Discussion Paper on SLIN

Email Print PDF

Sri Lanka Identification Number (SLIN)

This is a discussion note prepared based on the proceedings of the Operational Committee of the Personal Domain of LIFe and the discussions held with the technical team of Registration of Persons Department (RPD) which was led by CG, RPD.

 

Current National Identity Card Number (NICN)

Sri Lanka's current National Identity Card number is of the below format.

Birth Year

Birth day of the year & gender

Serial # of the issued day

Check digit

Voter or non-voter

yy

ddd

nnn

c

A

 

Length of the number is 10. “Birthday of the year & gender” (ddd) field is used to identify the gender where 500 is added to “birth day of the year” to reflect that the card holder is female.

When this number is used in information systems the following key limitations make the NIC Number unusable.

  1. This number format can not be used as an unique number in information systems where the information on personal records of citizens who are born in different centuries should be captured as the century of the birth year cannot be denoted by the two digit “Birth Year” field. (e.g. Population Registry, Land Registry, National Archives, etc)

  2. If the number of birth registrations exceeds 999 per gender per day the system can not accommodate NIC numbers for such births.

 

NIC Number Proposed in LIFe V2

In LIFe V2 a new NIC format was proposed trying to address these issues to a certain extend.

 

Birth Century & Overflow

Birth Year

Birth day of the year

Serial # of the issued day

Check digit

Y

yy

ddd

nnn

c

 

Length of the number is 10. One digit long “Birth Century” field has been introduced to denote the the century of the birth year. This has been encoded as 0 - 20th Century, 1 - 21st Century, etc. “Birth Century” field is also used to handle the overflow from “nnn” where the Y value is greater than 4 it represents an overflow for the corresponding century (e.g. 5 – overflow from 20th Century, 6- overflow from 21st Century etc.).

This number format also has a critical limitations which makes it unusable in some of the information systems. The “Birth Century” only starts from 20th Century. Therefore the information about people who were born before the 20th Century cannot be captured by this version of NIC number. Systems affected due to this drawback are Population Registry, Land Registry, National Archives, etc.

 

Proposed Sri Lanka Identification Number (SLIN)

the following two options have emerged as solutions to overcome the limitations mentioned above. However one option has to be selected as the unique number to be used as the Identification Number of individuals in information systems.

It should be noted that this number will in the future be usually issued during the birth registration process by the Register General's Department (RGD). RGD has already developed a system (which is now being tested) for registering births and issuing the SLIN.

Considering the current global trends, it is also proposed that the registration number to be renamed as Sri Lanka Identification Number (SLIN). If SLIN would be used by RPD as-it-is it could be referred to as SLIN by RPD. If RPD would need to add more information to SLIN and\or amend SLIN for persons registration purposes (as mentioned below), RPD could use another name for that number such as National Identity Card Number (NICN).

Option 1 (This option was recommended by the Operations Committee of Personal Domain of LIFe)

(a) Represent the Birth Year in four digits in the SLIN to make it possible to capture the information related to births which have occurred even before 20th century

(b) Increase the number of digits in the serial number to four to enable capturing of more than 999 births per day per gender

Birth Year

Birth day of the year

Serial # of the issued day

Check digit

To be used by RPD to identify if an ID Card is issued or not and the version of the ID Card

yyyy

ddd

nnnn

c

A

 

Length of the number is 13.

It should be noted that the the trailing alpha character will not be a part of the SLIN (length = 12) which will originally be issued by RGD. The alpha character will be added and changed by RPD as and when necessary. (In this instance RPD will need to use another name for the number; i.e. NICN of which length will be 13)

Only drawback of the proposed number format is that it does not facilitate a smooth transition from old number to the new number for the existing identity cards as the lengths of proposed and existing serial numbers are different. However, if a re-registration process of the entire population is to take place for issuing new identity cards, this constraint would not arise.

RGD should issue the SLIN comprising first 12 numbers and RPD will form time to time change the final character depending on the ID card version.

Option 2

The second option proposes an approach which provides a smoother transition from the current identity card numbers to SLIN.

(a) Represent the Birth Year in four digits in the SLIN to make it possible to capture the information related to births which have occurred before 20th century (same as 1 (a))

(b) Here the overflow is to be handled by using a different character in alpha character field which would signify that the serial number is a result of an overflow. (This character can be used to denote any other concept such as card version.)

Birth Year

Birth day of the year

Serial # of the issued day

Check digit

To denote an overflow and identify if a ID Card is issued or not and the version of the ID Card.

YYYY

ddd

nnn

c

A


Length of the number is 12.

Since the serial number of existing cards is 3 digits long the current identity card holders just need to add the first two digits of their birth year in front of the current NIC number to derive the SLIN. One drawback of this number format is that it makes the number generation logic slightly complicated since overflows need to be handled using the alpha character field which is not currently generated through running the algorithm.

In case this format is agreed upon it should be decided by the Operational Committee of Personal Domain of LIFe as such how the alpha character would be used to denote the overflow and the different card versions. This is critically important as RGD would generate the SLIN for future citizens hence this should be defined to handle “over flow + version” combination. (The Operational Committee is scheduled to meet soon t take up this issue).

Another implication of this format is the possible inconsistency of the SLIN. For example RDG could generate a SLIN for a citizen which would have an alpha character to denote the overflow. If that alpha character would subsequently be replaced (even several times) by RPD to denote different versions of the card, there could be more than one SLINs stored at any given time in different information systems for the same person. Therefore in this format, the SLIN could become a dynamic number which could be in conflict with identification/authentication fundamentals and even could jeopardize some of the identification methodologies employed.

 

Sanjaya Karunasena

Chief Technology Officer

Information and Communication Technology Agency of Sri Lanka

 

Wasantha Deshapriya

Director

Re-engineering Government Programme

Information and Communication Technology Agency of Sri Lanka

2010-10-19

 

Last Updated on Tuesday, 23 November 2010 12:50

Comments  

 
#8 Wasantha Deshapriya 2010-11-23 12:25
Having discussed with the relevant stakeholders, the Concluding Remarks on SLIN : http://www.life.gov.lk/index.php?option=com_content&view=article&id=14&Itemid=2 was posted.
Quote
 
 
+1 #7 Ashoka Ekanayaka 2010-11-18 06:58
OK, lets concentrate bit on similarities and places we all can readily agree :-)

option1 give above is remarkably similar to the current PIN numbers we generate for RGD. with two minor changes we can make them the same and if that's ok for all then there would be no impact at all for at least the RGD project!

1) option 1 uses 2 digits at the start to denote the birth century (as in '18', '19' etc) whereas we use only one. come to think of it one digit is actually enough for this information. from one digit, we can record birth is 5 previous centuries and 4 future ones!

2) check digit. if we can omit this the the RGD pin becomes exact same as the option1.

In addition we have following advantages :
1) Length of the number will be 10 yyydddnnnn
2) no letters, all digits mean ease and performance for databases
3) format wise closer to existing NIC, (character at the end removed and a digit added at top, same length)

So, how about this fine tuned version of option 1 ? (infact this is the same one ICTA originally came up)
Quote
 
 
-1 #6 Wasantha Deshapriya 2010-11-15 18:20
My comments to Mr. Asankha Perera's (and some other's) queries are uploaded to the following link as it is too long to be published as a comment (http://www.life.gov.lk/images/pdfs/responses_to_asankhas_queries.pdf).
Quote
 
 
-1 #5 RN-ranjan nishantha 2010-11-11 13:18
It is important to note that a person identification number must be a static identity and therefore must remain unchanged throughout and beyond the life time of an individual. Therefore the structure on the numbering scheme used for this purpose must contain only the features that constant and do not change with time or other time varying parameters.
The SLIN should be simple token; other information should be stored in information systems. The information should be able to be verified easily.
The format with 12 digits can be memorized easily as follow (four digits by four digits)
1977 0140 1621
Beauty of above is you have to hardly memorize last 8 digits only because everybody knows his/her birth year. Therefore 12 digits format is easy to remember and easy to use.
Quote
 
 
+1 #4 RN 2010-11-11 13:07
Dear Mr. Asanka,
I don't see that the current NIC system is not faulty. There “ddd” field stores the day of the year assuming that each year is a leap year. using simple mathematics the 'ddd' part can be calculated. just take every february months has 29 days. My argument is that the particular formula should be made available publicly. Therefore people don't try thier own calculations such ad mentioned you. The fundamental mistake is the non-discloser of the algorythems.
Quote
 
 
+1 #3 RN 2010-11-11 12:56
I have few comments on malith's idea,

I too agree that systems can be affected; therefore we have to look at how we can face that challenge.
I believe that most of fraudulent practices are happen in Sri Lanka due to lack of verification services. If we can provide comprehensive verification services it would not be an issue.
My argument is the SLIN number should be very much easy (algorithm wise, should be easy to memorize etc.). Too much of complication should not be included to that.
There can be billions of potential formats for SLIN. If we look at what other nations have done, we can find out fantastic formats. But it is very much important to think about the mapping from early number to new number
Quote
 
 
+1 #2 Asankha Perera 2010-11-05 10:27
The current NIC system is faulty. There “ddd” field stores the day of the year assuming that each year is a leap year. Hence for approximately 5/6 of the population this field is wrong - from a computer generated or accurate day of the year value.



I agree with Malith that storing the DOB in this number serves no purpose. Also, the US SSN numbers etc does not do this. We must ask "what is the value" this gives, and then consider if spending number of digits on an ID for this purpose is useful (Note: Option 2 proposes using 7 of 12 digits).
If the ID was a simple serial number of some number of digits, it would be very useful, and no one could easily guess any portion of the numbers. For example two people born on the same day will have very different numbers – but thats fine too!


In general people can remember numeric numbers better (e.g. phone numbers), and computers can process them better – esp when having to find a row from among ~25,000,000 records. Many will remember many phone numbers but not remember the NIC of their spouse nor their own passport numbers. Keeping an ID as a number will yield optimal storage and performance with database and other indexes as well. Also, this number as I see should never be more than 10 digits.



We must also clearly state the requirements of the ID number and expectations first:

1. Do we require the DOB to be "derivable" from the ID?

2. Is the above expected of an average human (e.g. policeman) ?

3. What purpose does that "prove" if the ID is forged, so will/can the DOB and the number
? What then?
4. If #2 above is not required, why store the DOB at all within the ID number? The Govt. systems and the physical ID will store it very clearly

5. Are there any information / historical records that will require generation of unique ID numbers for persons who were born before 1900? If so what are these "exact" requirements and how are we planning to find even the names of these people who have died long ago?



I think a check-digit is also not useful and DEFINITE NO to any other character or number stating a "version" of the ID. An ID number should be ONE and unique to a person for a lifetime.



The proposed option 2 has many weaknesses. It only allows 999 births per day. We already have about 150,000 births per year (avg ~ 410 per day) and everyone knows that the birth rate towards the end of January is high as many people have babies early to get them into school one year earlier. For children whose birth date is not known, are assigned 1st of July as a rule. This is in addition to the “birthday paradox” (Search in Google) etc.



Storing the year as 4 digits for easy reading is useless, when the month and day is stored in only three. No policeman or person on the street will be able to tell you of "211" was which day of the year in 1975! But anyone could tell you that for example "075" means "1975" or "175" means "2075" etc. if that was so.



The Registrar General's Department has been working on implementing the PIN numbers as per the ICTA specified algorithm in the past months. Its format is as follows:

C-YY-DDD-NNNN

C- century 0-20th, 1-21st, etc; YY- year; DDD-the "correct" day of the year; NNNN- serial

Personally, as someone involved in the design of the new eCivil Registration System at the Registrar Generals Department on behalf of the ICTA, I find it sad to note that this information was not requested from us before. The RGD is the entity thats expected to generate this new ID, and we have been progressing already on specifications given by the ICTA some months back.



If given an opportunity to explain things further, the RGD will be able to show how a person could continue to use his "NIC" number - or use the new PIN number at any time and not have any issue. As prime users of these, our systems are developed catering to this naturally expected behavior. Its the responsibility of the computer systems to make life easier for citizens, and not the responsibility of citizens to have to remember information which otherwise maybe readily available to computer systems.



Standards should be defined by stakeholders who uses the information, and by giving more weight-age to issues raised by them. I guess the LiFE standard for specifying Addresses that caused havoc to many systems and projects in the past should guide us in the next steps. Also the various “types” of numbers assigned to motor cars in Sri Lanka. Note that the LiFe standards (as per my knowledge) defined an "unknown" category for Sex - and that it makes the gender information stored on the ID (if any) useless. Again, the RGD has a good solution to this problem as a key stakeholder. "Ask, and you shall receive."
Quote
 
 
+2 #1 Malith de Alwis 2010-11-03 04:31
I have few concerns as well as few suggestions for the SLIN.

1. If the length of the SLIN is more than 10 then lot of systems in organizations (e.g.: Banks, EPF, ETF, Examination Dept, etc.) which stores the current NIC number and uses it to retrieve details will get affected hence a smooth transition cannot be expected when it comes to such systems.

2. With the current NIC number anyone can find out a persons birth date and gender and if you know a persons birth date and gender then you can calculate the first five digits of that person's NIC number. I believe this has lead to fraudulent practices. In this computer era do we still need to give transparency like this? How about design the SLIN with an
algorithm where only a computer can calculate the birth date and other details?

3. In the current NIC number there are unused number ranges that we can use to store more information. (i.e.: the day the person was born: 3 digits. The range is, for a male 1-366 and for a female 501-866).

Few suggestions for SLIN.
-------------------------

4. The current NIC length is 10. If we use 10 digits to represent the SLIN then we can have close to 8 billion unique SLINs with check
digit(s). (1,000,000,000-9,999,999,999) The current Sri Lankan population is 20 million.

5. Determine a year and a month as the starting year and month for SLIN and accumulate the months for each year. By dividing this value by 12 we can calculate the no. of years elapsed from the starting year and
remainder value is the month the person was born. The next 2 digits represent the date of the month (01-31 or 51-81). With this we can
minimize the unused number ranges.

E.g.: If the SLIN going to be issued for those who were born on or after 2000-01-01 then the starting year and month is 2000-01. A person who was born in 2006-07-23 will have 7923 or 7973 (50+23 for a female using he current NIC system) in the SLIN as the birth date.

6. To represent the gender we can assign several number ranges.
E.g. For male: 0-4 (0,1,2,3,4), for female: 5-9 (5,6,7,8,9).
Quote
 

Add comment


Security code
Refresh

You are here: Standards