Editorial

Aadhaar apprehensions

| Updated on January 13, 2018 Published on March 02, 2017

Without a robust cybersecurity ecosystem in place, its transformative potential can be lost

Ever since the unique identification scheme, known as Aadhaar, was first introduced in 2009, naysayers have been warning of the potential danger from hackers and cyber thieves. While the wizards of this project have been downplaying these concerns, recent incidents related to the Aadhaar database point to some clear and present danger. Take for example the recent case of two bank business correspondents who are being investigated for alleged unauthorised authentication and impersonation by illegally storing biometric data. The Unique Identification Authority of India has temporarily halted all Aadhaar-based transactions by the two entities after it was discovered that one individual was found to have performed 397 biometric transactions between 14 July 2016 and 19 February 2017. Earlier, a Gurgaon-based think tank group demonstrated how the Aadhaar number can still be verified with stored biometric finger impression without the card-holder physically being present. These are not isolated incidents. The Parliamentary Standing Committee on Finance (SCoF), chaired by Yashwant Sinha, in its December 2011 report on the scheme raised several objections. One of the issues flagged in this report was the absence of a national data protection law. It is now a proven fact that connecting any strategic infrastructure to the internet makes it vulnerable to security threats, and most government systems are extremely vulnerable to hacking, data leakages and hijacking. Even some of the technologically advanced countries such as the US have not managed to make its systems foolproof. The identities of approximately 15 million US residents are used fraudulently each year with financial losses totalling upwards of $50 billion.

Undoubtedly, the Centre has noble intentions with regard to the Aadhaar card scheme. It is still largely viewed as a positive step as it has helped plug leakages by targeting subsidies. For example, the Aadhaar-linked Direct Benefit Transfer scheme for reducing leakages in LPG subsidies has been widely acknowledged as a success. While Aadhaar may be relevant at a time when the Centre is pushing digital payments and online transactions, it can only be truly effective in digital transactions only if it offers users a highly secure platform to carry out financial transactions. Aadhaar’s biometric technology can be a double-edged sword: while it has the potential to nip fraud and leakages, it is also fraught with the risk of perpetuating these. A breach of public faith in Aadhaar will jeopardise efforts to streamline India’s welfare payouts.

Therefore, it is important that the Centre ushers in a cyber security renaissance that promotes cyber hygiene and a security-centric culture. This will not only ensure the success of Aadhaar but also help facilitate other schemes under Digital India, including cashless payment applications such as the recently launched BHIM initiative. As India increasingly relies on electronic information storage and communication, it is imperative that laws around data security and information protection are quickly put in place. Otherwise, technological progress would have only provided us with more efficient tools for fraud.

Follow us on Telegram, Facebook, Twitter Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on March 02, 2017
This article is closed for comments.
Please Email the Editor