UIDAI denies breach of Aadhaar data on servers
Authority to encrypt biometric data at the time of capture
The Unique Identification Authority of India on Sunday denied any breach of Aadhaar data on it servers. It said it had not found any incident of misuse of biometrics, leading to identity theft and financial loss, in the past seven years. The agency said more than 4,000 million Aadhaar-authenticated transactions had taken place and the Centre had saved ~49,500 crore because of Aadhaar-based direct benefit transfers in the past two-and-a-half years.
The Unique Identification Authority of India (UIDAI) on Sunday issued a statement denying any breach of Aadhaar data on its servers.
UIDAI said it had not found a single incident of misuse of biometrics, leading to identity theft and financial loss, in seven years.
“There has been no breach to the UIDAI database of Aadhaar in any manner whatsoever and personal data of individuals held by UIDAI is fully safe and secure,” it said. UIDAI was set up in 2009 to provide a 12-digit unique identification number to all the residents after capturing their biometric details.
“Aadhaar-based authentication is as robust and secure as compared to any other contemporary systems. The Aadhaar system has the capability to inquire into any instance of misuse of biometrics and identity thefts and initiate action.”
The agency said more than 4,000 million Aadhaar authentication transactions had taken place and the government saved ~49,500 crore because of Aadhaar-based direct benefits transfers in two and a half years.
UIDAI has biometric and demographic details of 1,110 million Indians.
The Aadhaar system coming under attack came to light after UIDAI filed a criminal charge against unknown persons for allegedly storing biometrics of individuals and subsequently making unauthorised transactions. It has issued notices to Axis Bank, one of its business correspondents Suvidhaa Infoserve, and eMudhra, a know-your-customer user agency with the authority. “It is an isolated case of an employee working with a bank’s business correspondent’s company making an attempt to misuse his own biometrics, which was detected by the UIDAI internal security system. Subsequently, actions under the Aadhaar Act have been initiated,” it stated.
The agency said it had decided to encrypt data at the point of capture, to strengthen security. It claimed it had helped 44.7 million people to open bank accounts through Aadhaar e-KYC and enabled the government to directly transfer benefits into the accounts of beneficiaries of various schemes, including domestic cooking gas subsidy, scholarships and the rural job scheme, among others.