The deadline to introduce biometric devices at sales outlets for verification of subscribers’ data had passed but both, the cellular mobile operators (CMOs) and Pakistan Telecommunication Authority (PTA) still stand where they were three months ago.

The CMOs, according to a PTA directive of December 6, 2012, were to equip all sales channels with devices for online verification of customers’ biometrics – such as thumb impression – through the National Database and Registration Authority (NADRA) by February 28 (today).

However, the two parties had by far failed to build any consensus regarding the procedure of integrating these devices, according to sources familiar with the matter.Although the CMOs agreed to deploy biometric devices at their customer support centres, franchises and retail outlets for the issuance of new SIMs, they expressed some concerns regarding the integration of these devices. A single device, offered by NADRA, will cost $500 and CMOs are also concerned about the protection of subscribers’ data.

In its latest meeting with representatives of telecom operators on Monday, the telecom regulatory authority told the former that it had not yet prepared the procedural road map about the deployment of these devices; a telecom source told The Express Tribune. The PTA put off the meeting till next week without specifying the date, the source said.

“The biometric devices offered by NADRA would cost $500 each and did not include the cost of a computer equipped with internet, which was required to run these devices,” the source said. Later on, NADRA offered cheaper devices, costing around $100 each, he said.
However, the problem with biometric devices is, the source said,

they run on a chip that generates both short and long term cache for customers’ data. As a result, he said, they store customers’ confidential data including thumb impression, which was a cause of concern for telecos.Cellular companies, therefore, also agreed to deploy scanning devices – the barcode verification system. However, the regulator had to provide procedural guidelines in either case.

Previously, there have been cases of data theft from NADRA’s own database, the source said. These devices will be vulnerable to such issues, he added.The entire focus was on the implementation of biometric devices but not on its implications, he said. “Although these devices can address the verification issue; they do not address issues pertaining to the security of customers’ data,” he said.

CMOs wanted PTA to address this concern before deploying the equipment, he said. “If we make this investment today without addressing these loopholes, this can create a problems in future,” he said. One day the regulator may ask CMOs that this system is not working, bring something else, he said.“We want to make sure they fix the problem for good. They need to rectify and not pacify,” he said.

To find out more on the subject, The Express Tribune contacted the PTA spokesperson on his cell phone and left a message but he did not answer either.The telecom industry, according to Atifa Asghar, who is the Director of Corporate Communications and Responsibility at Telenor Pakistan, asked PTA for an extension in the timeline for implementation of December 6 directive.