Having launched criminal investigation against multiple organizations for misuse of Aadhaar a couple of weeks ago, the Unique Identification Authority of India is now seeking to reassure the public that the incident did not involve a breach of the national ID program’s biometic data.
The case of misuse involved Axis Bank and its business partners Suvidhaa Infoserve and eMudhra, with the UIDAI having been alerted to the matter after discovering an unusually large number of authentication transactions through the organizations. The UIDAI has now clarified that the incident was “an isolated case ” of a single employee, and furthermore that “[t]here has been no breach to UIDAI database of Aadhaar in any manner whatsoever and personal data of individuals held by UIDAI is fully safe and secure,” according to a statement.
The organization’s statement and its actions in this case all reflect the importance of Aadhaar and its security, with the UIDAI appearing to have intended to set an example with its stern action against Axis Bank and its partners, while also seeking to ensure that the public continues to feel safe using Aadhaar. To the latter end, the UIDAI has also now indicated that it will start using “registered devices” for biometric capture, and that biometric data will be encrypted at the time of capture, an approach that should help to reassure those who did not assume such a measure was already in place. The UIDAI has also started a criminal report against the head of a socioeconomic think tank over an article that it says contained falsehoods about the vulnerability of Aadhaar data, according to a report from The Indian Express.
The UIDAI says that the Aadhaar has now been used to process over four billion authentications, and that over the past two and a half years it has saved the government 495 billion rupees, or about 7.4 billion USD.
March 6, 2017 – by Alex Perala