FB pixel

Lax security, procurement alleged behind Indian police facial recognition app breach

| Chris Burt
Categories Biometrics News  |  Facial Recognition  |  Law Enforcement
Lax security, procurement alleged behind Indian police facial recognition app breach
 

A biometric data breach from a police system in Telangana, India that may have exposed the facial images of an unknown number of criminal suspects and police officers has been reported.

Police information-sharing app TSCOP, which includes a facial recognition capability, and HawkEye, an app for the public to report crimes to the police with, have both been breached, according to the reports. The apps were poorly protected, including with passwords visible in plain-text within TSCOP. The Telangana police SMS service portal was also recently breached.

Worse, The News Minute reports that Telangana police have been using the national network of police databases, the Crime and Criminal Tracking Network and Systems (CCTNS), to gather data from departments all over the country. It did not implement access control measures to protect this information, the publication claims.

News Minute suggests that the police contracted the app without the appropriate checks and balances.

A Telangana police representative denied “certain related media reports that appeared in newspapers” about breached hotel visitor data from TSCOP, the Deccan Chronicle reports.

Hyderabad, Telangana paper The Siasat Daily reviewed the data for sale on a popular forum for selling breached data, where Telangana’s police data was offered for $150. It found details of criminal records and police officials, including images, along with names and contact details for 200,000 HawkEye users. Aadhaar data that the Telangana police should not have had possession of was also included, according to the report.

Police have arrested a 20-year-old student they say is responsible, the Chronicle reports.

The procurement of an upgraded multi-biometric recognition system by Telangana police was carried out in an unusually short process in March, and the push by Indian police to adopt facial recognition in other states has come with data breaches and attendant criticism.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Canada regulator backs privacy-preserving age assurance

The Office of the Privacy Commissioner of Canada (OPC) has published a policy note and guidance documents pertaining to age…

 

FCC seeks comment on KYC revision for commercial phone calls

The U.S. Federal Communications Commission (FCC) has proposed stronger KYC requirements for voice service providers to prevent scams and illegal…

 

Deepfake detection upgrade for Sumsub highlights continuous self-improvement

Sumsub has launched an upgrade to its deepfake detection product with instant online self-learning updates to address rapidly evolving fraud…

 

Metalenz debuts under-display camera for payment-grade face authentication

Unlocking a smartphone with your face used to require a camera placed in a notch or a punch hole in…

 

UK regulators pan patchwork policy for law enforcement facial recognition

The UK’s two Biometrics Commissioners shared cautionary observations about the use of facial recognition in law enforcement over the weekend…

 

IDV spending to hit $29B by 2030 as DPI projects scale: Juniper Research

Spending on digital identity verification (IDV) technology is projected to reach a 55 percent growth rate between now and 2030,…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events