1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
March 26,2020

Bengaluru, Mar 26: Karnataka government has warned strict penal action against landlords or house-owners under provisions of law for forcing doctors, paramedical staff and healthcare professionals to vacate their rented residences citing COVID-19 spread through them as the reason.

Stating that lot of complaints have been received in this regard, an order issued by Additional Chief Secretary Health and Family Welfare department Jawaid Akhtar said such behaviour amounted to obstructing public servant in discharging their duties./

Noting that the state government has issued Karnataka Epidemic Diseases (COVID-19) regulations 2020 for prevention and containment of the virus, it directed Deputy Commissioners of the district, Commissioner and Joint Commissioner of BBMP (civic body in Bengaluru), Commissioners of Municipal Corporations and District Deputy Commissioner of Police to take action against such incidents.

"Strict penal action should be taken against such landlords or house-owners under relevant provisions of law and submit an action taken report on a daily basis to the office of Additional Chief Secretary, Home Department," the order read.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
coastaldigest.com web desk
February 1,2020

Shivamogga, Feb 1: A three-year-old girl who fell out of a moving vehicle had a miraculous escape in Agumbe Ghat section in Teerthahalli taluk of Shivamogga district of Karnataka.

The incident took place in the early hours of Friday when 12 members from three different families were returning from a tour of Kerala and Tamil Nadu. The girl was reunited with her family after 30 minutes of high drama.

The child, identified as Anavi, is believed to have fallen from the vehicle as it negotiated hairpin bends on the Agumbe Ghat road, 350km from Bengaluru. The child's parents, Binu and Lincy, from NR Pura in Chikkamagaluru district, and other family members reportedly dozed off and did not realize the child had fallen off the vehicle until they covered a distance of about 20km.

One of the family members noticed that child was missing from the seat next to the door. When the driver realized the door latch had given way, they suspected the child could have slipped out of the vehicle.

Then the family started searching along the road and learnt from a forest guard at the Agumbe checkpost that a missing child was found and it had been handed over to Agumbe police station.

An advocate who identified himself as Vinay spotted the girl child as he passed the deserted stretch minutes after the vehicle left and picked her up and handed her over to Agumbe police.

The child sustained minor injuries in the fall. She was provided medical treatment before she was handed over to the parents.

Sources said it wasn't known how the vehicle door opened. One theory is that the girl could have accidentally unlocked the door while clutching the latch in the bumpy ride on the ghat. Police did not file any complaint.

Similar incident

This incident is almost a rerun of a Kerala incident in which a one-year-old baby fell off a moving jeep and was reunited with its mother hours later in September 2019 in Idukki district.

The baby had slipped off the mother's arms while she dozed off in the vehicle. CCTV footage showed the baby, after falling on the road, crawling towards a lit-up area close by, which turned out to be a forest checkpost. Family realised child was missing after 20km.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
coastaldigest.com news network
January 15,2020

Bantwal, Jan 15: Two people died in a head-on collision between two two-wheelers at Mani-Mysuru Highway in Bantwal last night, police said on Wednesday.

Police said that Parikshit (19) and Padmanabha Gowda (28) were heading towards Mane while Mohammed Ajmal (19) on his activa was on his way towards Kodaje when they collided head-on.

All the victims were immediately rushed to hospital for treatment where two of them breathed its last after not responding to the treatment.

Parikshit and Ajmal lost their lives while Gowda suffered critical injuries, the police said.

In another road accident reported from Kodangayi near Radukatte in Vittla, seven people including women and children sustained injuries when a Maruti Omni and another vehicle collided here on Tuesday evening.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.