1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 12,2020

Washington, Jan 12: US president Donald Trump said Saturday the United States was monitoring Iranian demonstrations closely, warning against any new “massacre” as protests broke out after Tehran admitted to shooting down a passenger plane.

Iran said earlier it unintentionally downed a Ukrainian jetliner outside Tehran, killing all 176 people aboard, in an abrupt about-turn after initially saying that it had crashed due to mechanical failure. The firing came shortly after Iran launched missiles at bases in Iraq housing American forces.

President Hassan Rouhani said a military probe into the tragedy had found that “missiles fired due to human error” brought down the Boeing 737, calling it an “unforgivable mistake.”

Trump told Iranians -- in tweets in both English and Farsi -- that he stands by them and is monitoring the demonstrations.

“To the brave, long-suffering people of Iran: I've stood with you since the beginning of my Presidency, and my Administration will continue to stand with you,” he tweeted.

“There can not be another massacre of peaceful protesters, nor an internet shutdown. The world is watching,” he added, apparently referring to an Iranian crackdown on street protests that broke out in November.

“We are following your protests closely, and are inspired by your courage," he said.

The new demonstrations follow an Iranian crackdown on street protests that broke out in November. Amnesty International has said it left more than 300 people dead. Internet access was reportedly cut off in multiple Iranian provinces ahead of memorials planned a month after the protests.

On Saturday evening, police dispersed students who had converged on Amir Kabir University in Tehran to pay tribute to the victims, after some among the hundreds gathered shouted "destructive" slogans, Fars news agency said.

State television reported that students shouted "anti-regime" chants, while the news agency Fars reported that posters of Soleimani had been torn down.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
March 19,2020

New Delhi, Mar 19: Senior Congress leader Oscar Fernandes on Wednesday extolled the virtues of 'gaumutra' and shared an anecdote about a man claiming to have cured his cancer by drinking cow urine to drive his point home.

Participating in a debate in Rajya Sabha on two bills for setting up national commissions for homoeopathy and Indian systems of medicine, the former Union minister said, "My extreme friend Jairam Ramesh pulls my leg, when I talk of 'gaumutra'."

Sharing an anecdote, Fernandes said once during a visit to an ashram near Meerut he had met a person who claimed to have cured his cancer by drinking 'gaumutra'.

Many BJP leaders have earlier spoken about the healing power of 'gaumutra'. The Congress has reacted sharply to such remarks.

He also praised the virtues of the Indian systems of medicine. He said when he had severe pain in knee joint and doctors had suggested for replacement surgery. However, he refused and started doing 'Vajrasana'.

"I started Vajrasana, practising yoga, and today I am able to do wrestling without any difficulty," the septuagenarian leader said.

"When (former) prime minister (Atal Bihari) Vajypee ji had a knee surgery, I thought if I had known him earlier, I would have definitely gone to him and ask him to follow 'Vajrasan' and it could have been cured," he said.

He also claimed to have met a person in US aged around 104 years and moving swiftly as a young man.

"Yoga is our wealth. If you practise yoga, may be our budget cost of health can be reduced by 50 per cent. It's way of life," he said.

"Our own Indian systems of medicine will provide a lot of reliefs even before going to a doctor," he said.

Though Fernandes supported the bills but raised objection over the exclusion of yoga and naturopathy.

"I would urge the minister either to amend the bill or bring an assurance that it will bring a separate legislation to cover yoga and naturopathy," he said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
March 13,2020

Bengaluru, Mar 13: Amid coronavirus outbreak, all universities, malls, and clubs will remain closed for a week in Karnataka. Karnataka CM Yediyurappa has said no one should travel unless it's an emergency. "All malls, cinema halls, pubs, wedding ceremonies and other large gatherings in the Karnataka have been banned for another one week," Chief Minister Yediyurappa said. This comes hours after the Uttar Pradesh government had decided that all schools, colleges situated in the state will be closed till 31st March 2020.

Following the decision, the Karnataka government on Friday asked doctors and other health staff to work on public holidays also till the spread of coronavirus is contained. Leaves and all week off of state health ministry workers have also been canceled. The government issued a circular stating that certain emergency measures are being taken to control the spread of coronavirus is some parts of the State.

"To manage things in a result-oriented manner, doctors, office personnel, paramedical staff and other permanent and contract employees in hospitals coming under the Health Department have been instructed to work on all public holidays." the government order read.

The decision comes after 76-year-old man in Karnataka's Kalaburagi died of coronavirus and became India's first COVID-19 victim. 46 people in Kalaburagui have been kept under coronavirus quarantine since then. Out of 46, 31 have been put under the "high risk" category. The high-risk persons were shifted to ESIC hospital. Officials said four family members of the man have displayed flu symptoms and their swab samples have been sent for testing in Bengaluru.

Earlier on Friday, an employee of Google's Bengaluru office tested positive for n-coronavirus, taking the total COVID-19 positive cases in Bengaluru to 5. India's total coronavirus positive count rose to 75. Several other states including capital Delhi, Madhya Pradesh, Odisha, Bihar, and Uttar Pradesh invoked various sections of the epidemic disease act. Meanwhile, the Indian Army has also called off all recruitment drive in wake of coronavirus outbreak.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.