The Free Software Movement of India (FSMI) has expressed serious concerns on the safety of users’ Aadhaar data. The association has written a letter to the Unique Identification Authority of India (UIDAI) on YouTube videos that demonstrate methods to bypass security layers in Aadhaar enrolment.
“There are WhatsApp messages circulating about a patched version of the Enrollment Client Management Platform (ECMP) software used for offline Aadhaar enrolment. This can potentially be used to bypass geo-location and bio-metrics, and also change the mapping between personal data of Aadhaar holders and their biometric data,” the FSMI has said in the letter.
It wanted to know what are the steps the UIDAI is taking to make the Aadhaar system safe, as the security problems seem to emanate from inherent design flaws in the Client Server architecture of Aadhaar.
There are also many videos uploaded to YouTube too were available that show how to use a software patch to the ECMP software can help bypass geo-location and biometric security protection.
“These videos claim that new Aadhaar enrollments can be made without any verification and that personal information pertaining to existing Aadhaar numbers can be changed, bypassing any security checks including OTPs (one-time passwords) and bio-metric verification.
“If this is true, then it is a matter of very serious concern as it endangers the sanctity of the entire Aadhaar database. We would like to know whether UIDAI authority has carried out any examination of these claims, and if there is any merit to these claims regarding the security of the Aadhaar enrolment software being compromised,” the FSMI said.
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.