UIDAI Report On Aadhaar Enrolment Software Is Fully Safe
By MYBRANDBOOK
Unique Identification Authority of India (UIDAI) hereby dismisses a news report appearing in social and online media about Aadhaar Enrolment Software being allegedly hacked as completely incorrect and irresponsible. The claims lack substance and are baseless. However, People are advised to refrain from publicly putting their Aadhaar numbers on internet and social media and posing challenges to others.
UIDAI further said that certain vested interests are deliberately trying to create confusion in the minds of people which is completely unwarranted. UIDAI said in a statement,the report about Aadhaar being vulnerable to tampering leading to ghost entries in Aadhaar database by purportedly bypassing operators’ biometric authentication to generate multiple Aadhaar cards is totally baseless.
The report itself accepts that “it (patch) doesn’t seek to access information stored in the Aadhaar database”. Its further claim “to introduce information” into Aadhaar database is completely unfounded as UIDAI matches all the biometric (10 fingerprints and both iris) of a resident enrolling for Aadhaar with the biometrics of all Aadhaar holders before issuing an Aadhaar. UIDAI further said, that it has taken all necessary safeguard measures spanning from providing standardized software that encrypts entire data even before saving to any disk, protecting data using tamper proofing, identifying every one of the of operators in “every” enrolment, identifying every one of thousands of machines using a unique machine registration process, which ensures every encrypted packet is tracked.
UIDAI has taken full measures to ensure end-to-end security of resident data, spanning from full encryption of resident data at the time of capture, tamper resistance, physical security, access control, network security, stringent audit mechanism, 24x7 security and fraud management system monitoring, and measures such as data partitioning and data encryption within UIDAI controlled data centres.
UIDAI further clarified that no operator can make or update Aadhaar unless resident himself give his biometric. Any enrolment or update request is processed only after biometrics of the operator is authenticated and resident’s biometrics is de-duplicated at the backend of UIDAI system. UIDAI said that as part of its stringent enrolment and updation process, UIDAI checks enrolment operator’s biometric and other parameters before processing of the enrolment or updates and only after all checks are found to be successful, enrolment or update of resident is further processed. Therefore it is not possible to introduce ghost entries into Aadhaar database.
UIDAI said that even in a hypothetical situation where by some manipulative attempt, essential parameters such as operator’s biometrics or resident's biometrics are not captured, blurred and such a ghost enrolment/update packet is sent to UIDAI, the same is identified by the robust backend system of UIDAI, and all such enrolment packets get rejected and no Aadhaar is generated. Also, the concerned enrolment machines and the operators are identified, blocked and blacklisted permanently from the UIDAI system. In appropriate cases, police complaints are also filed for such fraudulent attempts.
UIDAI said that similar allegations were also made before the Hon’ble Supreme Court during hearing of the Aadhaar case before the Constitution Bench which were then adequately responded by the UIDAI in the Hon’ble Supreme Court. UIDAI said that reported claim of “anybody is able to create an entry into Aadhaar database, then the person can create multiple Aadhaar cards” is completely false. Some of the checks include biometric check of operator, validity of operator, enrolment machine, enrolment agency, registrar, etc. which are verified at UIDAI’s backend system before further processing is done. In cases where, any of the checks fails, the enrolment request gets rejected and therefore any claim of creating multiple Aadhaar and compromising the database is false.
The report further says, if an operator is found violating UIDAI’s strict enrolment and update processes or if one indulges in any type of fraudulent or corrupt practices, UIDAI blocks and blacklists them and imposes financial penalty upto Rs.1 lakh per instance. It is because of this stringent and robust system that as on date more that 50,000 operators have been blacklisted, UIDAI added. UIDAI said that it keeps adding new security features in its system as required from time-to-time to thwart new security threats by unscrupulous elements.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
NUMERIC INDIA, A Group Brand Legrand
MICROMAX INFORMATICS LTD.
DIGISOL SYSTEMS LTD.
CENTRE FOR DEVELOPMENT OF TELEMATICS
Technology Icons Of India 2023: B.V.R. Subrahmanyam
B.V.R. Subrahmanyam belongs to Andhra Pradesh. He is a 1987-batch IAS ...
Technology Icons Of India 2023: Bhavish Aggarwal
Ola CEO Bhavish Aggarwal had formed Ola-India’s largest mobility pla...
Technology Icons Of India 2023: Dilip Asbe
Dilip Asbe is the MD & CEO of National Payments Corporation of India (...
RailTel connecting every corner of India
RailTel is an ICT provider and one of the largest neutral telecom infr...
CSCs enabling rural India digitally empowered
Common service centres (CSCs) are digital access points under the Digi...
NPCI leading India towards Digital payments
The National Payments Corporation of India (NPCI) is an initiative tak...
B D SOFTWARE
BD Software is the distributor of IT security solutions in India. The ...
INFLOW TECHNOLOGIES PVT. LTD.
Inflow Technologies is a niche player in the IT Infrastructure Distrib...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...