1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
coastaldigest.com news network
February 7,2020

Newsroom, Feb 7: Prime Minister Narendra Modi’s recent statement that there is no detention camp in India is no more a lie. That doesn’t mean that there are no detention camps in the country, but the name of the camps have changed. 

In December, at a mega rally at Ramlila Maidan, meant to launch the BJP's campaign for the assembly elections in Delhi, Mr Modi had stated: “The rumour of detention centres being spread by the Congress and urban Naxals is totally false. This is being done with a bad intention to destroy the country, it’s filled with evil motives; this is a lie, lie, lie.” He had further claimed: “Neither are any of the country’s Muslims being sent to detention centres nor is there any detention centre in India”

In reality there are at least six detention camps in jails in Assam to house foreigners found staying in India illegally. A month prior to PM’s statement, Union minister of the state for home affairs Nityanand Rai had revealed that the six camps in Assam housed 1,043 foreigners — 1,025 Bangladeshis and 18 Myanmarese. Apart from these, at least ten new detention centres are coming up.

Outside Assam too, the Maharashtra government, under the then chief minister Devendra Fadnavis, had identified land for the state’s first detention centre for illegal immigrants.

Besides, in a case relating to illegal immigrants in Karnataka High Court in November this year, the Centre had told the court that it had written to all state governments in 2014 and sent a follow-up letter in 2018 to have detention centres to house foreign nationals illegally staying in India.

Karnataka’s first detention centre, apparently meant to lodge illegal immigrants and migrants overstaying in the country, is already open in Sondekoppa village on the outskirts of Bengaluru. The facility with several rooms, a kitchen and toilets has been kept ready on the directions of the government. 

Meanwhile, Union Minister of state for home Nityanand Rai has told the Lok Sabha that the name "detention centre" has now been changed to "holding centre".

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
February 22,2020

Kalaburagi, Feb 22: All India Majlis-e-Ittehadul Muslimeen (AIMIM) leader Waris Pathan was booked for his alleged remark against the Hindu community in his speech during an anti-CAA rally held here recently, police sources said on Saturday.

According to police sources, the FIR was registered against the AIMIM leader, following a complaint lodged by a woman advocate on Friday evening.

Taking strongly about the incident, the Karnataka Home minister Basavaraj Bommai had directed the Kalaburagi city police commissioner to submit a report on the incident.

It may be recalled that the AIMIM leader, in his speech at a rally held in the city on February 15 had said that if all the 15 crore minority populations in the country stand united they could take on 100 crore Hindu population.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
February 11,2020

Thiruvananthapuram, Feb 11: In a unique form of protest against the Citizenship Amendment Act (CAA), a bridegroom in Kerala, Haja Hussain, came for his wedding ceremony riding on a camel holding an anti-Citizenship Amendment Act (CAA) poster in his hands, on the outskirts of the capital city on Monday.

Accompanied by a large crowd mostly comprising his friends and relatives, Hussain carried a placard which read "Reject CAA, Boycott NRC and NPR" as he arrived at the wedding hall in Vazhimukku, about 20 km from Thiruvananthapuram, on a camel back.

Haja Hussain said that he chose to do this to express his protest against the CAA.

"Along with the ' mahr' (the custom where the groom hands over gold or money to the bride), I also gave a copy of the Constitution. CAA should be rejected," said Haja Hussain, who is a local businessman.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.