1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 26,2024

cmibrahim.jpg

Former minister and ex-MLC C M Ibrahim claimed that he still heads the original JD(S) and asked former prime minister and party supremo H D Deve Gowda to cut ties with the BJP, so that the party can be strengthened again. He also said options are being explored to either strengthen the JD(S) or to float a new regional party.

He was speaking to media persons, in Mysuru, on Monday, after meeting JD(S) MLA and former minister G T Deve Gowda, who has expressed his displeasure that he has been sidelined in the party and the party leaders have indicated his retirement from politics.

He stated, “If Deve Gowda had joined the Congress, during the last Assembly election, he would have been a minister now. We retained him in the JD(S), to strengthen the party. Now, efforts are being made to strangulate Deve Gowda’s political career. I have discussed all matters with Deve Gowda. In two days, I will start a Karnataka state tour and meet some leaders. After that, I will meet Deve Gowda again, and then decide on the further course of action.”

Ibrahim said, “The original JD(S) is ours. I am still its state president. All documents and accounts are in our name. Even now, if Deve Gowda leaves BJP’s company and returns, we will build the JD(S) again”.

“Union Minister H D Kumaraswamy should mend his ways and stop making JD(S) into a family-owned company. The JD(S)’s situation has become hopeless. Its love for the BJP is over. He should understand this,” he said.

“When I was with Kumaraswamy, he spent just Rs 4 crore in Channapatna and won by 20,000 votes. Now, without me, he spent Rs 150 crore and still lost by 25,000 votes. Without Muslims’ support, the JD(S) cannot win a single seat. Now, it is proved that 19 MLAs of the JD(S) won in 2023, because of Muslims,” he added.

Speaking on other options available, Ibrahim said, “We have not yet decided to go with the Congress. We are only considering to establish a third front. Whether it is founding a new regional party, forming a third front, or strengthening the JD(S), will be decided shortly.”

Earlier during the day, before meeting Deve Gowda, Ibrahim had said, that 12 to 13 JD(S) MLAs were dissatisfied with the party, but like Deve Gowda, were enduring pain.

“Now, I have started the task of uniting them. I as the JD(S) state president, it is my responsibility to address our MLAs’ grievances. At present, the JD(S) is on fire and all JD(S) MLAs want to protect their respective constituency. Hence, they have started speaking one by one,” he said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 27,2024

Mangaluru: A five-year-long pursuit of justice continues for several youths from Dakshina Kannada who fell victim to a fraudulent food delivery job scam in Kuwait. The victims, lured by promises of lucrative overseas employment, now find themselves entangled in legal battles and financial ruin.

In a recent development, the Enforcement Directorate (ED) summoned the victims to its Mangaluru office as part of the ongoing investigation. The case, which dates back to May 28, 2019, was initially registered at the Mangaluru North police station based on a complaint filed by Usman, a resident of Jalligudde. His brother, Aboobakkar Siddique, was among the 34 victims duped by Manikya Associates, a recruitment agency operated by Prasad Shetty.

According to the complaint, the victims were promised jobs as food delivery executives in Kuwait with a salary of ₹40,000 per month. “I paid ₹80,000 to the agent and ended up spending seven harrowing months in Kuwait without any salary,” shared a victim who now works in construction. Another victim, now employed as a driver, said, “I dreamt of working abroad to support my family. I even pledged jewelry to pay the fees, but it took me years to recover financially.”

The victims allege that they were left stranded in Kuwait in January 2019 after completing all formalities. With no jobs and mounting expenses, their ordeal lasted seven months. They were eventually repatriated with the help of Indian expats and the Embassy of India in Kuwait, just two months after the complaint was filed.

The ED investigation is reportedly progressing, and victims said they were assured that their payments to the agent would be refunded soon. An ED official confirmed that efforts to ensure justice are ongoing.

For these youths, the pain of shattered dreams and financial losses has lingered for years, with many still struggling to rebuild their lives. As they await justice, their plight serves as a cautionary tale about the perils of fraudulent recruitment schemes.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 14,2024

Bengaluru: Karnataka Deputy Chief Minister D K Shivakumar on Thursday backed Chief Minister Siddaramaiah over his claim that the BJP had offered Rs 50 crore each to 50 Congress MLAs in an attempt to "topple" the state government.

Addressing reporters here, Shivakumar, also the Congress state president, said, “The BJP indeed lured 50 Congress MLAs with Rs 50 crore each.”

He defended Siddaramaiah’s statement and said the Congress MLAs were briefed about the BJP’s alleged 'Operation Lotus', a term used to describe the BJP's attempts to destabilise ruling governments through horse-trading.

“Some of our MLAs informed the Chief Minister about this matter, and he, in turn, shared it with the media,” Shivakumar said.

At an event in Mysuru, Siddaramaiah reiterated the claim that "none of the Congress MLAs had accepted the offer".

He also accused the BJP of filing false cases against him in a bid to "remove him and overthrow his government".

The BJP has yet to respond to the allegations.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.