Another security vulnerability troubles Indian citizen’s database

Aadhar database is considered as a national system of India that is used for identification process. It contains personal data and biometric information of Indian citizens. It stores Aadhar details of about 1.1 billion Indian citizens in it. For number of identification process, Aadhar has become mandatory. Government has made it technically compulsory. Also, its enrollment has been made necessary to gain services like opening bank accounts, applying for loans, tax returns, buying a SIM, dealing property, etc.

Aadhar is a unique identity project of the country designed to cover all the residential details. But, some of the government websites and systems are found giving away some confidential details and none of the officials are aware about it!

Security Issues

Aadhar has become common to come up with security issues. In the past, it has faced number of leaks. According to the reporters of ‘The Tribune’, one of their reporter was able to buy an Aadhar administrator ID and password from an official individual through WhatsApp. Such unverified agents can easily create a gateway with login ID and password and allow anyone to search directly in the Aadhar database. Entering any Aadhar number in the portal from this login ID and password could get you all the details submitted to the UAIDI (Unique Identification Authority of India). It took just Rs 500 to buy an administrator ID and password. But, it can cause breach to the data of several Indian Citizens. It includes name, address, pin code, photo, phone number and email.

via

Also, there are number of people providing fake Aadhar details or selling Aadhar details for very less amount money.

New Vulnerability

Currently, ZDNet has reported another security issue which is not yet uncovered. But, this security issue is exposing Indian Citizen’s information. ZDNet is refusing to give details regarding the issue as it believes Indian officials have never done anything about it. The vulnerability was discovered by Karan Saini, who is a New Delhi-based security researcher. According to him, a state-owned utility company’s system has a vulnerability by which anyone could easily retrieve Aadhar information of members. It could easily help to expose Name, Address, Aadhar Identity Numbers and bank information. ZDNet tried its best to get in touch with Indian officials over this issue but got no reply for over a month. Later on, it contacted Indian Consulate in New York. But, describing the issue over two weeks went in vain as the problem remained unaddressed.

Aadhar has always been criticized for such security issues. According to Supreme Court of India, vulnerability of biometric and demographic data for Aadhar is violation of rights. Supreme Court is currently assessing Aadhar’s constitutional validity.

LEAVE A REPLY

Please enter your comment!
Please enter your name here