1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
June 14,2020

Mangaluru, June 14: Private schools under the aegis of Association of English Medium Schools in Dakshina Kannada and Udupi urged the State government to reimburse the arrears of the fee related to admission of students under the Right to Education (RTE) Act.

Speaking to newsmen here on Sunday association president Y. Mohammed Beary said the State government has not cleared the arrears for the last two years. “The 400 private schools in two districts have to get around Rs 2 crore,” he said and added that the overall arrears that the government has to pay to schools in the State are around Rs1,200 crore.

Mr. Beary said arrears have made the school managements like his, who collect annual fees of about Rs 20,000 from a student, hard to function. Due to lockdown from March the schools could not conduct annual examinations and hence they could not collect pending fees from parents.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
August 7,2020

Bengaluru, Aug 7: Amid the rising number of COVID-19 cases in Karnataka, the state's health department issued fresh guidelines for the disposal of bodies of COVID patients.

"Although an increased risk of COVID infection from a dead body to health workers or family members who follow standard precautions while handling the body is unlikely, the lack of scientific data requires the utmost care to avoid the inadvertent spread of COVID-19 during these times," the statement from the health department's press release read, emphasising on the dignity of the dead and the religious and cultural tradition.

The 23-page press release elaborated on guidelines regarding testing, handling of dead bodies and other specificities in relation to the management of COVID-19 bodies.

"Testing should not be insisted in every case of death, but only when they have a recorded history of influenza-like symptoms. The body should be handed over to the family members/ relatives in a dignified manner immediately after swab collection and hospitals should provide handouts with a list of dos and don'ts in English and Kannada laying down relevant information," the statement said.

It added, "At the mortuary, health care workers, mortuary staff and the family of the deceased body shall not come in direct contact with the dead body and must wear full personal protective equipment (PPE). If the family or relative are for any reason unable to cremate or bury the body, the local health authority shall arrange for the dignified last rites as per the religious traditions of the family."

Regarding autopsies (post mortem) on COVID-19 bodies, the state department said that they should be avoided, except in necessary circumstances.

The statement also gave detailed guidelines regarding the appropriate recording of COVID-19 deaths in line with the Indian Council of Medical Research (ICMR) guidelines.

Additionally, the health department made a statement about the admission procedure for COVID positive patients referred by other district administrations saying, "It is now mandatory for all the referrals from the BBMP admission and discharge of COVID positive patients to be done through the online COVID Hospital Bed Management System (CHBMS)."

The state's count of coronavirus cases was 1,51,449 in the past 24 hours.

So far, a total of 2,804 people have died due to COVID-19 in the state, while the average recovery rate in Karnataka is 49.3 per cent.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
coastaldigest.com web desk
July 2,2020

When the black and white photos of the ‘London to Calcutta (Kolkata) bus service’ went viral on social media recently, the response of some of the netizens was “stop spreading fake news!” But, it isn’t a fake news. The late 1950s indeed offered people a lavish bus trip from London to Kolkata. 

While one of the viral images shows passengers at the Victoria Coach Station, London, boarding 'Albert', the other image show the same bus travelling through a valley. In another image the bus is stationed at a tourist spot. All these photos were captured during the bus’ maiden international journey in 1957.  

An image of the bus ticket is also making rounds on social media, that shows the route of the bus — London, Belgium, West Germany, Austria,Yugoslavia, Bulgaria, Turkey, Iran, Afghanistan, West Pakistan, India. The route in India followed Delhi, Agra, Allahabad, Banaras and finally Calcutta.

The ticket shows that a one side travel cost 145 pounds (13,644 Rupees at the present day) back then, and it was inclusive of all the luxury provided during the run.

The luxurious bus provided the facilities of reading, individual sleeping bunks, radio/taped music for parties and pleasure and fan heaters, among other things. The brochure reads, "Your complete home while you travel."

Some of the tour highlights included Banaras on the Ganges, The Taj Mahal, The Raj Path, The Rhine Valley and The Peacock Throne. Passengers reportedly got free shopping days in New Delhi, Tehran, Salzburg, Kabul, Istanbul and Vienna.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.