UIDAI fails to address security loopholes exposed in Aadhaar identity database: Report

By Digit NewsDesk | Published on 12 Sep 2018
UIDAI fails to address security loopholes exposed in Aadhaar identity database: Report

An investigation revealed that a software patch reportedly enabled cybercriminals to hack and steal all the Aadhaar identity data from the UIDAI database.


Working from home?

Don’t forget about the most important equipment in your arsenal

Click here to know more

The Unique Identification Authority of India (UIDAI) has reportedly failed to address the security concerns exposed by a news platform after it claimed that a software patch has been used to compromise the security of Aadhaar's identity database, which contains the personal details of billions of Indians.

HuffPost India says that it held a three-month investigation and found that “a software patch - which is easily available for Rs 2,500 - allows unauthorised persons, based anywhere in the world, to generate Aadhaar numbers at will, and is still in widespread use.” The findings of the investigation were reportedly endorsed by reputed international experts. The news platform claims that the “UIDAI was asked for a response three months before the story was published, followed by a reminder shortly before publication. They chose not to respond.”

According to the HuffPost India, the patch enables bypassing critical security features such as biometric authentication of enrolment operators to generate unauthorised Aadhaar numbers. It also disables the enrolment software's in-built GPS security feature as well as reduces the sensitivity of the enrolment software's iris-recognition system. This development raises the questions on government's claims of the integration of a fool-proof apparatus to guard people’s sensitive information.

The news comes at a point when the government is advocating that the tech companies should store the data of Indian citizens in the country itself. Expose like this could not only put Indians’ data into jeopardy but “exponentially heighten security threats.” Recently, the UIDAI had denied a security breach of its database, following reports which claimed that data of some 6,000 Indian businesses and government agencies was up for sale on Internet. Over 117 crore Indians were said to have enrolled for Aadhaar till August 14 this year for direct transfer of financial benefits and other subsidies and services by the government.

Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status