The Great Indian Telco Pivot

July 28, 2024 in Hindustan Times, Business, India

Indian telecom companies had earned a reputation for offering the fastest services and charging the lowest fees anywhere in the world. But the world is always changing. And the telco business which used to have many players once upon a time is beginning to charge more. The many players that were there have been whittled down to just two significant ones—effectively, a duopoly. Just how this pivot happened and what it means for the Indian landscape is something I talked about in Hindustan Times over the weekend.

What EVM hacking?

June 22, 2024 in Technology, India, Politics, Hindustan Times

Now that the General Elections are done with, the debate is all about Electronic Voting Machines (EVM) and whether or not it can be hacked. All thanks to the co-creator of EVMs in India, I am now of the view nothing was rigged. On why is the theme of ‘First Principles’, my column in Hindustan Times today.

The ethical dilemmas leaders must face at various points — *Leaders of all kinds at daybreak, accompanied by the hushed presence of morning fog, in deep contemplation. Created with Dall-E*

The ethics of everyday choices

January 10, 2024 in Philosophy, Hindustan Times, Ideas

You have likely already encountered this statistic: Half the world’s population will go to the polls this year. More than four billion people across 60 countries, including India, will cast their votes and elect national leaders.

Whether you vote will be one of the biggest decisions you make in 2024. How you vote will be another.

It is inevitable that citizens will ask: What difference does it make? Leaders that are larger-than-life loom on the horizon. Events often feel beyond our control. But when it comes to questions such as “Does my voice matter?”, may I submit that the answer is always “Yes”.

Not just because single voices add up to form a clamour. But because the decisions we make, large and small, singly and in groups, are also the true litmus tests of our character.

It is a theme we don’t contemplate enough: the ethics of everyday choices. I’ve often pondered the invisible threads that connect our daily choices to our ethical stances. How does one’s preference to shop at a chain of stores, or the decision to ignore an unhoused person, contribute to the larger ethical portrait of our lives?

These questions aren’t merely rhetorical; they form the weave of our societal fabric.

It is easy to stand in judgment over grand scandals and overt acts of moral failure. But when thought about deeply, the real measure of an ethical framework is not taken during high-stakes moments. Rather, it resides in the mundane, quiet decisions we make when no one’s looking. This is where our true self reveals itself, in the quiet alleyways of our day-to-day existence.

Consider the simple act of purchasing a cup of coffee. Where do the beans come from? Are the farmers paid a fair wage? What is the environmental impact of its production and transportation? Each choice might be a drop in the ocean. But collectively, they can create a storm.

Similarly, our engagements with strangers reflect deep truths. How we treat waiters, interact with taxi drivers, respond to a street vendor, all offer clues to where our moral compass points. This is why I find brand-consciousness so disturbing. Why should I choose coffee from South America, simply because it is advertised widely and forced into my line of vision, when beans from south India have a far lower carbon footprint?

In an age of rampant consumerism and individualism, there is a tendency to reduce life to a series of transactions, devoid of ethical implications. But this is a narrow and impoverished view of existence. Our lives are not just about exchanges; they are about connections. And every connection carries with it the weight of moral consequence.

It is imperative, then, that we reflect on daily choices. They shape not just our lives but the world around us. The clothes we wear, the food we eat, the products we consume, are all silent testimony to our values and ethics. They are votes cast for the kind of world we wish to live in and leave behind.

How do we navigate this complex landscape? It begins with the awareness that every choice has a moral dimension. This means developing a habit of reflective consideration, taking the time to frame the right questions, and seeking answers that align with one’s deepest values.

In this way, ethics become a profoundly social affair too. They are the channel by which we see beyond ourselves, consider the impacts of our choices, and make that vital shift from a mindset of consumption to one of contribution.

Of course, navigating this path has its challenges. There are often no easy answers. Where there are answers, ethical living involves trade-offs and compromises. One must part with a measure of vanity, self-indulgence, comfort. Even then one will necessarily make missteps.

But the pursuit of an ethical life is not about perfection. It is about direction, and about making choices that are more deliberate, compassionate and coherent.

If nothing else, start with the decision to vote. Think about the world you want to inhabit, and leave behind. Do you want it to be kinder, more wholesome and more balanced? Or do you want to end up with demagogues in power, and no one to blame but yourself.

This article was originally published in Hindustan Times. All copyrights vest with the publishers and this may not be reproduced without permission.

Make in India ain't good everyplace

July 31, 2023 in Business, Technology

Back in December 2022, it appeared like China might upset the Americans and wrest control of the semiconductor (also called chips) business. But as things are, it appears the Americans have regained the lead. Chips power practically everything in modern electronics and both countries would go to war to control them. These chips, which are now thought of as a resource like oil, are manufactured mainly in Taiwan.

While geographically Taiwan is closer to China than the US and a Chinese takeover had appeared imminent, the Americans were swift to move their men and machines into place to resist any such move. American allies like South Korea and Japan too were kept in the loop. This jostling for control is so that Taiwan Semiconductor Manufacturing Company (TSMC) stays unfettered.

President Joe Biden also reached out to the Dutch government says Chris Miller, author of Chip Wars: The World’s Most Critical Technology. The Netherlands is home to Advanced Semiconductor Materials Lithography (ASML) and is the only company in the world that has the tools and technologies to create the latest semiconductors. The Americans wanted to prevail upon the Dutch to stop supplying these to the Chinese and eventually had their way.

While this ‘blockading’ is one of China’s current problems and explains the current worldwide chip shortage, it is a harbinger as well as a pointer to what can go wrong with India’s current ‘Make in India’ policy that hinges on an ambitious $300 billion electronics manufacturing goal. But it does not explicitly focus on critical technologies or supply chains.

Take telecom, where there are global concerns about security stemming from China’s dominance, especially as the world moves toward 5G. In India, telecom is one of six identified “critical infrastructure” sectors. Healthcare was added recently after the devastating 2022 cyberattacks on AIIMS and other hospitals.

A ‘national security directive’ was issued after June 2021 by telcos that only “trusted equipment” and “trusted products” be used. This certification process is so complex that even two years later, there are few products that fit the bill. For instance, the process insists on a list of the actual manufacturing address for every active component (like chips). It’s practically impossible to comply with this requirement. “How will a vendor to a telecom company know which specific plant did Intel or for that matter any other manufacturer manufacture a certain component in?” asks a technology consultant at a firm hired by the government of India to review protocols in critical sectors.

On top of that, only interim “trusted product” certification is being given by the National Cyber Security Co-ordinator (NCSC), with instructions to change “supply chains” for components sourced from China —for which there may be no alternate suppliers. It’s clear that this directive is less about cybersecurity and more an attempt to reduce dependence on China for semiconductors. But this attempt has specifically not been backed by the ‘Make in India’ initiatives.

So, where does the problem lie? To begin with, despite a somewhat frosty relationship with China, trade with China has now ballooned to over $100 billion from $69 billion in 2021. What it means is more money is being spent to import from China, including critical electronics. This shows an increasing dependence on China no matter what the political rhetoric is.

The consultant who does not want to be named, then goes on to explain how the infrastructure to manufacture chips is created in globally spread-out ecosystems where teams collaborate and work 24/7. To highlight his point, he points out that when a modern chipmaker is at work on a chip design or software, a team in Bengaluru may hand over the same project at the end of the day’s shift to a team in Dublin or Tel Aviv. That team in turn may hand over to teams in Boston or Portland. It’s a complex effort and “arm-twisting companies to set up fabrication plants in India won’t work in the long run.”

His point is that China took the route to manufacture everything and now risks being seen as a global pariah, with the world desperately working on alternative supply chains. While the DoT-NCSC directive is well-intentioned and aims to protect the country’s security interests, it has underlying geopolitical aspirations as well. “We cannot afford to isolate ourselves and insist companies build everything here, when the world operates in a collaborative mode. Nor can we afford to count the domestic share of every product like software. Should we care exactly how many of the original lines of code for Windows were written in India for instance?”

This column was first published in Hindustan Times in March 2023. All copyrights vest with HT Media

**Over 1 billion OTPs are sent across India every day to authenticate pretty much everything**. *Photo credit: Mohammad Hassan*

OTP Nation

July 11, 2023 in Business, Technology

It is unlikely that mathematicians at work to develop the algorithms to create One Time Passwords (OTPs) in the 1940s would have imagined over a billion OTPs being delivered every day as text messages across Indian telecom networks. The mathematicians may not even have imagined how it would be delivered. Or that it would be used to authenticate people’s identities across domains as diverse as banking to travel, ecommerce deliveries, cinema tickets, even cab rides and much else.

While the technology has its flaws (and these are now showing up), the telecom companies that deliver these OTPs are at work to upgrade all networks across the country to 5G from the existing 3G and 4G networks most people use. Even as they do that, work is in progress to create the blueprints for a 6G world. But it is impossible to miss the confidence in the voice of a veteran who has worked at most telecom companies (telcos), witnessed the industry evolve from close quarters, and is now employed at Jio to oversee large parts of the company’s operations in North India.

“Realistically speaking, it will take between 7-10 years to phase OTPs out of India,” he says.

“And what’s the best-case to phase OTPs out?”

“Nothing less than 5 years.”

His confidence in the longevity of how long OTPs will continue to stay in India, it appears, isn’t misplaced. Manoj Menon, CEO and founder of Twimbit, a Singapore-based technology advisory and research firm that works with telcos world over makes the case that OTPs are embedded in the Indian psyche. His experience is that “India is a trust-deficit society and OTPs fill the gap.”

That is why, Menon goes on to explain, over time, OTPs have spilled across from banking where it was first implemented to authenticate transactions to other industries. To highlight his case, Menon points to taxi-ride hailing apps such as Uber and Ola, that now use it.

These apps send users an OTP to be shared with drivers at the beginning of a ride. This practice, he says, is followed only in countries such as India and Indonesia, for instance. It is unheard of in many other parts of the world, such as Singapore, North America and Western Europe, which he calls ‘high-trust societies.’ Even banking transactions there do not require OTPs.

That makes CN Ram uncomfortable.

A brief history of OTPs

CN Ram is among those who worked to build the digital avatar of the banking and fintech ecosystem in India. He is 66 now and is at work on a start-up to build a core banking solution. In his earlier avatar, he was CIO of HDFC Bank.

Some accounts in the public domain have it that the first OTP by an Indian bank to authenticate a transaction was implemented under Ram’s watch. There are other versions—some have it that the first OTP was delivered by the State Bank of India to a customer; while yet others claim it was ICICI Bank. Then there is the question of which telecom company sent the first OTP. Most versions have it that it was Airtel. When the CIOs from all these entities were contacted, no one authenticated who was the first past the post. All of them, Ram included, are unwilling to take credit for who implemented it at banks first. As for the telcos, no one recalls if it was Vodafone India, Airtel or some other company that delivered the first OTP. Jio was still on the drawing board and in another avatar.

“Those were heady days and all of us were at work to implement Two Factor Authentication (2FA) into the retail banking experience. There was so much happening,” says Ram. That is why, he says, no one cared or kept records of who sent the first OTP because everyone across banks, was in conversation with each other and stakeholders such as telcos to make it happen. “Banking is a fiduciary responsibility, and it is our responsibility to protect people’s money.”

Back then, ATMs were making its appearance in India and internet banking was gaining traction. And with that, scamsters were all over the place, thinking up ingenious ways to defraud people. To get around it, HSBC Bank, for instance, provided its customers with a device. When a button on it was pressed, the device would display a six-digit number that had to be punched online to complete a transaction. This was very similar to the how OTPs were thought up by the original creators. But devices such as the ones HSBC provided had to be carted around and people often forgot them at home when they needed them at the office – or vice versa.

Much brainstorming between all stakeholders later, OTPs sent as text messages over cell phones appeared to be the most elegant way to get the job done. And so, in 2009, the Reserve Bank of India (RBI) issued a diktat that all banks implement 2FA via cell phones. The data had it people were buying more phones and it was clear usage would go only upwards.

This is corroborated by Deepak Maheshwari, a New Delhi based public policy professional. “In the initial days, there was resistance and user apathy,” he says. “But now, things have come to a point where even entities such as social media companies use it to authenticate the identity of their users by sending OTPs to people’s phones and emails,” he says. With the benefit of hindsight, the data has it that implementing OTPs at such staggering scale reduced banking frauds. This is clear when the volume transactions are extrapolated to the similar volumes in other parts of the world.

The mathematics of OTPs

Is it possible that the volumes of these one billion plus OTPs each day choke telecom networks and lead to call drops? While Maheshwari is willing to buy the argument that networks in India are stretched, he is quick as well to point to the investments Jio and Airtel are ploughing in to augment the capacities of their network. “By next year, Jio will have an additional 2 lakh telecom towers and Airtel will have at least 1 lakh.” All these 5G-ready towers are intended to transition eventually to 6G.

“This means many Indians who are still on 3G will totally skip 4G and move straight off to 5G networks,” says Ram. There is much at stake for phone manufacturers and telecom operators here.

But why is an old (or outdated, if you will) technology such as the OTP still around in the contemporary world? And why do veterans in the industry believe it will be around for another 7-10 years? After all, there are risks inherent to OTPs in their current avatar.

Telcos have a vested interest in OTPs and the math puts it in perspective. An industry captain who did not want to come on the record put it this way: Technically, India has 1.2 billion mobile phone users, of which 600 million use smart phones. But there’s a twist to the numbers. Large numbers of people own 2 to 3 phones. So, while it is true that there are 1.2 billion phones, the actual population of people who have access to phones is between 600-650 million. Of these, between 250-350 million haven’t switched to smartphones.

His hypothesis is that large numbers of people still cannot afford to buy the more expensive 4G or 5G-ready handsets. What reinforces his hypothesis are the numbers. “We are selling at least 7-8 million non-data enabled handsets each month. These are replacement handsets for people who are already on the old network. So long as this market exists, the OTP will continue to be around.” And this market, will be around, until handset prices drop to affordable levels.

When Menon was asked to comment if there is merit in the math, he shared what he is a witness to. Telcos are at work to extract at least ₹300 out of each user. This is almost double the current Average Revenue per User (ARPU). But to get here, telcos will have to look at other ways to earn more. One way they are doing this now is to earn monies by selling text messages to enterprises in bulk to entities that feel compelled to send out OTPs.

In any which case, retail consumers have shifted their text messaging habit to other apps such as WhatsApp and Signal. Once upon a time, text messages used to earn telcos large monies. In the longer run, Menon says, “Most telcos will have to think up ways to earn anywhere between 20-30% of their revenues from non-telco lines of businesses,” says Menon. Until the time they get there though, they’ll keep the OTP revenue streams going.

When the veteran from Jio was asked to vet these numbers, he admitted that they were sound. That is why, he said, Jio is at work on a plan, which he claims “will be a differentiator and game changer.” The final contours of this plan, he claims, are being worked on by the top brass at Jio and they plan to implement it later this year. The insight they are working off is that the average Indian’s propensity to buy smartphones begins to look up only when the handset’s price drops below ₹15,000. Basis this number, Jio is tinkering around with two ideas: drop the price of a smartphone to below 15-20% of this magic number, which, the company believes will explode the market; and lease phones to those who don’t want to buy them (leasing drives sales of high-end handsets such as the iPhone, for instance, in markets like the US).

A spokesperson for Jio declined to comment. If this happens, it is possible OTPs get eradicated five years down the line.

And how will that happen?

While the math of OTPs makes for a compelling read from a telco’s perspective, there is another way to look at it: from the customer’s eye, points out Prasanto K Roy, a New Delhi-based technology policy analyst. “Telecom companies have got used to earning revenues by selling OTPs. But what about clients who pay for it? They’re beginning to ask if it is getting expensive?” To highlight the case, he points to Twitter after the company’s takeover by Elon Musk.

Earlier, 2FA on Twitter could be done by text messages as well. But after Musk implemented his cost-cutting exercise, one among the things that got the axe was 2FA via OTPs sent as a text message. He reasoned the cost of sending these messages were being borne by Twitter and unless a user was willing to pay for the service, it made no sense for the company to underwrite the cost. Since then, Roy says, others across the world have started to think along the same lines.

Then there are security holes that both Roy and Maheshwari are on the same page on when it comes to OTPs. “We are on the verge of moving into a more advanced digital world where even Aadhaar fingerprints can be robbed,” says Roy. Then there is the fact that people offer many applications (app) that reside on their phones the permission to ‘read’ their OTPs. But each time a user allows an app this permission, many don’t realise they are offering these apps the permission to read all their text messages as well.

How do know these apps will keep your data confidential? What if it goes rogue? For that matter, what if there is something about how it processes your data that you don’t know about? That is why, Maheshwari says “The ways OTPs work now are like putting a lock on your door and then offering the key to a thief.”

And when Ram thinks about it, his mind goes back to the early days when OTPs on telecom networks had to be implemented at the bank. They had to go out of their way to make things happen. There were frequent complaints of people not receiving OTPs. Then there were those who cloned SIM cards, spoofed other people’s identities, diverted OTPs, and stole money. It took them much to build a system and keep it well oiled. But the challenges have gotten more complex with the volumes of text messages going up.

This is why there is much work happening in the background to do away with OTPs. When the global landscape is looked at, the credit card ecosystem in ‘High Trust Societies’ evolved well without OTPs. But that was at a different point in time. The way fraud management analytics has evolved since then is significant and happens pretty much in real time.

To explain that Roy describes in detail what happens when anyone of us swipes a credit or debit card or withdraws money from an ATM. The systems have evolved to a point where it can detect what is a normal transaction basis an individual’s spending patterns in the past. If it notices any anomaly, the problem is escalated in 0.2 seconds to a human operator even as it places a call to the registered number to authenticate the transaction. That is why, he goes on to say, “If anything, he suggests it may evolve and exist as an app that is more secure.”

This is something Ram agrees with as well. When probed on what may it look like, he points to developments in other parts of the world. In China, for instance, biometric technology has evolved significantly enough such that people can wave their palm to make a payment. Then there is US. Pilots have begun at immigration counters of various airports that don’t require people to queue up and get their passports stamped. Facial recognition technology does the job instead. “A picture of you is intended to be your entry and exit stamp,” Ram says.

But, he adds, it will be a while before these technologies go mainstream world over. “Right now, I feel comfortable with the OTP,” he says, and laughs. And that is why the telco veteran from Jio is confident that “OTPs are not going anyplace soon.”

This piece was originally published in Hindustan Times. All copyrights vest with HT Media

Make in India? What? Why?

June 21, 2023 in Technology, Business

In the first week of December 2022, this column pointed to the fiercest battle playing out since World War II. Back then, it appeared like China might upset the Americans and wrest control of the semiconductor (also called chips) business. But as things are, it appears the Americans have regained the lead. Chips power practically everything in modern electronics and both countries would go to war to control them. These chips, which are now thought of as a resource like oil, are manufactured mainly in Taiwan.

Chips power practically everything in modern electronics and both countries would go to war to control them.

President Joe Biden also reached out to the Dutch government says Chris Miller, author of Chip Wars: The World’s Most Critical Technology. The Netherlands is home to Advanced Semiconductor Materials Lithography (ASML) and is the only company in the world that has the tools and technologies to create the latest semiconductors. The Americans wanted to prevail upon the Dutch to stop supplying these to the Chinese and eventually had their way.

This article was originally published in Hindustan Times