The UIDAI keeps insisting that Aadhaar is secure. Biometics can’t be bypassed, enrolment software can’t be hacked, and so on. So I put together a quick list. This list is under construction. Keep checking for updates.
- April 2012: An enrolment agent was found to have issued 30,000 Aadhaar cards in a span of six months. 800 of these were enrolled using biometric exceptions for disabled people and when the police were asked to verify, they found that none of the disabled people lived at the addresses provided One Mohammed Ali, employee of IL&FS was arrested in this matter. Later, it was discovered that Mohammed Ali’s employment had been terminated in September of the previous year, and employees at 20 different centres in the city had been using his credentials to login and create Aadhaars. This was supposed to not be possible, but a flaw in the registration software allowed it.
- June 2012: Also in Hyderabad and also IL&FS. Seven were arrested including IL&FS officials and a ration card shop owner, when it was found that an ਸਾਬਕਾ ਕਰਮਚਾਰੀ ਇਕ ਅਧਿਕਾਰੀ ਲੈਪਟਾਪ ਉਧਾਰ to conduct some 60 enrolments, at least 13 of which were fraudulent and for the purposes of ration card fraud. In this case, it appears that the arrested person used his own fingerprints, which is how he was caught, but it is unclear how an ex-operator’s fingerprints were accepted by the system.
- The ਆਧਾਰ Aasara ਘੁਟਾਲੇ saw 3 individuals between ages 20 and 30 arrested when it was found that they created fraudulent Aadhaar cards to receive government old age pensions of Rs. 1000 per month to the tune of Rs. 50 lakh.
- The ਕਾਨਪੁਰ ਆਧਾਰ ਭਰਤੀ ਘੁਟਾਲਾ: the software was patched to bypass iris authentication and copies of fingerprints of authorized operators were used to login and create or update Aadhaar cards.
- YouTube 'ਤੇ ਵੀਡੀਓ ਦਿਖਾ ਪੈਚ ਦੇ ਲਈ ਆਧਾਰ ਦਾਖਲਾ software (and updates) and provide PayTM account details to pay for the patch in order to buy it.
- ਦੀ ਏਸ਼ੀਆ ਟਾਈਮਜ਼ ਦੀ ਰਿਪੋਰਟ ਤਿੜਕੀ ECMP ਸਾਫਟਵੇਅਰ that worked “out of the box” – it came preconfigured with valid credentials of operators and a patch to bypass geographical restrictions that prevented access from unauthorized locations.
- ਬਾਇਓਮੈਟ੍ਰਿਕ ਅਤੇ ਕੌਮੀਕ੍ਰਿਤ ਬਕ ਅਫ਼ਸਰ ਨੂੰ ਦੇ ਵੇਰਵੇ Prashant Morvadiya were sold on a pen drive for Rs. 6000 to enable access to update Aadhaar data using his credentials, in a scam the police believe to be operating for a year when it was caught.
- ਅਮਰੋਹਾ ਆਧਾਰ ਇਨਰੋਲਮਟ ਘੁਟਾਲੇ used methods similar to the Kanpur Enrolment Scam, with copies of authorized operator’s fingerprints.
- ਯੂਆਈਡੀਏਆਈ ਆਪਣੇ ਆਪ 'ਤੇ ਮੰਨਿਆ ਹੈ 20th June, 2017, that there are reports of biometrics being hacked, which is why it raised the penalty for bypassing biometrics to one lakh. “Due to various cases of bypassing the operator biometric capture being reported, UIDAI has decided to impose a penalty of Rs 100,000 per enrolment station found to be bypassing the operator biometric.”
- ਤਿੜਕੀ ਨੂੰ ਵਰਜਨ of the Aadhaar enrolment software being sold on WhatsApp.
- ਆਧਾਰ ਕਾਰਡ ਦੇ ਅਣਗਿਣਤ ਹੋਣ ਦਾ ਪਤਾ ਲੱਗਿਆ ਹੈ ਜਾਅਲੀ ਦਸਤਾਵੇਜ਼ ਨੂੰ ਵਰਤ ਬਣਾਇਆ in Moga.
- ਮਹਾਰਾਸ਼ਟਰ ਵਿਚ ਇਕ ਆਧਾਰ ਅਧਿਕਾਰੀ ਬਣਾਇਆ ਉਸ ਦੇ ਅੰਗੂਠੇ ਦੇ ਰਬੜ ਮੋਹਰ ਨਕਲ, so that his underlings could conduct enrolments on his behalf.
The title of this post is inspired by this tweet:
Nandan :- @India_Stack ਡਿਜ਼ੀਟਲ ਹਾਈਵੇ ਬਿਲਡ
— Srikanth ஸ்ரீகாந்த் (@logic) May 6, 2018