Live
- India Capitals appoint Ian Bell as captain for LLC season 3
- MP CM to visit Kolkata to attend Global Business Summit on Friday
- 49th All India Music & Dance Competitions Begin Today with Inaugural Ceremony
- Popular auctioneer Richard Madley to helm SA20 player auction on October 1, 2024
- President Murmu wins hearts in MP, seeks blessing of Mahakaal
- Israel puts forward new Gaza ceasefire deal: state media
- Over 100 Chakma houses & shops set on fire in B’desh, claims rights body
- MAHE Researchers Ranked Among the Top 2% Globally for 2024 in Prestigious Citation Database
- Woxsen University Secures 6th Spot in Asia-Pacific in the prestigious Bloomberg Best B-School 2024 Rankings
- Yamaha launched ‘The Call of The Blue’ Version 4.0 brand campaign for the young and dynamic customers
Fresh concerns after Aadhaar racket busted
Damning details related to Aadhaar card security have emerged after the Uttar Pradesh special task force arrested 10 members of a gang allegedly involved in issuing fake biometric cards, according to a report published in Mail Today.
New Delhi: Damning details related to Aadhaar card security have emerged after the Uttar Pradesh special task force arrested 10 members of a gang allegedly involved in issuing fake biometric cards, according to a report published in Mail Today.
Investigators said that the gang members had not only hacked the secure 'source code' to access the application but also cloned fingerprints of authorised issuing authorities by using gelatin gel, laser and silicon.
The exposure raises serious questions on the Centre's efforts to link its various schemes, PAN, individual bank accounts and mobile numbers with Aadhaar card, until now considered foolproof.
“The investigation has thrown up some shocking facts about the modus operandi of this gang,” Triveni Singh, additional superintendent of police, STF, told Mail Today.
“The operators made copies of the login details used by valid enrollment centres, issued by UIDAI, the nodal authority mandated to issue the 12-digit unique number. They were also able to crack and replicate the application for the retinal scanning, an ocular-based biometric technology,” he said.
Singh said the team was yet to ascertain the enormity of the operation as these members are believed to have shared or sold these codes to other centres as well. “The gang was selling clone operator fingerprint and copy of client application for Rs 5,000 to run illegal centres. During the raid, the STF seized software with fake fingerprints as well as finger and retina scanners,” he said.
Members of the investigation team said while the gang members learnt about the use of gelatin gel and latex from the internet, they suspect an insider role in the creation of the duplicate client application (software) which allowed them to bypass security measures like fingerprints and IRIS scans needed for Aadhaar enrollment.
“The clone copies were made by taking fingerprint on butter paper and later treating it with chemicals and ultraviolet rays at different temperature to create a mould using gelatin gel and latex. But the breach of high-tech application and source code is not possible without the collusion of one or more UIDAI officials,” an STF official said.
According to web security experts, the UIDAI functions on a sophisticated source code. A cyber expert explained to Mail Today: “The source code is available only with the core team. It is a collection of computer instructions or scripts on which an application is defined.
In June, after the UIDAI found the same login (fingerprints) being used at multiple places to issue Aadhaar card, they introduced latest version of their application which had added feature of IRIS scanner for operators to authenticate.”
“These gang members may have got the access to that source code and tampered the biometric authentication like fingerprints and IRIS. So now, these illegal centres had the software to login to the Aadhaar sever without using any biometric details, which is worrisome,” the web security expert added.
The STF officials said although all the 10 arrests were made from Kanpur in UP, the web of 'illegal' Aadhaar centers is spread across India and lakhs of enrollment have been done by such centres.
However, the team is yet to figure out if this loophole was sold to elements involved in making the unique ID for illegal migrants.
The task force is in the process of finding out the number of biometric details which were uploaded by the gang on the Aadhaar data pool. Many officers secretly admitted that the arrests are a major setback for the Aadhaar project.
