1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 28,2024

Udupi: A 53-year-old woman fell victim to a sophisticated online fraud, losing ₹19.7 lakh to scammers posing as officials from telecom companies and the police.

According to the complaint filed by Vidya, the incident began on October 4 when she received a call from an individual claiming to be from Airtel. The caller alleged that a SIM card linked to her Aadhaar was being misused in Mumbai for spam and fraudulent activities. They warned her that all her mobile numbers could be blocked and connected her to a supposed "Sahara police station."

A man identifying himself as Mohan Kumar, an "investigation officer" from the Sahara police station, then contacted Vidya. He alleged that a fraudulent bank account had been opened in her name at an SBI branch in Mumbai. This account, he claimed, was being used for human trafficking and money laundering activities by someone named Vivek Das. He insisted that all her bank accounts needed to be reviewed.

On October 5, the scam escalated when Kumar, posing as a police officer, threatened Vidya with arrest and warned her not to leave her location without his permission. He demanded that she transfer funds from her accounts to specific UPI IDs and bank accounts under the pretext of "reviewing" her finances. Fearing legal consequences, Vidya complied and transferred ₹19.7 lakh in installments between October 16 and November 7.

The fraud came to light only after she realized she had been deceived. A case has been registered at the CEN (Cyber, Economic, and Narcotics) police station, and an investigation is underway.

Public Warning:

  • Beware of unsolicited calls claiming to be from telecom companies, banks, or police stations.
  • Never share sensitive personal or banking details over the phone.
  • Always verify the identity of callers through official channels before taking any action.
  • If in doubt, contact your local police or cybercrime cell immediately.
  • Stay vigilant to avoid falling prey to such scams!

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 22,2024

bjpprotest.jpg

Bengaluru, Nov 22: For the second day running, the Karnataka BJP on Friday staged a statewide protest condemning the government’s alleged move to notify land of farmers as Waqf property.

The BJP staged a protest before the offices of Deputy Commissioners at district headquarters.

The BJP leaders are vehemently demanding that the state government cancel a 1974 Gazette notification in this regard.

The agitators are also demanding scrapping of the Waqf Board and the resignation of Chief Minister Siddaramaiah and Minister for Waqf and Housing Zameer Ahmad Khan.

The BJP MLAs, MLCs, MPs gathered in the premises of Freedom Park and staged a protest under the leadership of Leader of Opposition R. Ashoka and slammed the state government.

MLA T.S. Srivatsa led the protest in Mysuru and hundreds of party workers and farmers staged the protest under the leadership of former MP Pratap Simha in Kodagu.

Former MP Sumalatha Ambareesh led the agitation in Mandya.

This was the first time that Sumalatha took part in the party’s programme after the Lok Sabha elections.

State President B.Y. Vijayendra claimed, “The Congress government in Karnataka is issuing notices to farmers claiming the ownership of their lands to the Waqf Board and pushing them on the streets overnight.”

In the first week of December, three teams formed by the BJP will travel across the state and record the grievances of farmers.

“The state government is attempting to snatch away the lands belonging to temples as well,” Vijayendra alleged and added that the teams would comprise all senior leaders of the BJP.

Meanwhile, the police have taken Sri Ram Sena chief Pramod Muthalik into custody while staging a protest march to the office of Zameer Ahmad Khan in Bengaluru.

Muthalik along with Hindutva activists was planning to lay siege to Zameer’s office over the Waqf row.

The police stopped Muthalik and requested him to submit the memorandum by reaching the minister’s office in a vehicle. However, Muthalik refused to go with the police and continued his footmarch. The police took him into custody following arguments.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 26,2024

DevegowdaHDK.jpg

Bengaluru: The Janata Dal (Secular) is grappling with its most tumultuous political crisis yet, with speculation rife about imminent defections among its lawmakers. This storm comes in the aftermath of party scion Nikhil Kumaraswamy's humiliating defeat in the Channapatna bypoll—his third consecutive electoral loss after setbacks in Mandya (2019) and Ramanagara (2023). With the regional party’s Assembly tally shrinking to 18 from 19, questions are being raised about its survival.

The murmurs of rebellion were amplified on Monday when Health Minister Dinesh Gundu Rao and Congress MLA CP Yogeshwar openly hinted at possible desertions within the JD(S) ranks. Yogeshwar, newly elected from Channapatna, declared he could orchestrate a migration of JD(S) MLAs to Congress. “I’ll meet them at the Belagavi session. Within a month, they’ll be in Congress,” he confidently stated during a televised interview. Yogeshwar has a history of engineering defections, having played a pivotal role in the collapse of the JD(S)-Congress coalition government in 2019 during his stint with the BJP.

Dinesh Gundu Rao, not mincing words, slammed the JD(S) leadership for fostering "self-serving politics," criticizing the HD Deve Gowda family for failing to nurture party talent. “There’s no trust. Their MLAs will seek survival—either in BJP or Congress,” he remarked.

Meanwhile, the expelled JD(S) state president CM Ibrahim added fuel to the fire by claiming that 12-13 MLAs are "disillusioned" with the current leadership. Speculations around senior JD(S) leader GT Deve Gowda joining Congress have also intensified. DK Shivakumar, Karnataka’s Deputy CM and Congress president, described GT Deve Gowda as a “valuable leader” who might be frustrated with the party’s internal dynamics.

While Congress leaders seem eager to poach JD(S) legislators, the BJP is not far behind in targeting the floundering party. The situation signals a decisive moment for the JD(S), as its survival now hinges on how it manages this brewing storm of discontent.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.