs of anganwadi workers, Accredited Social Health Activists (ASHA), etc. and filling existing vacancies can create up to 3 million jobs.

As the country strives to get back to normal, the government has an important role in ensuring that women do not get left behind. This IWD is a reminder that we must strive for a gender-inclusive economic recovery and not lose the strides made in women’s empowerment in the last few decades on account of the pandemic.

Authors: Sona Mitra is principal economist, IWWAGE, and Mayank Mishra and Nikhil Iyer are public policy manager, and policy analyst at The Quantum Hub Consulting

Non-tech elements like community engagement and governance are important to realise the true potential of India’s digital platforms

Authors: Varad Pande & Rohit Kumar
Published: March 07, 2022 in the Indian Express

A lot has been written about the emphasis on ‘digital’ in the 2022 Union Budget (indeed, the word ‘digital’ was mentioned over 30 times in the Finance Minister’s speech). But one aspect of this emphasis that hasn’t been talked about as much is the importance given in the budget to digital public infrastructure (DPI) – the idea that cross-sectoral ‘digital rails’ like ID, payments and data exchanges when combined with open interconnected data systems in sectors like health, education and social protection, can transform service delivery for ordinary citizens.

India is seen as a global trendsetter in the DPI movement having set up multiple large scale DPIs like Aadhar for ID, UPI for payments and sector specific platforms like DIGIT for eGovernance and DIKSHA for education. Each of these have helped push the frontier of public service delivery in the country.

This year’s budget adds to the growing discourse on DPIs by making four key announcements – in health, an open platform with digital registries, a unique health identity and a robust consent framework; in skilling, a Digital Ecosystem for Skilling and Livelihood (DESH-Stack) to help citizens upskill through online training; a Unified Logistics Interface Platform (ULIP) to streamline movement of goods across various modes of transport; and for travel, an ‘open source’ mobility stack for facilitating seamless travel of passengers.

These announcements are a welcome development. Research by Omidyar Network India and BCG shows that the creation of national digital ecosystems in sectors like health, jobs and skilling, agriculture and justice, can lead to economic opportunities worth 50 lakh crore by 2030. Similar analysis by the Centre for Digital Economy Policy Research (C-DEP) also estimates that national digital ecosystems could add over 5% to India’s GDP.

But even as the potential benefits can be immense, there are important design considerations that we must get right if we are to truly unlock the value of these platforms for the larger good of citizens. One way to think about this is by differentiating between the ‘tech’ and the ‘non-tech’ layers of our digital infrastructure – while India seems to have made significant headway on the ‘tech’ layers, the ‘non-tech’ layers of community engagement and governance still need a lot more work. The combination of these three layers – technology, community and governance – is what is critical to making tech work for everyone. Together they embody what we call the open digital ecosystems (ODE) approach.

To unleash the true potential of India’s ODEs, we need to get the ‘non-tech’ layers right, by prioritising principles around data protection, universal access and accountability. While this presents a large menu, three specific non-tech levers are critical to get right.

First, protecting data of all users and giving them agency over how their data gets used. The passage of a robust Data Protection Bill is imperative. But, we also need to go beyond the mere requirement of ‘consent’ which is the core of data protection legislations. Consent as a construct is insufficient, as anyone who has tried to read privacy policies on their phones knows – it forces you to make a binary choice, in quick time, in an environment of information overload in dense legalese. While this is a tough problem to solve, recent research by the Centre for Social and Behaviour Change (CSBC) suggests that users can be “nudged” to make privacy conscious decisions by providing standardised privacy ratings, presenting privacy policies more visually, and mandating users to stay on the privacy page for at least a few minutes.

Second, it is important to address India’s digital divide when service delivery through tech. Research by ORF, for instance, shows that Indian women are 15% less likely to own a mobile phone, and 33% less likely to use mobile internet services than men. This, and other such disparities including India’s rural-urban divide, can undermine the country’s ODE project and lead to large scale exclusion if not consciously addressed.

So we need a ‘phygital’ approach that leverages multimodal service delivery through both online and offline options and strong grievance redressal mechanisms. Research by Aapti Institute and eGovernments Foundation has shown that leveraging trusted local intermediaries who are embedded in communities — local influencers, grassroots NGOs etc — can significantly improve access to tech platforms for marginalised groups.

Finally, as we push the frontier on digitisation, India must also focus on developing anchor institutions and robust governance frameworks to ensure that its tech infrastructure remains fit for purpose and accountable. Just as Aadhaar is anchored by UIDAI under an Act of Parliament, and the Ayushman Bharat Digital Mission (ABDM) is anchored by the National Health Authority, every new ODE requires an enabling and accountable institutional anchor. These institutions are critical for setting standards, ensuring a level playing field and safeguarding consumer interest while ensuring speedy grievance redressal. The sector-specific institutions also need to be complemented by a national level ‘National ODE Council’ to inform coordinated policies and keep the focus on citizen-centricity.

India has embarked on a unique journey of tech led service delivery at unprecedented scale and speed. From Aadhaar and UPI to DBT and CoWin – India’s tech stacks are grabbing the attention of the world. It is now critical to bring the gaze on to the non-tech layers of the stack, so that the potential of these platforms can be unlocked for every Indian.

Authors: Varad is a Partner at Omidyar Network India and Rohit is a Founding Partner of The Quantum Hub

The NDEAR vision does not build a new “app”; it connects what already exists

Authors: Varad Pande & Aishwarya Viswanathan
Published: January 27, 2022 in the Financial Express

While the pandemic has accelerated education online, it has also exposed a deep digital divide, with more than 30% students not having access to online learning. This has increased the focus on building inclusive solutions in EdTech. A ray of hope in this context is the National Digital Educational Architecture (NDEAR), the blueprint for which was recently released by the government. Set up as a digital pathway to the policy goals envisioned in the National Education Policy, 2020, NDEAR takes on a ‘Open Digital Ecosystem’ approach, where a set of principles, standards, specifications, building blocks and guidelines seek to enable different entities to create elements of the digital education ecosystem. At its core is the principle of interoperability, i.e., enabling disparate education related tech systems to “talk to each other” seamlessly, rather than operating in silos, thereby multiplying the possibilities of impact.

How will this change the life of a student? Here is just one example of how NDEAR could potentially help: Consider a student, Manisha, whose parents are relocating from Bengaluru to Dehradun. Manisha is worried that she may be behind her new peer-group especially as the curriculum of the Uttarakhand state board may be different. Her parents are stressed about completing the paperwork for the school transfer. And teachers in her new school are concerned about how to accommodate her learning needs. NDEAR can help ease this transition in multiple ways. To catch up with the rest of the class, Manisha can access curated learning material specific to her needs via the DIKSHA platform. Her parents, with access to her student ID, can complete the transfer process entirely online in just a few steps, by instantly sharing verifiable school records and test results. As for Manisha’s new teachers, access to her online learning passbook can enable them to have a better understanding of her needs, while being able to support her, for example, in ‘catching up’ on Hindi language skills using online teacher manuals and other personalised tools enabled by NDEAR.

What is unique about NDEAR is that it is not about building a new “app”, but about connecting what already exists, and reimagining how technology can be leveraged to upgrade the entire education ecosystem for deploying tailored EdTech solutions speedily, sustainably and at population scale.

While this tech enabled vision is inspiring, its success or failure will be determined by its implementation. Specifically, we believe that much of the success of the NDEAR tech infrastructure will lie in getting the ‘non-tech’ elements right. There are four fundamental issues that implementers and enablers will have to factor in.

First, it will be important to ensure that NDEAR’s implementation improves and not worsens access to education in the context of India’s digital divide. As per 2019-20 UDISE+ data, only 38.5% of schools across the country had computers and 22.3% of schools had an internet connection. Therefore, it is crucial that the NDEAR vision is supplemented by concerted policy efforts to equip schools with the necessary ICT infrastructure, like Kerala’s KITE enabled interventions. And in the interim, while the tech infrastructure is being built, it will be critical to drive access to NDEAR services through multimodal channels, including television and low-tech mediums such as SMS delivered through basic feature phones, such as in Jharkhand’s DigiSATH initiative which leverages WhatsApp, television, the DIKSHA app as well as offline learning to connect all stakeholders.

Second, to ensure adoption of NDEAR enabled solutions and build the legitimacy of digital learning, it will be important to recognise the role parents play in both monitoring and facilitating their children’s learning, and engage them meaningfully. An attempt has been made in Himachal Pradesh through the government’s e-Samwad application where schools send regular SMS updates to parents to establish a direct channel of communication.

Third, NDEAR will need to ensure that the data rights of children remain secure. The potential of EdTech solutions delivered through NDEAR will depend on their responsible deployment, which would include responsible collection, sharing and processing of data. Since children will never be fully cognisant of the privacy risks that the digital world entails, the compliance with the upcoming Personal Data Protection Bill, with additional safeguards given the target audience of this platform, will be important. There are good frameworks for this both in the United States and the European Union that can be leveraged.

Lastly, given the pace at which digital learning is growing, NDEAR’s development should be firmly anchored in an ‘accountable institution’ that can guide its quick development while providing independent oversight needed for the management of the platform. The proposed National Educational Technology Forum may be a good forum for this, and such an institution should have representation from tech and domain experts as well as teachers and parents to help ensure the NDEAR architecture delivers tech solutions that are truly student-centric.

NDEAR presents an audacious vision to leverage the power of tech to enhance India’s education system. This vision must now be matched with the right non-tech, student-centric enablers and safeguards to achieve its potential.

Authors: Varad works at Omidyar Network India and Aishwarya works at The Quantum Hub

Central bank’s no-card-storage rule can severely disrupt digital payments in 2022

Authors: Rohit Kumar & Deepro Guha
Published: December 23, 2021 in the Times of India

In March 2020, the Reserve Bank of India (RBI) issued guidelines that prohibit merchants (including all e-commerce websites, streaming platforms) and payment aggregators (such as Razorpay and Instamojo) from storing customer card information. The aim of this measure is to increase security of stored card details while reducing the risk of data breaches. Globally, and even in India, there have been several instances of financial data leaks over the last few years. With digital transitions increasing manifold, the likely consequences of a data leak – both financial as well as in terms of trust – can be very real and damaging. Taking cognizance of this issue, the RBI has been progressively tightening regulations to ensure financial data security while also limiting the number of actors who can store sensitive data.

The no-card-storage norms are scheduled to come into effect on 1st January 2022. But even though the first notification was issued early last year, it was only in September 2021 that a reasonably effective alternative to the current system – Card-on-file Tokenization (CoFT) – was permitted, giving the players in the digital payments ecosystem just a little over three months to adapt.

Card-on-File-Tokenization is the process of de-identifying sensitive cardholder data by replacing the actual card details with an alternative code called the “token”, which is unique for every combination of card and merchant. While seemingly ‘simple’, this tweak requires an ecosystem-wide change in tech systems and workflows, with sequential compliance from the many entities in the digital payments transaction chain.

Therefore, even as RBI’s move is well-intentioned, a hurried transition can end up disrupting payment systems in India, adversely affecting both customers as well as merchants. The impact of this measure is likely to be most acutely felt by Indian start-ups and small businesses which may not be well equipped to transition to the new system in a short period of time.

Latest information suggests that at this time not all banks and card networks are implementation ready, and it is only post their operational readiness, that merchants will receive the relevant APIs to build, test and integrate a consumer-ready tokenization solution. It also seems that card networks are still evolving their processes around use cases like EMIs and recurring payments for transactions based on tokens. As a result, the operational readiness of the ecosystem remains uncertain.

If merchants and payment aggregators purge card data and transition to the new system before the ecosystem is ready, consumers would be forced to manually input card details for every transaction. This would make digital payments tedious and could lead to a scenario where the less technologically savvy customers go back to using cash, thus reversing the hard-earned digital adoption gains that India has made over the last few years. Additionally, the need to repeatedly input card details for every transaction could potentially make consumers more vulnerable to phishing attacks, thus increasing consumer risk rather than reducing it as was intended by the regulations.

A hurried implementation could also disproportionately hurt India’s small businesses and start-ups which leverage the digital payments ecosystem to retain and grow their customer base. What is making businesses especially worried and skeptical is their experience with RBI’s e-mandate regulations which kicked into effect on 1st October 2021. At the time, many consumers and merchants complained of widespread payment failures in the ecosystem, with smaller merchants reportedly losing up to 70% of their monthly revenues in the period immediately following the implementation.

Moreover, purging of all existing card data without an effective system in place to replace it could also render the merchants unable to support customers with subscriptions, refunds, cancellations, and other customer service requirements while reducing their ability to mitigate frauds during the transition period.

Taking cognizance of the above concerns, RBI should undertake a thorough assessment of the ecosystem’s readiness before enforcing the guidelines. Ideally, the implementation of the guidelines should be undertaken in a phased manner with current deadlines being reconsidered (with card networks and banks being mandated to set up their infrastructure first, followed by merchants). If possible, during the transition period, both the current system of card storage and the new tokenization alternative should be allowed to co-exist to make the switch seamless. This has been done previously in Europe with the implementation of the revised Payment Services Directive (PSD2). In the case of the PSD2 norms, the European Commission also set up several working groups (including one on APIs) with participation from all major payments ecosystem stakeholders, to ensure coordination on key aspects of the transition. It even worked closely with the industry to adopt standards that would be acceptable to a majority of the stakeholders, while acknowledging the complexity of the payments markets and retaining flexibility to avoid unintended negative consequences.

Similar measures by the RBI to ensure coordination between banks, card networks, payments aggregators, payments gateways and merchants in the Indian context would ameliorate the many risks posed by a hurried implementation of the guidelines. Otherwise, without adequate safeguards, a rush to enforce the guidelines may bring India’s payments ecosystem to a standstill in the new year.

Author: Rohit Kumar
Published: November 30, 2021 in the Financial Express

With rising incomes and car ownership being seen as a status symbol in India, the odds are stacked against policymakers trying to find solutions to this problem.

It is widely acknowledged that Indian cities are increasingly becoming congested and unliveable. Our biggest metros — long considered the engines of growth, melting pots of diverse cultures, and vanguards of prosperity — are now ranked among the lowest in the world on quality of life indices.

Stories of people spending 3–4 hours in daily commute are not uncommon, and have now, unnervingly, become a part of the daily saga of life struggle for many people. The internet is flooded with memes of people stuck on the Delhi-Gurgaon border gesticulating aggressively, or Bengaluruians feeling afraid to step out of their houses and of Mumbaikars trying to find unique ways of using their time on crowded trains and taxis. And while one may laugh this off as another thing that is uniquely Indian, our lack of attention to the problem of commute in Indian cities can have very real and unfortunate implications for economic growth, productivity, environment, and mental health. With rising incomes and car ownership being seen as a status symbol in India, the odds are stacked against policymakers trying to find solutions to this problem.

Some commentators have called for greater investments in road infrastructure, but widening roads has never been the solution to reducing congestion — not here, and not anywhere in the world. If we expand roads, additional traffic sweeps in to fill the extra space. In economic theory, this phenomenon is referred to as induced demand — the idea that once supply increases, the suppressed demand for a good resurfaces and more of it is consumed. This is especially seen in the case of transportation systems and is often used as an argument against increasing road capacity as a solution to congestion. The experiences from the highway building program of the 1930s and the 1940s in New York and the Manchester Motorway Box in the UK attest to this fact. The decline in traffic, if any, is only momentary.

While new tech-enabled transport solutions such as Uber and Ola have helped in reducing congestion by reducing vehicle ownership, these alone will not suffice, nor are they affordable for all classes of people. The need of the hour, therefore, is investment in and the use of public transport. What we require for this to work is a conscious effort by people to switch their mobility preferences. While this will be cumbersome in the short term until good (and frequent) connectivity is fully established, the switch will help in increasing the volume of traffic to make investments in public transport viable while also increasing pressure on governments to do more.

Cities across the world have invested heavily in strengthening public transport systems as well as walking and cycling infrastructure. The metropolis of London housing 8.3 million people covers an area of 1,572 sq. km and it is serviced by a dense network of buses and metro (Tube as it is popularly known). London has over 7,500 buses and 402 km of metro length that helps move roughly 9.6 million people on a daily basis. In comparison, Delhi — which is relatively very well served in the Indian context — houses 26 million people and is serviced by a little over 6000 buses and a metro length of 389 km. In terms of provision of public transport per 1000 people, the difference is staggering. It’s no surprise that the gap is filled through the use of personal vehicles.

However, there is hope. Most young people today have been sensitized to environmental issues in school; they have also grown up looking at environmental degradation as a real possibility in their lifetimes. As a result young people around the world have been at the forefront of campaigns to adopt sustainable lifestyles. Examples of Greta Thunberg’s activism speak to the power of young minds to shape the narrative around sustainability.

And undoubtedly, they have the largest stake in the matter. The economic and social cost of over-reliance on private vehicles in our transport systems is immense for everyone, but more so for the youth who are just starting out to explore their personal and professional journeys. Congestion in our cities is forcing people into hard choices and making it increasingly difficult for them to enjoy well-rounded meaningful lives. There is an increasing tussle to manage the time spent in traffic; we are being forced to choose between opportunities for growth and living in cities that offer a better quality of life, the mental space to learn new skills and time to form deeper relationships.

It is therefore important that the youth take on the responsibility of driving change within their cities. It’ll have to start with them, with them changing their lifestyles to resist the lure of private vehicles, setting an example for others to follow and pushing their governments to do more for public transport.

Rohit is the co-founder of Young Leaders for Active Citizenship (YLAC). YLAC is a member of the Sustainable Mobility Network, a collective of organizations working together to reduce congestion and vehicular pollution in Indian cities.

Authors: Rohit Kumar & Shivani Gupta
Published: August 20, 2021 in the Business World

The Delhi Police recently busted a nationwide syndicate that used fraudulent apps to cheat over 5 lakh Indians of Rs. 150 crore. Some estimates suggest that this amount was upwards of Rs. 300 crore. As the story unfolded across the country, it was found that one of the apps involved in this scam was trending at #4 on the Play Store. It is surprising how such an app managed to trend on the Play Store, let alone get through the vetting process.

Instances of online fraud have rapidly increased over the last couple of years in India as more users have started using web-based services. Many fraudulent apps lure users by offering benefits in the form of some reward or payout. In the Delhi police case, for instance, users were promised an opportunity to double their invested amount within 4-5 weeks. There are also many known cases of fake predatory dating apps that use misleading advertisements, impersonation and chatbots to entice customers to purchase subscriptions. Investigations by journalists suggest that often app-makers manage reviewers to increase their app ratings and improve visibility on app stores.

Not surprisingly, this menace is not specific to India alone, or to only one kind of app store. According to an analysis by the Washington Post, of the 1,000 highest-grossing apps on the Apple App Store, nearly 2% are scams. In fact, app developers in the US have been fighting a public battle against the tech giant for allowing applications that clone popular apps. In the Indian context of course, Apple’s market share in terms of app downloads is small. It is the Google Play Store that accounts for 90% of all app downloads on Android smartphones that dominate the Indian market.

Google’s policy explicitly states that it does not ‘allow apps or app content that undermine user trust in the Google Play ecosystem.’ This includes apps that reflect ‘a pattern of harmful behavior or high risk of abuse’. The policy recognizes that one of the best ways to protect users from bad apps is to keep those apps out of the Play Store in the first place. In fact, there are several checks carried out by the Play Store before listing an app. These include (but are not limited to) checking the app’s privacy policy (to protect user information), content rating and ads for age appropriateness. Despite their thoroughness, however, these checks still do not succeed in keeping all fraudulent apps off the Play Store. At the listing stage, the Play Store review team has little visibility into how an app is going to be used. Users are yet to be onboarded and there is no way to check if an app is going to use bots, onboard paid-pretend users or encourage fraudulent activities in the future.

Google also announced an App Defense Alliance in 2019 to quickly find Potentially Harmful Applications (PHAs) before they go live on the Play Store and take appropriate action for user protection. The Alliance is a collaboration between Google and other technology partners in the business of mobile device protection who use automated scanning and secure communication to alert each other about PHAs. The success metrics of this alliance have not been officially reported yet, but Google’s Transparency Report shows that the percentage of PHA installs has come down in the time since the alliance has been in operation. But while this initiative is effective in some way, it is still unable to identify and remove apps that use impersonation, make false promises or employ fabricated reviews to get attention. At this time, the App Defense Alliance only targets apps that are potential malware i.e. code that could put a user or a device at risk.

The presence of fraudulent apps on app stores poses a grave threat to the burgeoning smartphone user community, especially in India where understanding of digital safety is still relatively limited. But removing such apps is not an easy problem to solve. When India blocked numerous Chinese apps over military confrontations along the international border in 2020, many apps that ended up getting banned were harmful fraudulent apps. However, a quick search on the Play Store reveals that several of these apps managed to find their way back in new avatars. Low entry costs and difficulty in scanning the vast online space with millions of apps in each app store make it easy for such apps to resurface. In most cases, it is also difficult to hold app-makers accountable because they are not based in India.

Given the complexity of keeping fraudulent apps off the internet, there are two potential ways in which the problem can be addressed: first, by strengthening due diligence by app distributors i.e. the app stores and second, by building consumer awareness. While app stores do undertake checks prior to and post listing of apps, there is a case for all app stores to significantly ramp up their monitoring and grievance redressal mechanisms. The need of the hour is proactive detection and quick removal of bad actors to protect users. Apple, through its recently updated App Store review guidelines, plans to leverage its watchful developer community to support this task. Developers can now directly report possible guideline violations and trust/ safety issues that they detect in other apps. The second important way of addressing the challenge may be consumer awareness. While it is time-consuming and difficult to build awareness, ultimately if the consumer is equipped to identify fraud, they are likely to be better placed to safeguard their own interests. This shall overtime also serve to weaken, if not eliminate, the operations of fraudulent apps.

As the number of internet users continue to grow in India and more of our services shift to the digital sphere, it is critical for us to create a safe and enabling digital ecosystem. In the absence of an active policy to mitigate the risk posed by fraudulent apps, online harms await the unsuspecting user.