1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 27,2024

DKrailminister.jpg

Mangaluru: Dakshina Kannada MP Captain Brijesh Chowta recently met with Union Minister for Railways Ashwini Vaishnav to discuss urgent concerns regarding the region's railway infrastructure development. Key issues raised during the meeting included the long-pending Mangaluru-Bengaluru connectivity, the Shiradi Ghat stretch, and other vital railway concerns impacting the region.

In addition to discussing these issues, Captain Chowta submitted a letter requesting the Union Minister's intervention and support. The letter emphasized the need to merge Konkan Railway with Indian Railways and called for the doubling of railway tracks between Bengaluru and Mangaluru, which would significantly improve rail connectivity between the state capital and Mangaluru.

Further, Captain Chowta raised concerns about enhancing passenger facilities along the region's rail routes, particularly the need for better services between Subrahmanya and Mangaluru.

To bring more attention to these pressing issues, Captain Chowta took to social media, urging the state government’s support. In a tweet on his official X handle, he requested Chief Minister Siddaramaiah to expedite the resolution of these concerns. “In this direction, I request our Karnataka government led by CM Shri @siddaramaiah to kindly provide the necessary state support for the swift redressal of various concerns pertaining to both Konkan Railways as well as HMRDC to ease movement of both people and cargo in this important stretch between Mangalore and Bangalore,” he posted.

The meeting with the Union Minister was attended by Bengaluru Rural MP Dr. CN Manjunath, Udupi-Chikmagalur MP Kota Srinivas Poojary, and Uttara Karnataka MP Vishweshwara Hegde Kageri, all of whom supported the discussion on enhancing railway infrastructure in the region.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 28,2024

rahul.jpg

Mangaluru, Nov 28: In a major breakthrough, police have arrested Rahul, alias Bol Karmaveer Eshwar Jat, a Haryana native, for a brutal train murder committed on October 25. Rahul, a notorious interstate serial offender, was apprehended after a relentless investigation involving multiple state police forces.

The October 25 incident occurred during a train journey when Rahul got into an argument over a cigarette with Mauzzam, a resident of Chikkaballapur. The altercation escalated, leading to Rahul strangling Mauzzam to death. He fled the scene with the victim’s mobile phone, bag, and cash.

Muazzan worked as a sales representative and was differently-abled. He boarded the train on October 24 from Yesvantpur and occupied the Divyang Coach. The incident came to light on the morning of October 25 at Udupi, where a railway guard found Muazzam unresponsive. The railway police immediately rushed him to the hospital, but doctors declared him dead.

Accused Rahul was tracked down through an exhaustive review of over 2,000 CCTV recordings by police teams from Valsad, Vapi, Surat, and Udvada. His identity was eventually confirmed by a vigilant officer from Surat Central Jail, leading to his capture in a joint operation by Railway and Surat police.

Rahul’s criminal record reveals a trail of horrifying offenses across Gujarat, Karnataka, Maharashtra, Telangana, Haryana, and West Bengal. Among these are the rape of a mentally ill minor girl in Pune and the rape and murder of a 19-year-old woman near Udvada railway station in Gujarat's Vapi district. Despite being arrested in the past, Rahul resumed his crimes after securing bail.

On November 19, he allegedly stabbed a 60-year-old man to death aboard the Katihar Express in West Bengal, with a case registered at the Howrah police station. In Telangana, he confessed to murdering a woman in yet another shocking crime.

Public Advisory:

  • Stay vigilant when traveling on trains, especially during late hours.
  • Report suspicious individuals or activities to railway authorities immediately.
  • Ensure your personal belongings are secure while traveling.
  • This arrest brings a sense of relief, but the investigations continue as authorities piece together the full extent of Rahul’s crimes.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.