FB pixel

Indian govt’s insistence that Aadhaar is secure rings hollow in wake of breaches

Indian govt’s insistence that Aadhaar is secure rings hollow in wake of breaches
 

India is bleeding biometric information, with new data breaches giving credence to a recent report by the credit rating agency Moody’s warning that Aadhaar’s centralized biometric digital ID system has privacy and security vulnerabilities.

A piece in Security Affairs reports that earlier this month, the cybersecurity firm Resecurity found hundreds of millions of records containing personally identifiable information (PII) for sale on the dark web. Aadhaar cards were among the data on offer.

Also in October, the PII of applicants to a program for young filmmakers at the International Film Festival of India was exposed on a government website for the event. The Deccan Herald reports that the Times of India was able to access a parent directory that contained the Aadhaar IDs, PAN cards and other PII of more than 100 people who applied through the National Film Development Corporation (NFDC).

Furthermore, as reported in The Hindu, a police raid on a brothel in Bengaluru found that sex workers had been given fake Aadhaar cards, and prompted an investigation into wider production of fake government IDs, voter cards and other documents.

And finally, there is the now-resolved case of fingerprint biometrics, digital ID numbers, identity documents, photographs and images submitted to Aadhaar being exposed by the West Bengal state government website.

The Indian government has shown little interest in taking responsibility for any security lapses. In response to Moody’s claims that Aadhaar’s fingerprint biometrics system is unreliable in humid climatic conditions and problematic for manual laborers, and that the centralized data management system gives users no control over their data, the Ministry of Electronics and IT published a scathing retort boldly arguing that no data breaches have been recorded and calling Aadhaar “the most trusted digital ID in the world.”

“The Moody’s report ignores that biometric submission is also possible through contactless means like face authentication and iris authentication,” the statement reads. In the case of the film festival, an unnamed government source told the Times of India that the Creative Minds of Tomorrow portal had been outsourced by NFDC to a separate web development agency, which bears responsibility for the breach. And an earlier claim about a breach on CoWIN was dismissed as mischief.

Aadhaar digital IDs use core biometric markers of 10 fingerprints and two iris scans. The ID is linked to a wide array of government services, and plans are underway to link voter registration to Aadhaar.

A recent IBM Security report pegged the average cost of a data breach in India at 179 million rupees (around US$2.1 million), a 28 percent increase from 2020.

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

BorderAge promises 100% anonymous age assurance with hand gesture modality

Imagine a magician who waves their hands not to conjure a white rabbit, but to provide age assurance without collecting…

 

euCONSENT’s tokenized age verification set for PoC at upcoming age assurance summit

The European Union has its own ideas about how age assurance should be carried out for restricted online services, and…

 

Humanity Protocol launches Humanity Foundation ahead of ‘big moves’

Humanity Protocol, one of the emergent contenders in the market for proof of personhood (PoP), has announced the launch of…

 

J.P. Morgan adds 2 biometric authentication terminals to payments ecosystem

J.P. Morgan Payments (JPM) has announced the release of two new proprietary biometric payments terminals for retail, restaurant and entertainment…

 

Prove acquires reusable digital ID verification firm Portabl

A post on Prove’s blog says the acquisition of digital ID startup Portabl “will enable Prove to enhance its industry-leading…

 

Socure: Nation-state fraud ramping up in 2025

Socure, a leading digital identity verification platform, believes 2025 will be the breakout year for digital identity verification in the…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

DIGITAL ID for ALL NEWS

Featured Company

ID for ALL FEATURE REPORTS

BIOMETRICS WHITE PAPERS

BIOMETRICS EVENTS

EXPLAINING BIOMETRICS