FB pixel

Online publication of Aadhaar info not a security breach, UIDAI says

 

Media reports suggesting sensitive Aadhaar data has been breached are an inaccurate representation of fact, the Unique Identification Authority of India (UIDAI) said in a statement issued Monday by India’s Ministry of Electronics and IT.

Numerous media outlets reported last week that approximately 210 government websites had published personal information related to Aadhaar registrants, following a proactive disclosure by UIDAI under the RTI (Right to Information) Act. While the details were published, UIDAI says the data is public information, and no breach of Aadhaar databases had occurred.

Government departments and ministries were immediately directed to remove the data from the websites, and steps were taken to ensure the incident is not repeated, according to the statement, but no biometric information was shared, and the encrypted biometric data collected by the Aadhaar program remains secure.

UIDAI reiterated that Aadhaar is not a secret number, that it is intended to be shared with authorized agencies in order to use their services, and that it cannot be used without the associated biometrics.

“(M)ere availability of Aadhaar number will not be a security threat or will not lead to financial/other fraud, as for a successful authentication fingerprint or iris of individual is also required. Further all authentications happen in presence of personnel of respective service provider which further add to the security of the system,” the UIDAI said.

As previously reported, the Aadhaar program is said to have helped save the Indian government $9 billion. Some elements of the program remain controversial, however, as India’s Supreme Court has been petitioned to block its association with bank accounts on grounds that the link violates user privacy rights.

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

Municipal ID programs offer ID to undocumented people, and ICE wants their data

Amid the ongoing collapse of democratic norms in the U.S., it is easy to miss a nightmare scenario unfolding for…

 

Unissey levels-up biometric injection attack detection certification

Unissey’s face biometrics have been certified to substantial-level compliance with the European biometric injection attack detection (IAD) standard. Injection attacks…

 

Hey babe, check out my regulations: porn star, VerifyMy spice up UK Online Safety Act

It’s one thing when Christian moralists lobby for age assurance laws – but another thing entirely when the voices are…

 

Regula launches dedicated biometric morph attack detector

A new face morphing detector has been unveiled by Regula to defend against the significant security threat of passports and…

 

UK regulator fines 23andMe over massive genetic data breach

The U.K. Information Commissioner’s Office (ICO) has fined U.S.-based 23andMe £2.31 million for serious security failures that resulted in a…

 

Tonga reveals MOSIP and VS One World foundations of DPI success

Tonga launched its TongaPass digital ID and digital government portal this month. The government is now ramping up registration as…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events