The Current Situation: Every Indian today is acquainted with the term Aadhaar Card. Today almost 1.2 billion people in India have this 12 digit unique identity number. This identity number that has come a long way since its inception has had its fair share of ups and down. The future doesn’t seem that smooth either. With breach news on a regular basis, it is a topic of concern for all of us. If the database of Aadhaar can be hacked then it may jeopardise the lives of 1.2 billion people. Even though time and again reports of Aadhaar database breaches have surfaced, we have been ensured that they are false reports.
Recently a French Security Analyst has been toying with the Aadhaar database to check the vulnerabilities in the system. Anything that is claimed to be 100% foolproof is definitely seen as a challenge by the experts of that field. So when UIDAI claimed to be completely safe, it was sure to pique the curiosity of many. The French Analyst with the Twitter name Elliot Alderson has shown concern that most of the data in the Aadhaar database is easily available with a simple search. The data available doesn’t only have the name, address of the enrolled person but bank details as well.
This is indeed a matter of concern as having that much of data exposed can make anyone vulnerable. This may also lead to various crimes such as identity theft, credit card theft etc. The UIDAI officials promptly replied by saying that having access to such data doesn’t give away the identity completely. The officials further stated that to confirm the identity completely the biometrics were required as well as the other details that were easily found by simple searches. The reply to this by Elliot was quite concrete. He tweeted back snapshots of biometrics that were available on various sites.
Most Recent Plight: A new flaw popped up on 17th March, 2018 and UIDAI is yet to reply back on the matter. Just by searching ‘Mera Aadhaar Meri Pehchan file type: pdf’ we can get details of random people. The details include name, date of birth, address, photograph etc. The only positive side is that the biometrics is not part of the search results.
Response by UIDAI: The fact is that even after so many proofs of flaws in security; the officials have maintained that the data is secure. On the other hand Elliot Alderson maintains the statement that he will keep digging for more flaws.
In spite of all these allegations and tug of war the UIDAI officials have been working on different methods to make the Aadhaar system more secure. They have introduced a 16- digit virtual ID. The virtual ID is said to be temporary and can only be generated by individual Aadhaar card holder. The virtual ID can be changed after a certain threshold of time.
The negative side to this is that we can’t do much to prevent any kind of breach unless we are experts in these security issues. The only thing that remains is to see how safe the data stays in the future. It may be beneficial to take as much help as possible since a hack of such crucial database can jeopardise the identity of many innocent citizens.