1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
February 16,2020

Hubballi, Feb 16: Rs 72,000 crore investment proposals were received at the Invest Karnataka meet, here on Friday, for the states northern region, said an official on Saturday.

"About 50 foreign and domestic firms have proposed to invest Rs 72,000 crore in the northwest and northern regions of the state and a dozen companies signed agreements with us," state Industries Department Secretary Gaurav Gupta said.

Rajesh Exports, Bengaluru-based group, signed an agreement to set up a manufacturing unit at Dharwad to rollout electric vehicles and make lithium ion batteries.

"Rajesh Exports proposes to invest about Rs 50,000 crore for manufacturing electric cars and lithium ion batteries for the domestic and overseas markets. It will generate about 10,000 jobs," said Gupta.

Similarly, Sonali Power has signed a pact with the state nodal agency (Udyog Mitra) to set up a solar power plant at Davangere at a cost of Rs 4,800 crore, which will generate 2,100 direct jobs.

Chief Minister B.S. Yediyurappa claimed several firms had come forward to collectively invest Rs 1 lakh crore since the BJP government came into being in July 2019.

"Many Indian and foreign firms will sign agreements with the state government at the 3-day Global Investors meet in Bengaluru on November 3-5," Yediyurappa said at the 'Invest Karnataka' meet.

Noting that Karnataka was rich in natural and human resources, especially in high-tech and skilled workforce, Yediyurappa said investment opportunities were plenty in aerospace, automobiles, machine tools, electric vehicles and bio-technology besides information technology.

"About 40 global firms expressed interest to invest in the state at a roadshow held at Davos, Switzerland, on the margins of the World Economic Forum (WEF) meet on January 23," he said.

Under the new industrial policy, the state government will set up clusters to make toys at Koppal, textiles in Bellari, solar equipment at Kalaburagi and farm machinery at Bidar.

"We are committed to make North Karnataka a power house of industries for the region's development, with Hubballi-Dharwad as the growth hub," Yediyurappa said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
March 21,2020

New Delhi, Mar 21: A couple was deboarded from a Delhi-bound Rajdhani train on Saturday after co-passengers observed a home quarantine seal on the husband's hand, the Railways said Saturday.

Officials said the Delhi-based couple boarded the Bangalore City-New Delhi Rajdhani at Secunderabad on Saturday morning.

When the train reached Kazipet in Telangana at 9:45 am, a co-passenger noticed the quarantine mark authorities are putting on suspected coronavirus cases —on the husband's hand when he was washing his hands. Other co-passengers then informed the TTE onboard.

The train was briefly detained and the couple was taken to a hospital. The coach was completely sanitised in Kazipet and was locked, officials said.

The air conditioning was also switched off.

The train left for its destination at 11.30 am.

People fleeing quarantine has been a common problem reported from different parts of the country.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Media Release
January 23,2020

Mangaluru, Jan 23: Veekshitha Arasa, an officially certified Zumba instructor is all set to present Zumba fitness on the Beach to the people of Mangalore on January 26, 2020. The Zumba event will be hosted at Panambur Beach on Republic Day (Sunday) from 4.00 p.m. to 6.00 p.m. Entry is free to the public and there are no tickets.

Veekshitha Arasa will be accompanied by some of the immensely talented Zumba Instructors from Bangalore who have been passionately spreading love for Zumba through their classes and events. Some amazing instructors from Mangalore too will be joining the event to make it even more happening.

With the sole aim to promote fitness among Mangaloreans these Zumba Instructors will make you groove to peppy, energetic numbers and make your evening sweat-blasting and fantastic.

The main presenter and host of this event Veekshitha hails basically from Mangalore. Having conducted Zumba training in various fitness centers and corporates across Bangalore and being the presenter in several mega events both in India and International Platforms in Hong Kong, Veekshitha always had a dream to have a full-fledged Zumba fitness event in her own city - Mangalore. The idea of having it by the beach side fascinated her even more and that’s how this event has been planned exclusively for the people of Mangalore right on the beach.

For all those who have been planning to start their fitness journey this might just be the beginning. Go join the Zumba party and shed some calories.

AJ Hospital & Research Centre, APD Foundation and SS Arrangers & Caterers are the sponsors for the event.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.