Biometric database of Indian police facial recognition app exposed
A police database of thousands of crime suspects from the South Indian State of Tamil Nadu was leaked online following a massive data breach of CopsEye, the facial recognition application law enforcement in the region actively used, reports Inc42.
The breach was detected by security researchers Robert Baptiste, also known as Elliot Alderson, and Oliver Hough, and announced it on Twitter.
The leaked database exposed online critical information such as mug shots, OTP codes, passwords, and information on police officers who used the software.
CopsEye is a facial recognition application developed by GeoMeo Informatics, a startup from Madurai. It is a popular criminal detection tool that has been used by Tamil Nadu police’s Madurai branch since June. AI technology and machine learning algorithms were integrated to enable police to take and store suspects’ information, which they would cross-check with criminal records.
“The photos and names are from a test set; they may not necessarily be exact matches,” said a company spokesperson in a statement. “They could be indicative names assigned to the photos to be checked later. This demo app is used to show how the product works.”
Hough alleges that the database included 7,500 images, including of 4,900 ‘wanted’ individuals, and stored images that did not match them.
The database has been removed from the internet, and the app from Google Play, according to Inc42.