HOME > SOCIETY > CRIME > No, India’s AADHAAR database has not been compromised

No, India’s AADHAAR database has not been compromised

A report from Guardian

Social and mainstream media is abuzz with headlines that scream that the Aadhaar database has been ‘leaked’ or ‘breached’ by miscreants and that the UID Authority of India has been caught napping.

“Personal data of a billion Indians sold online for £6”, screams the Guardian. “Local Indian newspaper was able to access the private data of nearly 1.2 billion Indians for just $8,” claims Buzzfeed.

“India’s national Aadhaar ID database reportedly breached,” claims Reuters.

Has Aadhaar data really leaked? Or is it a case of journalists not understanding how technology works? Going by available data, it looks like the second scenario is more likely, even if the report by the Tribune newspaper is 100% correct.

First, let’s look at what the Tribune says.

The report says that if you spend a certain amount of money, you can get access to an Aadhaar verification facility.

Using this facility, you can verify — or figure out — the actual identity of a person if you input an Aadhaar number into the system or press his finger against a reader for identification.

This does not constitute a breach or hacking of the Aadhaar database.

At best, it constitutes the violation of privacy of the citizens, as anyone willing to pay can now figure out the residential adressess, email addresses and phone numbers of anyone else whose Aadhaar number they have.

While this is certainly not a satisfactory state of affairs — after all, nobody wants to expose their phone numbers and addresses to all and sundry — it is a far cry from a ‘breach’ or ‘leak’ of the database, as media reports would have you believe.

In fact, the primary purpose of creating the UID database is to be able to verify the identity of a person, and the entering an Aadhaar number and checking the person’s details is exactly how you verify the identity of a person.

Anyone who has used the Aadhaar e-verification facility will know that when you enter your unique ID or press your finger against the sensor, the system displays all the above details, including your address, email and phone number.

That is a feature, not a bug.

The problem, in this case, is that this verification facility is supposed to be available only to ‘serious’ users — such as telecom operators and banks. Just about any Tom, Dick & Harry with 500 rupees to spare is not supposed to be able to get access to the verification portal.

According to the UID Authority, the people who were selling the access were using the accounts created for ‘grievance redressal’.

In other words, they were misusing the verification facility that was set up for government officials and UID agencies to deal with complaints regards wrong Aadhaar data and so on.

This suggests that some officials have been ‘selling’ their access for money.

SHOULD YOU BE WORRIED?

The key question is, should you be worried? Is your UID data just lying there somewhere for everyone to see?

No.

First, your data has not been leaked. Nobody, other than the UIDAI has a list of Aadhaar numbers, names, emails etc.

At best, what anyone can do is to find our your name and address if they have your Aadhaar number.

The ‘if’ part is key. They need to have your Aadhaar number to find out your name and other details. They cannot enter your name and get your Aadhaar number.

It’s a bit like your PAN or your vehicle registration number. If someone has your PAN, they can go to the Income Tax website, enter the PAN and know your name.

Similarly, anyone can go to your government’s Road Transport Department website, enter your car or bike registration number and find your details as well.

The key difference is in the level of detail.

While a PAN or a VAHAN lookup only allows you to verify your name, an Aadhaar check reveals your address, phone number and email address, if provided.

Moreover, in case of Aadhaar, all requests are logged.

In other words, there is a record of all verification requests carried out from all IDs.

In other words, the people who sold their logins are not very smart and it’s not very difficult to find out who has been selling their access facility for money.

Is this an ideal situation?

Far from it.

But has the Aadhaar system been finally hacked, is your data personal data up for sale on the Internet? Should you get a new set of fingers and eyes? Nopes, at least not yet.

Follow ULTRA.news
Make bitcoins illegal – Government of India Committee The international symbol for bitcoin Bitcoin users and investors in India could be in for tough times ahead as a high-level, interdepartmental committee set up by the government of India has urged it to crack down on such virtual currencies. The contents of the committee's...
Internet banking fraud in India rises 4 times in 1 year The number of frauds related to Internet banking and credit and debit cards in India has increased four fold in the last one year, according to data reported by the banks to the Reserve Bank of India. Banks have already reported 10,220 incidents under the RBI's Fraud Monitorin...
Kerala businessman offers life-time job to accused in actress cyber-bullying case Parvathy | Twitter Joby George of Kerala-based Goodwill Entertainments has offered a 'lifetime' job in the UK, Australia, Dubai or India to the person who was arrested by the Kerala police yesterday for cyber-bullying an actress who criticized super star Mammootty. "If u c...
Indian Govt & Courts block close to 4,000 internet urls in 2016 & 2017 The central government blocked 1,791 urls -- websites or pages -- and the courts blocked another 2,133 urls in 2016 and 2017, the department of telecom said. This was in addition to around 4,700 child pornography websites that were blocked as part of a CBI investigation. A...
Aadhaar deadline to be extended to March 31 tomorrow The Government of India has assured the Supreme Court that it will issue a notification to extend the deadline to link essential services, except mobile connections, to Aadhaar to March 31 from December 31. The assurance was given by the Attorney General in the Supreme Court ...
Bharti Airtel denies violating Aadhaar norms Bharti Airtel today said it has not violated any norms set down by the UID Authority of India for the use of Aadhaar verification. Responding to a notice from the stock exchanges, the company confirmed having received notices from the UID Authority on alleged violations of no...
Vodafone launches Aadhaar verification via vans in Rajasthan With the central government breathing down the necks of telecom operators to link all connections with Aadhaar numbers, Vodafone has launched Aadhaar verification vans in Rajasthan to ease the process. The vans were initially launched with the purpose of easing the 4G SIM upg...
CIA biggest beneficiary of Aadhaar, says Swamy; GST not behind slowdown BJP leader and libertarian politician Subramanian Swamy said he believes that the design of Aadhaar system exposes core data to 'American intelligence agencies' and expressed consternation that the government was continuing with the unique identification number scheme. Subraman...
Andhra Bank, Syndicate Bank customers lose lakhs to Aadhaar fraud Five customer accounts belonging to Andhra Bank and Syndicate Bank were subjected to fraudulent withdrawals using the customer's Aadhaar data, government data indicated. Four of the five Aadhaar fraud cases took place in Andhra Bank, while the remaining one took place in Synd...
SBI warns against fraudsters luring customers with fake deposit schemes India's biggest bank, State Bank of India, has been forced to issue warning letters to its customers after fraudsters targeted the banks' customers with fake schemes and offers. An email message has been sent to customers warning them against depositing money on the advice of...
Privacy rights not above National Security – Kiren Rijiju Both individual freedom and privacy are very important but it cannot be unqualified as everything overrides when it comes to the national interest and security, Union Minister of State for Home Affairs, Kiren Rijiju said today. “When it comes to national security, I personall...
I’m not here to stay – Nandan Nilekani on Infosys Former Infosys CEO Nandan Nilekani, who took over as Chairman of the company to resolve the tension between key shareholders and the management, said he did not join the IT company to run it. He said he was not in the company to step into the shoes of Vishal Sikka, the CEO who...
Smart fridges, ovens make for easy hacking targets – Wipro report There was a massive 54% increase in the number of records stolen by cyber criminals across the globe in 2016, and the expanding adoption of connected devices is increasing the danger of hacking, Wipro Ltd said in its State of Cybersecurity Report. The report found that the em...
Net Neutrality: Vodafone wants right to manipulate Internet videos Telcos want to be able to reduce video quality Vodafone India said it would like to be given the power to manage the size of videos watched by users on its mobile network and lower it automatically "for overall quality welfare". Participating in the discussions related to ...
Govt to bring 532 welfare schemes under Aadhaar-based direct benefit transfer Logo for LPG DBT scheme The finance ministry has conducted an examination of the existing welfare and subsidy schemes of the central governments and identified 532 of them as being suitable to be migrated to the 'direct benefit transfer' or DBT model of disbursing of funds. ...
Aadhaar enrollment in Assam drags at 6.5% An Aadhaar Promotion The total number of Aadhaar cards issued by the Unique Identification Authority of India has reached 112.25 cr or 1.122 bln as of the beginning of this month, but enrollments in the border state of Assam trail at 6.5%, according to numbers provided by the...
DoT likely to remove ‘local address’ requirement for Aadhaar holders Aadhaar e-KYC process The Department of Telecom is considering the remove of local address requirements for people taking a new mobile connection using an Aadhaar card. "We are in final talks. It will take a few more days," said a DoT official. At present, taking a mobi...
39 government websites hacked in India in 2 months An increasing number of government department websites get hacked every year, according to data obtained from the Department of Information Technology. A total of 39 websites belonging to central government ministries and state governments were hacked in the first two months o...
Credit, debit card fraud down sharply this year in India Credit Card Fraud in India Incidents of fraud and theft involving credit and debit cards have fallen sharply in the current financial year, according to data for the first nine months provided by the Reserve Bank of India. While the exact reasons for the sharp decrease is ...
UID says telecom operators cannot misuse Aadhaar eKYC data A schematic representation of Aadhaar eKYC provided by UIDAI The Unique Identification Authority of India has rebutted allegations that Aadhaar data submitted by citizens to companies are prone to misuse. Aadhaar -- which is India's equivalent to the US social security num...