1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
July 17,2020
New Delhi, Jul 17:  Congress leader Rahul Gandhi on Friday said that as India's COVID-19 tally has crossed 10,00,000 mark and issued a warning that by August 10, more than 20,00,000 people may be infected in the country. He called on the government to take concrete steps to control the pandemic.
 
Taking to Twitter, Gandhi marked his earlier tweet from July 14 that stated: "This week the figure will cross 10,00,000 in our country."
"The tally has crossed 10,00,000 mark. If COVID-19 continues to spread at the same speed, by August 10, more than 20,00,000 people will be infected in the country.
 
The government must take concrete, planned steps to stop the epidemic," he tweeted today.
With the highest single-day spike of 32,695 cases and 606 deaths, India's COVID-19 tally on Thursday reached 9,68,876, informed the Union Ministry of Health and Family Welfare on Thursday.
 
The total number of COVID-19 cases includes 3,31,146 active cases, 6,12,815 cured/discharged/migrated and 24,915 deaths. 

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
March 8,2020

Bengaluru, Mar 8: Lieutenant General Milind Hemant Thakur, Director-General of Supply and Transport Corps of the Indian Army, unveiled the renovated Animal Memorial at Agram Grounds in ASC Centre and College here on Saturday.

The animal memorial signifies the contributions of mules and horses of the Indian Army. These animals belonging to the Army Service Corps, who have rendered their services relentlessly during the war in the Himalayas, often paying the highest price of sacrificing their lives in the line of duty have been chronicled in the Memorial.

To ensure that these hoof prints do not get obliterated, on approval by the Government of India, their saga was brought to life in the form of a sculptured monument in the Equestrian Training Area of the ASC Centre and College.

This animal transport memorial has now been extended by constructing two walls supported by Roman pillars on either side.

These walls highlight the role played by the animals in the Indian Army since the British Raj. It gives details of 637 gallantry awards won by the brave muleteers, 49 battle casualties since independence, 14 gallantry awards to mules since independence and 05 military recognitions bestowed by the Chief of the Army Staff and other Army Commanders on AT units, who have been relied upon heavily to fill an important niche in the logistics networks of the Indian Army.

Gen Thakur also declared that 26 September each year has been nominated as the AT Remembrance Day as it was on this day in 1914, that 9th mule Corps, as part of the Indian Expeditionary Force, landed at Marseilles in France, to a most hearty and enthusiastic welcome by the French to support the British and allied armies in World War One.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
April 18,2020

Bengaluru, Apr 18: Karnataka Congress president DK Shivakumar on Saturday appealed to Prime Minister Narendra Modi to deposit at least Rs 10,000 in bank accounts of people belonging to the unorganised sector.

"The unorganised sector comprises barbers, dhobi, cooks, carpenters, sweepers, drivers and autorickshaw drivers. Prime Minister Narendra Modi did not mention anything about giving subsistence to these people," Shivakumar, told ANI, referring to the Prime Minister's address earlier this week.

Modi had announced the extension of the ongoing nationwide lockdown till May 3 in order to curb the spread of coronavirus.

"I appeal to Prime Minister Modi to register the members of the unregistered sector under the National Rural Employment Guarantee Act (NREGA) or deposit at least Rs 10,000 to the bank accounts of each of the members of unorganised sector to help them survive the lockdown," he added.

Though the Congress party will continue the central government and state government's fight against coronavirus, he said, both the governments need to help people who are part of the unorganised sector.

"The farmers have told me that due to the lockdown they are ready to sell the vegetables, which once used to be sold at Rs 100 per kg, at even Rs 5 per kg," he said.

Speaking on the suggestions he made to Chief Minister BS Yediyurappa, Shivakumar said, "I requested the Chief Minister to send a team to do a videograph and make an assessment of the on-ground situation. However, till now, no one has gone."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.