1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
March 18,2020

Bhopal, Mar 18: Congress leader Digvijay Singh's detention by police in Bengaluru is display of "dictatorship and Hitlarshahi" by the BJP, Madhya Pradesh Chief Minister Kamal Nath said here on Wednesday.

Singh staged a protest near a Bengaluru resort this morning where rebel MLAs of Madhya Pradesh Congress are staying, and demanded that he be allowed to meet them.

Singh, who has been detained by the police, accused the BJP of holding the MLAs captive and said that he would go on a "hunger strike".

Reacting to this, Nath said if the need arises he would also go to the Karnataka capital.

"Preventing Congress Rajya Sabha candidate and other ministers from meeting MLAs, misbehave with them, forcibly taken them into custody is totally a dictatorship and hitlershahi (sic)," Nath said in a tweet.

"Entire country is watching how an elected government is being made unstable and how BJP is murdering democratic values," Nath said.

"Why they are not allowing them to meet MLAs. What BJP is afraid of. BJP is playing a dirty political game in the state," the chief minister tweeted.

Demanding immediate release of detained Congress leaders, Nath said that democratic norms and Constitutional values are being stifled.

Later speaking to reporters, the CM said, "Why the BJP is afraid of presenting 16 MLAs here (Bhopal)? What is the problem in one person (Singh) meeting with 16 legislators?"

Nath reiterated that his government had proven majority on floor of the House in the last 15 months since coming to power.

Amid political uncertainty in Madhya Pradesh, the state Congress Legislature Party on Tuesday moved the Supreme Court seeking direction to the Centre and the BJP-led Karnataka government to grant it access to communicate with its rebel MLAs staying in Bengaluru.

The apex court had also directed the Kamal Nath government to respond by Wednesday to a plea by senior BJP leader Shivraj Singh Chouhan seeking immediate floor test in the Assembly.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
coastaldigest.com news network
February 2,2020

Bantwal, Feb 2: A 45-year-old man was found murdered in a parked Innova car at Shantinagar near Nagri in Sajipa Munnur in Bantwal taluk today. 

The deceased has been identified as Tasleem, a native of Kerala who was wanted in a few criminal cases. He was, according to reports, a member of Kerala's notorious Ziya. 

Tasleem was an accused in Kalia Rafiq murder in Ullal (2017). He was arrested last year in connection with a jewellery store robbery case registered in Mangaluru North police station and was sent to Kalaburagi prison. He was later released on bail. 

Police are of the suspicion that a rival gang might have kidnapped him, tried to strangle him and then stabbed him in the stomach, before fleeing the spot.

The car had been parked at the spot since morning. The locals who grew suspicious at this informed the police. Circle inspector T D Nagaraj and other officers conducted spot investigation. 

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
February 23,2020

Udupi, Feb 23: Tanushree Pithrody, a 10-year-old girl from Udyavar and class 6 student of St Cecily’s School, here and a Guinness World Record holder, erased the old record by covering the 100 metres 'Chakrasana race' in one minute 14 seconds to write her name in the Golden Book of World Records.

This was announced by Manish Bishnoi, Head, Golden Book of World Records, who handed over the Certificate to Ms Tanushree, who was accompanied by her father Uday Kumar and mother Sandhya here on Saturday.

The previous record-holder in this category was Samiksha Dogra [11 years and 1 month] from Rampur Bhushar, Himachal Pradesh, who had set a time of 6 minutes and 2 seconds on June14,2018.

Later speaking to scribes here, Ms Tanushree said that she was delighted that she was able to break the record. “When I was practicing, I used to finish it in around 2 minutes. This is my fifth record. I dedicate my success to my parents and my Yoga guru,”she added.

Ms Tanushree has also created a record for the ‘most forward rolls with Dhanurasana Yoga pose in 1 minute’ by performing 62 rolls and she also created the ‘fastest 100 forward rolls with Dhanurasana Yoga pose’ in 1 minute and 40 seconds on February 23, 2019 and entered the Golden Book of World Records.

In 2018, she set the Guinness World Record for ‘most full-body revolutions maintaining a chest stand position’ with 42 full-body revolutions in one minute, and on 21 March, 2019 she broke that record with 44.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.