1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
coastaldigest.com news network
June 14,2020

Newsroom, June 14: Bollywood star Sushant Singh Rajput, who was found dead in his house in Mumbai’s Bandra today, was heartbroken after the death of his former manager Disha Salian.

34-year-old actor had posted a heartfelt note after her death: “It’s such devastating news. My deepest condolences to Disha’s family and friends. May your soul rest in peace.” 

The police are considering 28-year-old Disha’s death as an accidental one and the investigation is on to find if it was a suicide. She died after falling off the 14th floor of a building in Malad, Mumbai on June 8.

It is not yet known if there is any connection between the two deaths. Sushant’s house help reportedly found him hanging inside his room on Sunday and cops are investigating the case. He was recently seen in Nitesh Tiwari’s Chhichhore and more recently on Netflix opposite Jacqueline Fernandez in Drive.

Who is Disha Salian?

Disha Salian hails from Karnataka’s coastal district of Udupi. She was born in 1992 into a business family background. She reportedly migrated to Mumbai with her family at an early age. 

After completing her education, she worked in the Times of India Group for more than three years. The she went on the become the celebrity manager at Media Vantage.

Apart from Sushant, she had great links with many popular celebrities like Bharti Singh, Alisha Panwar, and others.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
July 8,2020

Bengaluru, Jul 8: Karnataka on Wednesday reported the biggest single-day spike of 2,062 coronavirus cases and a record 54 fatalities, taking the total number of infections to 28,877 and the death count to 470, the health department said.

778 COVID-19 patients were also discharged after recovery in the state.

Out of the fresh cases reported today, 1,148 cases were reported from Bengaluru alone with 22 deaths.

The previous biggest single-day spike was recorded on July 5 with 1,925 cases.

As of July 8 evening, cumulatively 28,877 COVID-19 positive cases have been confirmed in the state, which includes 470 deaths and 11,876 discharges, the health department said in its bulletin.

It said out of 16,527 active cases, 16,075 patients are in isolation at designated hospitals and stable, while 452 are in ICU.

The dead include 22 from Bengaluru urban, Dharwad seven, Ballari four, three each from Hassan and Raichur, two each from Ramanagara, Chikkaballapura, Vijayapura, Tumakuru, Mysuru, and one each from Bidar, Dakshina Kannada, Kalaburagi, Chikkamagaluru and Bengaluru rural.

Among the districts where the new cases were reported, Bengaluru urban accounted for 1,148 cases, followed by Dakshina Kannada 183, Dharwad 89, Kalaburagi 66, fifty nine each from Ballari and Mysuru, Bengaluru rural 37, Ramanagara 34, Chikkaballapura 32, 31 each from Udupi and Haveri, Bidar 29, Belagavi 27, Hassan 26, and 24 each from Bagalkote and Tumakuru.

While Chikkamagaluru reported 23 cases, it was 20 in Mandya, Uttara Kannada 19, Davangere 18, 17 each from Raichur and Shivamogga, Kolar 16, 11 each from Yadgir and Koppal, Gadag five, Vijayapura four, and Chitradurga two.

Bengaluru urban district tops the list of positive cases, with 12,509 infections, followed by Kalaburagi 1,816 and Dakshina Kannada 1,534.

Among discharges, Bengaluru urban tops the list with 2,228 discharges, followed by Kalabuagi 1,351 and Udupi 1,178.

A total of 7,59,181 samples were tested so far, out of which 19,134 were tested on Wednesday alone.

According to the bulletin, so far 7,11,319 samples have been reported as negative, and out of them 16,503 were reported negative today.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 4,2020

Karwar, Jan 4: One student died and twelve others were seriously injured when a school bus in which they were travelling from Anantapur district fell into a gorge near Gerusoppa Soolemarki Cross in Honnavar taluk of Uttar Kannada district last night, police said on Saturday.

The deceased student has been identified as T Basha Fakruddin (14).

Police said on that on Friday students of a government school from Anantapur district were on a trip to Jog, Murdeshwar and other places. There were 44 children, nine teachers and four cooking staff in the bus, police said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.