Live
- Over 7,600 Syrians return from Turkiye in five days after Assad's downfall: minister
- Delhi BJP leaders stay overnight in 1,194 slum clusters
- Keerthy Suresh and Anthony Thattil Tie the Knot in a Christian Ceremony
- AAP, BJP making false promises to slum dwellers for votes: Delhi Congress
- 'Vere Level Office' Review: A Refreshing Take on Corporate Life with Humor and Heart
- Libya's oil company declares force majeure at key refinery following clashes
- Illegal Rohingyas: BJP seeks Assembly session to implement NRC in Delhi
- Philippines orders full evacuation amid possible volcanic re-eruption
- Government Prioritizes Welfare of the Poor, says Dola Sri Bala Veeranjaneyaswamy
- Two Russian oil tankers with 29 on board damaged due to bad weather
Fresh concerns after Aadhaar racket busted
Damning details related to Aadhaar card security have emerged after the Uttar Pradesh special task force arrested 10 members of a gang allegedly involved in issuing fake biometric cards, according to a report published in Mail Today.
New Delhi: Damning details related to Aadhaar card security have emerged after the Uttar Pradesh special task force arrested 10 members of a gang allegedly involved in issuing fake biometric cards, according to a report published in Mail Today.
Investigators said that the gang members had not only hacked the secure 'source code' to access the application but also cloned fingerprints of authorised issuing authorities by using gelatin gel, laser and silicon.
The exposure raises serious questions on the Centre's efforts to link its various schemes, PAN, individual bank accounts and mobile numbers with Aadhaar card, until now considered foolproof.
“The investigation has thrown up some shocking facts about the modus operandi of this gang,” Triveni Singh, additional superintendent of police, STF, told Mail Today.
“The operators made copies of the login details used by valid enrollment centres, issued by UIDAI, the nodal authority mandated to issue the 12-digit unique number. They were also able to crack and replicate the application for the retinal scanning, an ocular-based biometric technology,” he said.
Singh said the team was yet to ascertain the enormity of the operation as these members are believed to have shared or sold these codes to other centres as well. “The gang was selling clone operator fingerprint and copy of client application for Rs 5,000 to run illegal centres. During the raid, the STF seized software with fake fingerprints as well as finger and retina scanners,” he said.
Members of the investigation team said while the gang members learnt about the use of gelatin gel and latex from the internet, they suspect an insider role in the creation of the duplicate client application (software) which allowed them to bypass security measures like fingerprints and IRIS scans needed for Aadhaar enrollment.
“The clone copies were made by taking fingerprint on butter paper and later treating it with chemicals and ultraviolet rays at different temperature to create a mould using gelatin gel and latex. But the breach of high-tech application and source code is not possible without the collusion of one or more UIDAI officials,” an STF official said.
According to web security experts, the UIDAI functions on a sophisticated source code. A cyber expert explained to Mail Today: “The source code is available only with the core team. It is a collection of computer instructions or scripts on which an application is defined.
In June, after the UIDAI found the same login (fingerprints) being used at multiple places to issue Aadhaar card, they introduced latest version of their application which had added feature of IRIS scanner for operators to authenticate.”
“These gang members may have got the access to that source code and tampered the biometric authentication like fingerprints and IRIS. So now, these illegal centres had the software to login to the Aadhaar sever without using any biometric details, which is worrisome,” the web security expert added.
The STF officials said although all the 10 arrests were made from Kanpur in UP, the web of 'illegal' Aadhaar centers is spread across India and lakhs of enrollment have been done by such centres.
However, the team is yet to figure out if this loophole was sold to elements involved in making the unique ID for illegal migrants.
The task force is in the process of finding out the number of biometric details which were uploaded by the gang on the Aadhaar data pool. Many officers secretly admitted that the arrests are a major setback for the Aadhaar project.
