FB pixel

Digi Yatra sidelines legacy facial recognition app maker amid data breach rumors

Digi Yatra sidelines legacy facial recognition app maker amid data breach rumors
 

India’s airport facial recognition program Digi Yatra is courting controversy again after an app update and accusations that passengers’ personal data has been breached, The Hindu reports. The allegations implicate DataEvolve, which made a previous version of the app.

An app made by the same company was used by Andhra Pradesh police from 2019 until 2023, when it was abandoned due to allegations of fraud.

The Digi Yatra Foundation released a public statement on March 27 telling users to uninstall the old version of the app, install the new version and re-register their account.

“CEO of Digi Yatra Foundation also confirmed that DataEvolve has been completely removed from Digi Yatra ecosystem,” the Foundation said at the time. “No one has any access to any personal data of DY users including Digi Yatra Foundation.”

A representative of the Civil Aviation Ministry had told lawmakers in January that “all data is stored in mobile of passenger,” according to the Hindu.

Since the March 27 statement, Foundation CEO Suresh Khadakbhavi told PTI “It is only in the phone of the user that the data is residing, and it is in the control of the passenger himself or herself.”

“Only the billing account and management was by DataEvolve,” Khadakbhavi added.

As of last week the Foundation says: “There is no association of Digi Yatra with DataEvolve,” reports WION.

But the Hindu also reports that an X (also known as Twitter) user alleges the legacy Digi Yatra app was transmitting passenger data to an API endpoint on AWS servers operated by DataEvolve. The new app is communicating with the Digi Yatra Foundation, the user claims.

A Digi Yatra user tells the publication he was contacted by a coworker at IDFC Bank that the app had been compromised.

An app from DataEvolve was used for traffic fines in Andhra Pradesh until an official spotted a discrepancy between the money collected and deposited.

The confusion and history provide ample opening for digital rights advocacy groups. The Internet Freedom Foundation suggests that Digi Yatra “has repeatedly failed to make disclosures about its data storage, processing and sharing practices, nor has ever published the data security audits it purportedly undertakes.” The group argues that DataEvolve was not an appropriate contractor for the project, and urges Indians to abandon the program.

Access Now suggested the ownership structure of the company running the Digi Yatra program is problematic, Outlook reports, with the Airport Authority of India owning only 26 percent, while five Indian airports control it.

Digi Yatra has been beset with criticism recently relating to both security breaches and data privacy concerns.

Related Posts

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics upgrades arriving at borders (but check the schedule for updates)

New biometric technology is coming to borders in Europe and the UK, but as reflected in several of Biometric Update’s…

 

What is the killer app for verifiable credentials? Daon, Dock and Youverse discuss

Industries such as financial services, healthcare, transport, government and more are increasingly adopting digital verifiable credentials connected to biometrics. Their…

 

Veteran biometrics leaders join FaceTec, Credence, ID.me adds ex-Meta exec

The latest round of appointments in the biometrics and identity management sector includes a former leader of federal government sales…

 

EU announces phased approach for EES

The European Union has proposed a progressive introduction of its biometric traveler registration scheme, the Entry-Exit System (EES). On Wednesday,…

 

Drowsy drivers to get AI-assisted safety prompts

Fatigued drivers are one of the most common hazards on the road, but sleepy-heads on commercial wheels are to get…

 

Chameleon AI masks faces from scraping while preserving image quality

If the first wave of the current AI deluge created complicated challenges, the second wave has often been about using…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events