In Nigeria, a unique 11-digit number determines whether a citizen can open a bank account, register a SIM, or verify his identity. The number is issued by the National Identity Management Commission as the National Identity Number (NIN).
Designed as the cornerstone of Nigeria’s digital public infrastructure, the NIN is meant to be unique, biometric-backed and difficult to duplicate. It is the state’s digital promise that one person should have one identity, and that this identity should work across public and private systems without friction.
But in Nigeria’s Gombe, some people share a different story, one of costly corrections, hurried shortcuts, weak verification and a system that, in practice, appears vulnerable to duplication.
A System Bypassed
*Tanko [name changed] said he first registered for his NIN about seven years ago. But when the date of birth on his NIN did not match the one attached to his bank verification number, he said he could not afford the N15,000 correction fee requested at the NIMC office.
So he started the process all over again.
In a licensed third party agent office in Gombe, he pressed his fingers onto a biometric scanner for a new national identity registration.
Some moments later, he walked out with something Nigeria’s digital identity system was designed to prevent: a second National Identification Number.
“I had no choice,” he said quietly.
His biometrics, the same one already captured in the database, did not pose a challenge.
For Tanko, the reason was not about system bypass. it was a means of survival in a system he described as “too costly” to make corrections.
In Gombe state, Tanko is not the only person with a double national identity. *Tanimu [name changed] another resident of Kumo in Akko LGA, has also registered twice.
He was encouraged to do so by a friend after losing his NIN slip.
“I heard people are doing it, so you can try,” he recalled his friend’s advice.
While Tanko obtained his second NIN free of charge, Tanimu paid a sum of N200 before he re-enrolled at an agent shop.
Like Tanko, Tanimu was aware that holding a double identity is wrong, but has no other option than that.
Some weeks after his second registration, he found his lost NIN slip at home.
Their lived realities show a problem with weak safeguards in Nigeria’s digital identity project which poses a long-term challenge for a country going fully digital.
A System Failure?
The National Identification Number sits at the centre of Nigeria’s DPI architecture. It is the identity backbone that links citizens to SIM registration, banking services, public welfare systems and other forms of verification.
On paper, the NIN should do what analogue identity systems never could: create a single, biometric-backed identity that can be trusted across platforms and agencies. But the emergence of duplicate NIN cases suggests that the safeguards are not yet strong enough to guarantee that promise.
According to Ali Sabo, a digital expert familiar with such systems, multiple gaps can weaken this safeguard.
“Duplicate records usually result from a mix of technical and operational failures,” Sabo explained. These include poor biometric data capture, weak or outdated matching algorithms, fragmented enrollment systems across locations, inadequate training of enrollment officers and weak oversight and verification processes.
“In a properly functioning biometric identity system, duplicate identities should be extremely rare—almost non-existent. Modern systems are designed with strong de-duplication mechanisms that compare every new enrollment against existing records. While no system can claim absolute perfection, duplicates should occur only in exceptional cases, not at any noticeable scale,”
Even more concerning is the role of human intervention.
“Human override is another critical risk. If operators are able to bypass system warnings without strict controls and audit mechanisms, it can directly lead to duplicate identities being created,” the expert said.
A Case of Human Compromise
*Baba [name changed], another resident of Gombe told Daily Episode that he has double NIN, despite clearly informing the agent that he already possessed a National Identification Number when registering for the second time.
According to him, despite the disclosure, the enrolment agent did not express any concern. “There is no issue,” he replied, before proceeding with the registration process.
He said the agent brought out two forms and a fingerprint scanner and began collecting his biodata, including first name, surname, middle name, date of birth, state of origin, local government area, residential address and phone number. The information was entered without any indication that the system had flagged the person as an existing enrollee.
During the biometric capture stage, the fingerprint scanner initially failed to read Baba’s fingerprints. In an attempt to troubleshoot the device, the agent placed his own hand on the scanner, but it still failed to work.
He subsequently called another young boy roaming the street, popularly known as “Almajiri” in northern Nigeria, from outside the shop to assist.
The scanner successfully captured the boy’s right-hand fingerprints, although the left hand could not be read.
After the test, the agent asked Baba to place his left hand on the scanner once more. This time, the fingerprint capture was successful and the enrolment process continued.
According to him, the registration was completed without any warning, rejection or indication that his details had been linked to a previously issued NIN.
This reporter sighted two different NINs owned by Baba.
The implications go far beyond identity management. With N8,000, one can duplicate his NIN.
Nigeria’s digital public infrastructure (DPI) relies on the assumption that each citizen has a single, verifiable identity. When that assumption fails, the consequences ripple across sectors.
Duplicate NINs could potentially enable multiple bank accounts under different identities, SIM registration loopholes, abuse of social protection schemes and weak law enforcement tracking.
More fundamentally, they undermine trust.
“The existence of duplicate NINs raises serious concerns about the integrity of the system managed by the National Identity Management Commission,” Sabo noted. “It suggests the weaknesses in the enrollment process, gaps in the de-duplication system, or lapses in governance and oversight.”
This aligns with broader concerns within Nigeria’s evolving DPI ecosystem, where identity, payments, and data systems are increasingly interconnected. If the foundational identity layer is compromised, the entire infrastructure becomes vulnerable.
Lessons from India, Estonia for Nigeria
Countries with more mature identity systems like India treat de-duplication as an ongoing process, not a one-time check.
Sabo explained that “Unique Identification Authority of India (UIDAI) conducts large-scale biometric matching and periodic database clean-ups, while Estonia’s system managed by the Estonian Information System Authority relies on strong integration and data integrity controls to prevent duplication from the outset.”
“These systems also have clear procedures for resolving identity conflicts, including audits, investigations, and transparent correction mechanisms.”
He, therefore, urged Nigeria to take a comprehensive approach to improve the quality of biometric capture, upgrade de-duplication technologies, and enforce strict enrollment protocols.
“There should also be strong controls around human intervention, regular independent audits of the database, and better integration across agencies. Most importantly, there must be clear accountability and transparent processes for resolving duplicate identity cases.”
For Nigeria’s digital identity project to succeed, Sabo said, “it must be built on trust, accuracy, and strong institutional safeguards. Duplicate NINs are not just a technical flaw, they point to deeper systemic issues.”
NIMC, Telecoms react
Attempts by this reporter to get the National Identity Management Commission’s official comments were futile.
When Daily Episode contacted Kayode Adegoke, the spokesperson of the commission on Whatsapp, he neither read nor acknowledged the messages.
However, when reached via telephone call on April 28, he said a message should be dropped for him either on Whatsapp or an SMS for him to respond.
As at press time, we are yet to receive his response, about one month after.
However, according to The ICIR report, NIMC has confirmed that double NIN registration exists, but blamed licensed agents for such registration.
“Double registration is a crime. They are not supposed to do double registration. That’s why our team is going to pick it up, they are mostly done by roadside centres,” the official explained.
The commission urged the public to report any illegal registration to the appropriate authorities, reiterating that it is illegal to obtain double NIN.
Similarly, the Nigerian Communications Commission (NCC) has associated the new wave of barred SIMs to duplicate NIN, acknowledging the flaws in Nigeria’s DPI project.
The regulatory agency of the telecoms said this was discovered during its system audit.
Mr Efosa Idehen, Director of Compliance at NCC, said this is largely due the activities of third-party agents who duplicate NINs for unsuspecting telecom subscribers.
*Names with asterisks have been changed to protect identities.
This report is produced under the DPI Africa Journalism Fellowship Programme of the Media Foundation for West Africa and Co-Develop.
Support Independent Journalism
We appeal to you to donate and support our journalism. The impact of our investigations has given hope to the vulnerable, held power accountable, and become a voice for the oppressed.
Be part of the accountability journey.
