NADRA rejects biometric database hacking allegation, seeks explanation

The National Database and Registration Authority of Pakistan (NADRA) has strongly rejected claims by an official of the country’s Federal Investigation Agency (FIA) that its biometric database has been compromised, giving room for the existence of illegal SIM cards.

According to a report by Dawn, the FIA official had made the claim to a parliamentary panel, but later tried to rescind it.

The remark sparked an immediate rebuttal from NADRA officials who said their database has been designed with a multi-layer security system which makes hacking impossible.

Dawn quotes an unnamed senior NADRA official as saying their database has not been compromised as it is secured against unauthorized access of its databases or citizen ID data.

The official added that NADRA rejects what he described as an irresponsible statement from a senior FIA official especially at a time when the institution is trying to re-establish itself as one of the leading digital ID systems in the world.

“(M)ulti-layered control mechanisms and well-defined policies and practices have been implemented for the security and protection of all data that NADRA stores by taking all preventive measures. These baseless insinuations carry unintended consequences, including reputational damage to the organisation servicing foreign governments and clients as the leading system integrator,” the NADRA official told Dawn.

The official further explained the security measures taken to make NADRA’s databases and system safe. This, he said, includes the implementation of a privacy-by-design-and-security-by-default (PbD & SbD) approach and the deployment of four control systems to ensure data privacy and security, the report mentions.

“NADRA uses the Defence in Depth (DiD) multi-layered approach to cyber security in which a series of defensive mechanisms are layered to protect citizens’ data and information. If one mechanism fails, another steps up immediately to thwart an attack,” the official explained.

NADRA chairman Tariq Malik was also quoted as saying the database hacking remarks were only intended to create chaos and mistrust.

Body created to review NADRA issues

Meanwhile, in the wake of these allegations against NADRA, Prime Minister Imran Khan has put in place a body to look into some of the issues affecting the institution, writes The Express Tribune.

The coordination committee, led by the National Assembly deputy Speaker Qasim Khan Suri, and which includes six other members of the National Assembly, will among other things examine issues raised by parliamentarians concerning NADRA.

Among the concerns raised is the proliferation of illegal SIM cards.

Pakistan’s FIA also recently reported the arrest of two men accused of being involved in activating SIM cards using fake fingerprint biometrics.

Article Topics

biometric database  |  biometrics  |  cybersecurity  |  data protection  |  digital identity  |  identity management  |  NADRA  |  national ID  |  Pakistan