UIDAI refuses disclosure on liveness project as Indian police crack down on cybercrime

The Unique Identification Authority of India (UIDAI) has declined to answer inquiries regarding its recent efforts to combat Aadhaar-based frauds, claiming confidentiality.

The news comes from a Medianama report, which also mentions the partnership UIDAI entered with IIT-Bombay in April to develop a touchless biometric capture system for fingerprint authentication.

The collaboration aims to build a mobile capture system with a “liveness model” to detect spoofed fingerprints among genuine ones. In other words, the biometric authentication mechanism is a measure against the cloning of Aadhaar-linked fingerprints.

When MediaNama requested information through a Right to Information (RTI) application, UIDAI reportedly refused to provide any details, citing Section 8(1)(d) of the Right to Information Act:

“[Notwithstanding anything contained in this Act, there shall be no obligation to give any citizen] information including commercial confidence, trade secrets or intellectual property, the disclosure of which would harm the competitive position of a third party, unless the competent authority is satisfied that larger public interest warrants the disclosure of such information,” reads the legislation.

In particular, the publication said it sought non-confidential information and project details, including a copy of the tender, which is typically a publicly available document.

The lack of response raises questions about whether a tender was issued to develop the new system and if the UIDAI possesses any official non-confidential documents outlining the research project’s objectives, MediaNama argues.

Police bust Aadhaar-based cybercrime in Nellore

In adjacent news, a significant financial fraud involving the misuse of Aadhaar-enabled Payment Services (AePS) has been exposed by the police in the Nellore district in the Indian state of Andhra Pradesh.

The Hindu, which reported the news, said ten individuals were arrested, and a sum of 5.125 million Indian rupees (roughly US$62,477) was recovered.

The suspects reportedly exploited biometric POS devices to siphon money from unsuspecting bank customers without two-factor authentication. This caused the victims to remain unaware of the fraudulent transactions as they did not receive any notification on their linked mobile phones.

The Nellore Superintendent of Police, K. Tirumaleswara Reddy, emphasized the importance of locking Aadhaar biometrics and advised regular bank balance checks. The investigation continues to uncover any additional involvement in the criminal network.

The arrests follow a statement by Indian Parliament member John Brittas warning about rising Aadhaar payment fraud earlier this month.

Article Topics

Aadhaar  |  biometric liveness detection  |  biometrics  |  cybersecurity  |  fraud prevention  |  India  |  payments  |  UIDAI