advertisement
As registration for COVID-19 vaccination began on Wednesday, 28 April, for those above 18 years, the government's dedicated website CoWin seemed to malfunction.
The registration process was replete with glitches, with many instances of the app and website crashing, the users not receiving an OTP, and failing to register even after multiple attempts.
In addition, none of the registered users were able to schedule an appointment, with the Aarogya Setu team, announcing that appointments will be the onus of the state governments and vaccination centres.
Nearly 1.33 crore people signed up for COVID-19 vaccination on the first day of Phase-3 vaccination. The Quint spoke to industry experts to understand what was the probable cause of this technical failure.
The entire first hour fiasco and the resultant crash may have been a net result of an improper capacity planning, load-sharing issues, and an inaccurate assessment of number of hits anticipated.
Commenting on the technical failure of CoWin, Biju George, Chief Technology Officer of Instasafe — a cyber security company that simplifies security for government and corporates, told The Quint that even though the government and the technical team responsible may have anticipated a heavy rush of traffic, they may have not planned a stimulatory performance/scalability (parallel) testing.
George explained that server crashes are commonplace in heavy traffic events. Websites of Tech Giants like Amazon crash during Mega Sale days, despite all the manpower that they have dedicated towards preventing the same.
"Our data shows that the website was hosted on Amazon Web Servers with ELB (Elastic Load Balancing) in front," he said.
This means that with an ELB, the government was prepared to "automatically distribute the incoming traffic across multiple targets, and route the traffic only to relevant healthy targets". George claims that the government was prepared on that front.
Explaining the probable causes of the technical failure, he said that in some instances the ELB itself crashes, which may have been due to much more traffic than anticipated.
Since scheduling of appointments wasn’t open for 18 to 44 year olds, the same could have been intimated to the public. George suggested four measures that could have been taken to avoid this failure:
Speculation was made that poor bandwidth was an issue of the anticipated outage of CoWin servers.
George told The Quint that almost 60 percent of the websites in the world are hosted by Amazon Web Services. Therefore, poor hosting was definitely not a reason to be considered in this case.
The CoWin platform has previously had complaints of glitches coming in from health professionals. In addition, a critical question arises with respect to the security infrastructure on the backend.
The more pertinent questions here are regarding how secure the data is. Is data privacy being maintained? Have security audits been done? The bottomline is, given the somewhat scratchy record that government agencies have with regard to security audits, how safe is the vaccination data?
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)