- With Aadhaar, all of us have given our fingerprints and iris scans to the government.
- This clearly gives an individual a ‘unique’ identity.
- Aadhaar will become the primary identity of any person in India in near future.
More than 90% of the population have enrolled for an Aadhaar Card. That’s HUGE!
Till now, UIDAI has done more than 500 crore of authentications, more than 100 crore of Aadhaar based e-KYC for various purposes, for opening bank accounts, for getting SIM cards, etc. Your Aadhaar information is with many banks/ government agencies/ vendors/ businesses.
But what if the details of our Aadhaar get leaked? In the recent past, there have been several cases of UID data being compromised with. While the government has constantly denied any such possibility, The New Indian Express published on Friday a report on how the NDA government has acknowledged that the personal identities of individuals, including Aadhaar number and other sensitive information, have been leaked to the public domain.
A letter written by the Ministry of Electronics and Information Technology, which The Express claims to have accessed, confirms that data, which the government has been cautiously guarding, has been leaked online. “There have been instances wherein personal identity or information of residents, including Aadhaar number and demographic information, and other sensitive personal data such as bank account details etc. collected by various Ministries/Departments has been reportedly published online and is accessible through an easy online search”, as written by Archana Dureja, a scientist in the Ministry of Electronics and Information Technology, on March 25.
Many 3rd parties (neither UIDAI/Govt officials nor designated to keep aadhaar information with consent) are creating private database with aadhaar information and interlinking identity with other sources. E.g.: If a company combines aadhaar information with e-commerce transactions, it can provide a very detailed profile of an individual. Aadhaar makes it easier to compare and combine diverse databases.
Some of the threats which may occur due to Aadhaar are:
1. The Aadhaar India project is to be accomplished by private companies. Foreign companies may also be included in it. Hence individual data of people will not be safe.
2. Centralization of data will create various problems to the government and people.
3. Personal details of person will become too easy to find. Hence this will be unsafe in terms of privacy.
4. If this is used for bank transaction or ATM cum Debit cum Credit cards, it will make easier for bad people of society to misuse them.
How secure is the Indian Government’s Aadhaar database?
This is the Government’s version:
The UIDAI has established two large-scale data centers to ensure complete security of data and applications, and it regularly conducts audits by reputed third party agencies to keep its systems and processes up to date.
Aadhaar platform is built mostly on open source technologies, with propriety technologies being used only where necessary (so that no private contractors may sell/steal the data)
While adopting any propriety software for biometrics, the design approach followed by the UIDAI is to have multiple vendors in an architectural layer, with a payment model put in place such that the vendors are incentivized to improve quality, accuracy and speed. These vendors or their services can be replaced, if they do not meet stringent service level agreements. More than 100 different companies are involved in groundwork, so that monopoly doesn’t become an issue.
Encryption uses highest available public key cryptography encryption (PKI-2048 and AES-256) with each data record having a built-in mechanism to detect any tampering.
This is the alternative version that nails the Government’s claim:
In March 2013, a Mumbai paper reported that data collected from residents in 2011 was still lying around in cupboards in a suburb, despite the area residents repeatedly reminding the authorities to take away the information. The same state had, in 2013″, admitted the loss of personal data of about 3 lakh [300,000] applicants for Aadhaar card”, an error that sparked concerns over possible misuse of the data, not to mention the trouble of registering personal data all over again. According to the report, the data had been lost while uploading from the state information technology department to the UIDAI central server in Bangalore, Karnataka. Government officials tried to assure the public that the data was highly encrypted and could not be misused.
Just the year before, veteran journalist P. Sainath of the Hindu had highlighted this issue in a talk, saying that: “You can buy that data on the streets of Mumbai. It’s already made its way there. What sort of national security will you have when your biometric data is up for grabs all around the planet? You outsourced it to subcontractors who have subcontracted it to further people. It’s now available on the streets of Mumbai, biometric data.”
Do This Work To Prevent From UID Misuse
● Aadhaar number is important than every other thing. It mustn’t be shared with unknown people.
● Aadhaar copy shouldn’t be share with any one. Because details provided on soft copy can be changed.
● At times we leave extra copy after taking photocopies. This should be avoided. The details provided on aadhar can be misused when same copy is passed to wrong hand.
● Aadhar must not be shared with others for new mobile connection or for other related work. Sometimes, any step taken in hesitation or friendship can be overshadowed to you.
● We have the right to lock /unlock our Aadhaar.
Presently, 106 crore people have been provided with aadhar card. So every person has a unique aadhar number which contains our Name, Address, Phone Number, education qualification, along with which our bank account and PAN card details are also linked. So it’s necessary that our data is cent percent secured.
Besides, Aadhaar contains our bio-metric details, which means that our photo, finger print, IRIS detail (eye scanning) details are also fed in it.
Unique Identification Authority of India has added a new feature in it for checking or having suspect on aadhar data leakage. This feature provides us a discretion of locking and unlocking our aadhaar cards as per our choice.
Steps to take after UID Data Leakage:-
1. If you think your aadhar data can be leaked, then lock it by yourself immediately.
2. As long as aadhaar card is locked, no one will be able to read the information of your card for that time period. If a card needs to be unlocked, it can be done online only.
Hence, supporting the government’s initiative of a unique identity for every individual is necessary, provided essential steps are taken to secure and protect it, both at individual level, and authoritative level.