HYDERABAD, MAY 7
The Free Software Movement of India (FSMI) has expressed serious concerns on the safety of users’ Aadhaar data. The association has written a letter to the Unique Identification Authority of India (UIDAI) on YouTube videos that demonstrate methods to bypass security layers in Aadhaar enrolment.
“There are WhatsApp messages circulating about a patched version of the Enrolment Client Management Platform (ECMP) software being used for offline Aadhaar enrolment. This can potentially be used to bypass geo-location and biometrics, and also change the mapping between the personal data of Aadhaar holders and their biometric data,” the FSMI has said in the letter.
It sought to know what steps the UIDAI is taking to make the Aadhaar system safe, as the security problems seemed to emanate from inherent design flaws in Aadhaar’s client server architecture. “These videos claim that new Aadhaar enrolments can be made without any verification and that personal information pertaining to existing Aadhaar numbers can be changed bypassing any security checks, including OTPs (one-time passwords) and biometric verification.
“If this is true, then it is a matter of serious concern as it endangers the sanctity of the entire Aadhaar database. We would like to know whether UIDAI has examined these claims, and if there is any merit to claims regarding the security of the Aadhaar enrolment software being compromised,” the FSMI said.
The association wondered what steps the UIDAI was taking to verify the validity of data already uploaded by private players to the Aadhaar database