UIDAI On the Defensive Again Amid Aadhaar Fraud Claims

“This isn’t the first time the UIDAI has sought to publicly defend itself against allegations that it is mishandling or not adequately securing the Aadhaar database, which is now used to authenticate Indian citizens across a wide range of scenarios.”

The Unique Identification Authority of India is once again defending its administration of the country’s Aadhaar biometric ID program in the wake of alleged security flaws.UIDAI On the Defensive Again Amid Aadhaar Fraud Claims

In a press release, the agency says it “completely dismisses” reports of Aadhaar’s enrollment software having been tampered with and sold on the black market, leading to the production of fraudulent Aadhaar cards. In so doing, the UIDAI insisted that it adheres to a “stringent enrolment and updation [sic] process” in which the fingerprint and iris biometrics uploaded to the system are matched against all other stored templates, ensuring that there is no way that an administrator could enroll their own biometrics as the credentials for a fraudulent Aadhaar identity.

UIDAI added that other checks are also in place, such as verifying the enrollment machine; and that in cases where fraudulent Aadhaar creation has been attempted, “[t]he concerned enrolment machines and the operators are identified, blocked and blacklisted permanently from [the] UIDAI system,” adding that complaints are also made to police authorities where appropriate.

This isn’t the first time the UIDAI has sought to publicly defend itself against allegations that it is mishandling or not adequately securing the Aadhaar database, which is now used to authenticate Indian citizens across a wide range of scenarios. For example, last November, the agency tried to reassure citizens that the online publication of Aadhaar information on more than 200 government websites was a “proactive disclosure” on the part of government authorities, and not the leak it was widely perceived to be. In its latest defense concerning its protocols for Aadhaar operators, the agency says that so far over 50,000 operators have been “blacklisted”, a claim meant to demonstrate the organization’s “zero tolerance” approach, but which also points to what looks like a substantial problem in Aadhaar ID issuance.

May 7, 2018 – by Alex Perala