1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 10,2020

Mangaluru, Jan 10: To mark the Karavali Utsav the district administration held a colourful procession from Nehru Maidan to Karavali Utsav Grounds Lalbagh here on Friday.

The colourful procession was inaugurated by the District Minister In-charge Kota Srinivas Poojary by lighting the traditional lamp along with other dignitaries. Various troupes from all over the state are participating in the procession from Nehru Maidan to the Karavali grounds.

Addressing the gathering Kota Srinivas Poojary said, “Karavali Utsav is a meaningful festival. The Tradition and culture of Dakshina Kannada is very meaningful. By organizing Utsav’s we are highlighting our tradition and Culture to national and international levels.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
coastaldigest.com news network
May 29,2020

Mangaluru, May 29: Even as the thousands of Indian expatriates in Saudi Arabia are waiting for repatriation flights to return to India, a few NRI entrepreneurs are sending home their employees through chartered flights. 

The government of India on May 21 had formally approved the repatriation of stranded Indian expatriate workers through chartered flights arranged by their employing companies particularly in Gulf region and elsewhere. 

Expertise Contracting Co. Ltd headed by K S Sheik and Al-Muzain Est. headed by Zakaria Jokatte are among those who have hired charter flights to repatriate hundreds of employees to India amidst corona lockdown. 

Mr Sheik said that his firm had applied for nine charter flights. "Two of the charter flights will carry 360 people to Mangaluru. Seven other flights will repatriate employees to Delhi, Thiruvananthapuram, Chennai and Hyderabad," he said, adding that the company will bear complete expense of their repatriation and quarantine facility after India. 

Mr Jokatte three charter flights will fly from Dammam to Mangaluru International Airport on June 2, 5 and 8 carrying their employees.

Comments

SANNARUDRAPPA
 - 
Saturday, 30 May 2020

ಸೂಪರ್

 

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 29,2020

Hubballi, Jan 29: Thousands of people took part in a protest march against the Citizenship (Amendment) Act (CAA) causing traffic snarl in the city on Tuesday.

Various Dalit organisations had taken part in protest organised under the aegis of the 'Samvidana Samrakshana Samiti'.

KPCC members including MLA Prasad Abbayya, former Minister A.M. Hindasageri and office-bearers also joined the protest.

They congregated first at B.R. Ambedkar Statue near the Head Post Office in Hubballi. Holding flags and banners, the protesters marched from Ambedkar statue to mini Vidhana Soudha covering Lamington Road, Sangolli Rayanna Statue and Kittur Chennamma Circle.

Mr. Abbayya said that despite opposition from various minority communities and progressive organisations, the Union government had not changed its stand. The opposition would continue till the new law was repealed, he said.

He termed the CAA as a draconian law that meted out injustice to not only Muslims but also to Hindus. “Giving citizenship based on documents is highly condemnable. At a time when the country is undergoing an economic slowdown, it is highly condemnable that thousands of crores are being spent to enact the law. The Union government should immediately abolish the new law,” he said.

They submitted a memorandum to the Hubballi tahsildar that was addressed to the President, seeking abolition of the new law. In view of the march, the police had diverted traffic and had made elaborate bandobast.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.