1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 14,2020

Hubballi, May 14: South Western Railway (SWR) has so far ferried about 54,000 passengers, including migrant workers, students and stranded people to 11 states to reach their home towns by Shramik Special trains.

So far 40 Shramik Specials were run one each from Kabakaputtur in Mysuru and Hubballi and remaining 38 from Chikkabanavara/Malur from Bengaluru area. About 54,000 passengers were ferried to different parts of the country. Maximum Shramik Specials trains train services were run to Lucknow (9) and Danapur (7).

Shramik Specials were run to Bihar (Bakora, Danapur, Baruni, Darbhanga), West Bengal (Purila, Bankura, New Jalpaiguri), Jharkhand (Hatia, Barkakana), Rajasthan (Jaipur, Udaipur), Uttar Pradesh (Lucknow, Gorakhpur), Orissa (Bhubaneswar), Madhya Pradesh (Gwalior), Uttarakhand (Haridwar), Himachal Pradesh (Una), Tripura (Agartala) and Jammu and Kashmir (Udhampur).

SWR is transporting passengers to their destination as per the demand of the State Government with proper protocol and the receiving State Government is ready to accept them.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
February 10,2020

Chitradurga, Feb 10: President of the BJP State unit Nalin Kumar Kateel on Sunday hit out at Congress leader M. Mallikarjun Kharge for allegedly likening Prime Minister Narendra Modi to a “zero candle bulb”.

Mr. Kateel told reporters here that Mr. Modi was a “1,000 watt bulb that gave light to the world”, and compared Mr. Kharge to a lamp that had burned out politically.

Mr. Kateel charged that Mr. Kharge had become frustrated after losing the elections and after his party did not even consider him for a Rajya Sabha seat. And this had made the Congress leader to make wild charges against the Prime Minister.

Lashing out at the Congress, Mr. Kateel alleged that the Congress was continuing the “divide and rule” policy of the British and accused the former Prime Minister H.D. Deve Gowda of being the “other face of the Congress”.

Mr. Kateel also came down on the former Chief Minister Siddaramaiah. He ridiculed the Congress for the delay in choosing a new KPCC chief after Dinesh Gundu Rao submitted his resignation.

Comments

Secular indian
 - 
Monday, 10 Feb 2020

I dont  think these  fights dont deserve to be on news. 

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
August 6,2020

New Delhi, Aug 6 : With a single-day spike of 56,282 new COVID-19 cases and 904 deaths in the last 24 hours, India's COVID-19 tally reached 19,64,537 on Thursday.

With the increase of 904 deaths, the toll due to the disease now stands at 40,699 in the country, according to the Union Ministry of Health and Family Welfare (MoHFW).

The COVID-19 count includes 5,95,501 active cases and 13,28,337 cured/discharged/migrated patients.

Meanwhile, as per the MoHFW, the percentage of discharged patients stands at 67.62, while the active cases are at 30.31 in the country as of today.

The deaths reported due to the infection are currently at a little above two per cent of the total confirmed cases in the country.

Maharashtra with 1,46,268 active cases and 3,05,521 cured and discharged patients continues to be the worst affected. The state has also reported 16,476 deaths due to the infection.

Tamil Nadu has 54,184 active cases while 2,14,815 patients have been discharged after treatment in the state. 4,461 deaths have been reported due to COVID-19 in the state.

Andhra Pradesh with 80,426 active cases is the third on the list. There are 1,04,354 cured and discharged patients and 1,681 deaths reported from the state.

The national capital's active cases tally once again crossed the 10-thousand mark with 175 new cases being reported. Delhi now has 10,072 active cases and 1,26,116 cured and discharged patients. 4,044 people have lost their lives due to the disease in the Union Territory so far.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.