ദി യുഐഡിഎഐയുടെ keeps insisting that Aadhaar is secure. Biometics can’t be bypassed, enrolment software can’t be hacked, and so on. So I put together a quick list. This list is under construction. Keep checking for updates.
- April 2012: An enrolment agent was found to have issued 30,000 Aadhaar cards in a span of six months. 800 of these were enrolled using biometric exceptions for disabled people and when the police were asked to verify, they found that none of the disabled people lived at the addresses provided One Mohammed Ali, employee of IL&FS was arrested in this matter. Later, it was discovered that Mohammed Ali’s employment had been terminated in September of the previous year, and employees at 20 different centres in the city had been using his credentials to login and create Aadhaars. This was supposed to not be possible, but a flaw in the registration software allowed it.
- June 2012: Also in Hyderabad and also IL&FS. Seven were arrested including IL&FS officials and a ക്ലിപ്തഓഹരി card shop owner, when it was found that an മുൻ ജീവനക്കാരൻ ഒരു ഔദ്യോഗിക ലാപ്ടോപ്പ് കടമെടുത്ത to conduct some 60 enrolments, at least 13 of which were fraudulent and for the purposes of ration card fraud. In this case, it appears that the arrested person used his own fingerprints, which is how he was caught, but it is unclear how an ex-operator’s fingerprints were accepted by the system.
- ദി ആധാർ അഅസര അഴിമതി saw 3 individuals between ages 20 and 30 arrested when it was found that they created fraudulent Aadhaar cards to receive government old age pensions of Rs. 1000 per month to the tune of Rs. 50 lakh.
- ദി കാൺപൂർ ആധാർ എൻറോൾമെന്റ് അഴിമതി: the software was patched to bypass iris authentication and copies of fingerprints of authorized operators were used to login and create or update Aadhaar cards.
- YouTube- ലെ വീഡിയോകൾ വിശദീകരിക്കുക പാച്ചുകൾ വേണ്ടി ആധാർ പേര്വിവരപ്പട്ടിക software (and updates) and provide PayTM account details to pay for the patch in order to buy it.
- ഏഷ്യാ ടൈംസ് റിപ്പോർട്ട് എച്ംപ് സോഫ്റ്റ്വെയർ ഇങ്ങിനെ that worked “out of the box” – it came preconfigured with valid credentials of operators and a patch to bypass geographical restrictions that prevented access from unauthorized locations.
- ദേശസാൽകൃത ബാങ്ക് ഓഫീസറുടെ ബയോമെട്രിക്സ് വിശദാംശങ്ങളും Prashant Morvadiya were sold on a pen drive for Rs. 6000 to enable access to update Aadhaar data using his credentials, in a അഴിമതി the police believe to be operating for a year when it was caught.
- അമ്രൊഹ ആധാർ എൻറോൾമെന്റ് അഴിമതി used methods similar to the Kanpur Enrolment Scam, with copies of authorized operator’s fingerprints.
- യുഐഡിഎഐയുടെ തന്നെ സമ്മതിച്ചതാണ് 20th June, 2017, that there are reports of biometrics being hacked, which is why it raised the penalty for bypassing biometrics to one lakh. “Due to various cases of bypassing the operator biometric capture being reported, UIDAI has decided to impose a penalty of Rs 100,000 per enrolment station found to be bypassing the operator biometric.”
- ഇങ്ങിനെ പതിപ്പ് of the Aadhaar enrolment software being sold on WhatsApp.
- ആധാർ കാർഡുകൾ നൂറുകണക്കിന് എന്നു കണ്ടു വ്യാജ രേഖകൾ ഉപയോഗിച്ച് ചെയ്തു in Moga.
The title of this post is inspired by this tweet:
Nandan :- @ഇംദിഅ_സ്തച്ക് ഡിജിറ്റൽ ഹൈവേകൾ പണിയുന്നു
— Srikanth ஸ்ரீகாந்த் (@logic) മെയ് 6, 2018