The Bengaluru police seem to have found two instances of criminals using SIMS purchased using Aadhaar card authentications of people who were not aware of applying for them to evade being traced. In both instances dealers retained Aadhaar card information of those applying for SIMs and used it to issue additional SIMs that they sold illegally.

In the first instance, the Aadhaar was authenticated using biometrics to acquire a Jio-SIM. The Aadhaar holder, an illiterate man was asked to provide biometric details but was not given a SIM. Because Jio requires dealers to provide their own authentication in addition to the buyer, the dealer was identified and he confessed to selling the unauthorized SIM for Rs. 1000. In the other instance, further photocopies of the Aadhaar were used to issue additional SIMs.

Full story here:

In other words, this is similar to the Airtel Payments Bank scam. The Aadhaar authentication in itself cannot assure the Aadhaar holder that it is authenticating only one transaction, because the authentication only authenticates the identity and not the transaction. Once the demographic details are authenticated, they can be reused by malicious attackers, since they are now confirmed to be correct and do not need further authentication.

In the case of the Jio SIM, the misuse was caught due to the protocols used by Jio to record the dealer as well as buyer of the SIM. However, this should not be too hard to bypass or spoof for a determined criminal and it would be hard for a dealer whose identity got misused to prove that they did not sell SIMs illegally if their identity were misused. Long before news media woke up, alert youtubers were already making videos to caution buyers against Jio SIM dealers fraudulently authenticating more SIMs than they issued to the buyer.

In the case of SIMs purchased using photocopies of an Aadhaar, there is no protection whatsoever. People have been handing around photocopies of their Aadhaar to anyone who asks from schools and colleges to hospitals and crematoriums. Any of the copies could be misused to enable criminals in this manner while Aadhaar continues to be legal. In such misuse, the Aadhaar holder will literally be at the mercy of the police if the criminal misusing such SIMs uses them for serious crimes.

Vidyut is a commentator on socio-political issues with a keen understanding of tech and policy. She has been observing and commenting on Aadhaar since 2010 from a perspective of human rights, democracy and technological robustness.

One thought on “Reports of Aadhaar authentication used to issue multiple SIM cards

  1. Ram Ram Vidyut: You Have Deep Knowledge Of Aadhaar And To Detect Its Misuse. Thanks To You From Likes Of Me Who Are NIL In This Area Becuase We Belong To The Age When There Were Only Landlines, No Computers, Life Was Really Very Simple We Enjoyed That It Caefreely.

Leave a Reply

Your email address will not be published. Required fields are marked *