The Smart National Identity (Smart NID) system in Bangladesh employs an Automated Biometric Identification System (ABIS) to detect and prevent duplicate or fraudulent identity records during the enrolment, re-registration, and reissuance of national identity cards. The system is administered by the National Identity Registration Wing (NIDW) of the Bangladesh Election Commission and serves as the country's foundational digital identity infrastructure, covering over 99 percent of eligible adults by 2025 with a database exceeding 100 million citizen records.
Bangladesh's national identity system originated in 2008 when the Election Commission created a voter registration database requiring biometric data collection from all citizens aged 18 and above. Approximately 81 million paper-based laminated NID cards were distributed during the initial 2007-2008 voter registration exercise. In October 2016, the Election Commission initiated the transition from paper-based laminated cards to polycarbonate Smart NID cards featuring embedded microchips with 32 data fields and a unique 10-digit identification number. These smart cards incorporate contactless RFID capabilities, approximately 20 to 25 anti-forgery features including holograms, and tamper-evident materials designed for a minimum lifespan of 10 years.
The biometric data captured during enrolment includes fingerprints from all ten fingers, digital photographs, and iris scans for smart NID variants, providing multimodal biometric verification capability. The 2010 National Identity Registration Act authorised the collection of extensive biometric information including fingerprints, hand geometry, palm prints, iris scans, facial recognition data, DNA samples, signatures, and voice data, although civil society organisations have criticised the DNA collection provision as presenting unjustifiable risks to privacy and discrimination. The biometric data is encoded during card issuance to prevent fraudulent claims, and the smart card supports match-on-card protocols that enable offline authentication by comparing live biometrics captured at a reader against chip-stored templates without requiring internet connectivity.
The core AI capability of the system is the Automated Biometric Identification System (ABIS), which performs large-scale biometric deduplication by comparing newly captured fingerprint, facial, and iris data against the entire existing database to identify potential duplicate or fraudulent registrations. The system flags suspected duplicates for manual review by biometric operators and verification officers before enrolment confirmation, following a human-in-the-loop oversight model. Earlier technical suppliers for the biometric matching components included TigerIT Bangladesh Limited, whose TigerAFIS (Automated Fingerprint Identification System) product is certified by the National Institute of Standards and Technology (NIST) and is designed for large-scale deduplication operations handling millions of records. TigerIT implemented the original voter registration system used to register 100 million voters across 600 locations throughout Bangladesh, including data centre redundancy configurations. However, the specific ABIS provider for the current Smart NID system has not been publicly confirmed in Election Commission or World Bank documentation.
The system was developed with substantial support from the World Bank through the Identification System for Enhancing Access to Services (IDEA) Project (P121528), which ran from 2011 to 2018. The World Bank provided US$195 million in concessional credit from the International Development Association toward the US$200 million project, which aimed to issue digitised national ID cards to approximately 90 million citizens. The IDEA project provided technical assistance to the Election Commission for developing regulatory frameworks, upgrading data quality, and strengthening institutional capacity to administer the expanded identification system. The project achieved approximately half its target of 90 million cards by its 2018 closure, with the rollout continuing under government funding thereafter.
The Smart NID system serves as a foundational platform for service delivery across multiple sectors. The Bangladesh National Digital Architecture (BNDA) connects the NID system to banking verification, telecommunications, social welfare, pension administration, birth and death registration, passport issuance, tax collection, driving licence verification, and food and development aid distribution through the National e-Service Bus. Over 121 million mobile SIM cards had been linked to verified NID biometric identities by 2018. The system facilitates targeted distribution of social protection benefits by enabling cross-referencing of citizen data with asset and land holdings to determine eligibility. Banking know-your-customer procedures leverage electronic verification via NID databases for account openings.
The system has faced significant data security challenges. In July 2023, a vulnerability in the IT infrastructure of one of 171 partner organisations utilising Election Commission NID data exposed personal information of approximately 50 million citizens, including names, addresses, phone numbers, and national identification numbers. The breach was discovered by Bitcrack Cyber Security and reported by TechCrunch. In October 2023, a further data breach made NID-linked data accessible through a Telegram bot. In early 2025, the Election Commission identified evidence of data breaches at five institutions and suspended NID verification access for Ansar-VDP and BRAC Bank.
Institutional governance of the NID system has undergone legal transitions. The original National Identity Registration Act of 2010 designated the Election Commission as the central authority. The National Identity Registration Act, 2023 (Act No. 40 of 2023) transferred responsibility to the Ministry of Home Affairs' Security Services Division. However, this transfer generated significant opposition, and the interim government repealed the 2023 Act in January 2025, reinstating the Election Commission's jurisdiction over the NID system. The system operates from on-premise government data centres managed by the Election Commission, though full-scale fortification of data centre infrastructure remains incomplete as of late 2025.