1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 14,2024

srirang.jpg

Bengaluru: The Prime Minister Narendra Modi led union government has requested the Karnataka High Court to direct the Mandya district administration and the state government to clear a madrasa operating within the premises of the historic Jama Masjid in Srirangapatna.

The Waqf Board, opposing this move, has claimed the mosque as its property and defended the right to conduct madrasa activities there.

The matter was brought before a division bench headed by Chief Justice N V Anjaria following a public interest litigation filed by a person named Abhishek Gowda from Kabbalu village in Kanakapura taluk. The petition alleged “unauthorised madrasa activities” within the mosque.

Representing the Central government, Additional Solicitor General of India for High Court of Karnataka, K Arvind Kamath argued that the Jama Masjid was designated as a protected monument in 1951, yet unauthorised madrasa operations continue there.

He noted that concerns over potential law and order issues have so far prevented any intervention. Kamath urged the court to direct the Mandya district administration to take action and vacate the madrasa from the mosque.

In defence, lawyers for the state government and the Waqf Board contested this request, stating that the Waqf Board had been recognised as the owner of the property since 1963 and, thus, conducting madrasa activities there is lawful.

After hearing both sides, the bench adjourned the case for further arguments, scheduling the next hearing for November 20.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 13,2024

evehicle.jpg

In the heart of Mangaluru, where rising air pollution is spurring public health worries, voices are calling for a greener, cleaner shift in the city’s public transport. Leading this call is APD Foundation, a Mangaluru-based environmental NGO, which has urged Forest, Ecology, and Environment Minister Eshwar Khandre to mandate electric vehicle (EV) adoption in public transport.

Abdullah A Rehman, CEO of APD Foundation, emphasized in a formal letter to the minister that Mangaluru’s public transportation system—efficient and organized with both government and private players—could transition smoothly to EVs in stages. He suggested that government-backed financial incentives, partnerships with EV manufacturers, and collaborations with environmental groups could streamline the switch.

Rehman stressed the potential of EVs to cut down emissions, enhance air quality, and reduce noise levels, noting the quieter operation of electric buses. He confirmed that a copy of his letter was submitted to the Deputy Commissioner as well.

However, Dilraj Alva from the Dakshina Kannada City Bus Association noted potential challenges, explaining that the shift might take up to two years due to infrastructure and budget hurdles. Most EV buses, he explained, are procured through aggregators, not directly by individual operators. The addition of charging stations and other essential infrastructure further complicates the transition.

Alva also raised the economic concern: while diesel buses are priced between ₹30-40 lakh, electric buses can cost up to ₹1 crore. Reflecting on recent meetings with companies, including one in Manipal, he questioned the assumption that EVs are an absolute solution to pollution. “EVs aren’t entirely eco-friendly, especially when considering battery disposal,” he cautioned.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 19,2024

mobile.jpg

Gone are the days of chaotic group chats and endless back-and-forth messaging. Say hello to seamless event planning with WhatsApp's new event feature—your ultimate tool for stress-free gatherings!

Why You’ll Love It:

No More Confusion: Create, organize, and share event details in a snap.
Streamlined Coordination: All your event logistics, neatly in one place.
Stay on Track: Friendly reminders for everyone—no excuses for missing out!

Here’s How It Works

Create an Event
Open your group chat, tap the + button, and select Event from the menu.

Add Event Details
Name your event, set the date and time, pin a location, and include a description for extra details.

Send Invites
Tap Send to instantly share the event with your group.

What Happens Next?

Effortless RSVP:
Your friends and family can respond with a single tap:

  • Going
  • Maybe
  • Can’t Go

All-in-One View:
From the date and time to the location and special instructions, every detail is beautifully organized and accessible in one spot.

Gentle Reminders:
WhatsApp sends timely nudges to keep everyone in the loop.

Make Every Occasion Special

Whether it’s a birthday bash, a weekend adventure, a family reunion, or a casual hangout, WhatsApp’s event feature ensures smooth planning and execution.

Pro Tip: Use this tool to turn chaotic planning into pure convenience.

So, what are you waiting for? Open WhatsApp, give it a try, and watch your gatherings transform from stressful to simple! 

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.