Read the thread to know more about Pandey’s life.

HINDUSTAN TIMES VIA GETTY IMAGES
Ajay Bhushan Pandey, CEO of UIDAI.

Ajay Bhushan Pandey, CEO of the Universal Identification Authority of India (UIDAI), the agency that implements India’s controversial Aadhaar project, shared his authentication logs with the Constitutional bench of the Supreme Court last week.

His aim, ostensibly, was to show how Aadhaar incorporates “privacy by design”, to quote the accompanying power-point presentation.

It wasn’t long before Aadhaar critics on Twitter poured through his logs and proved just the opposite.

Cybersecurity analyst and software developer, Anand Venkatanarayanan, revealed how just looking at six months worth of authentication data could offer clues to Pandey’s physical movements, his phone service provider, the banks where he has his accounts, and even his daily schedule.

Two failed attempts to link his ICICI bank account to his Aadhaar at midnight on Republic Day, for instance, suggests seeding bank accounts with Aadhaar is giving the UIDAI CEO sleepless nights as well.

Other gems include the fact that only one transaction in the past six months was authorised using his biometrics. The transaction, which was conducted at IDFC bank a day before the Court re-convened to discuss the Aadhaar matter, failed.

Privacy advocates have long maintained that seeding Aadhaar with other forms of identification allows for the creation of detailed databases that can be used to track citizens.

Read the thread to know more about Pandey’s life.

Anand V@iam_anandv

So everyone is citing Authentication failures on @ceo_uidai‘s authentication history, but I can understand quite a bit about his life with just that. Let us begin. 👇

Anand V@iam_anandv

He has a Vodafone phone and did not link it until last week for the court demo (OR) He just bought a new one. Given his position and status, this is most likely a Post Paid connection.

Anand V@iam_anandv

He used “UIDAI Services”. That is not an internal AUA and not a public one. So we can conclude that he was browsing the web then from the confines of his office during this time among other things.

Anand V@iam_anandv

Another “internal” AUA. With the transaction name of the AUA, it is easy to conclude that he was using a Demo Application. Hence most likely he was giving a Presentation to someone on the greatness of Aadhaar.

Anand V@iam_anandv

Another “Internal AUA” at 8 PM in the night, one after another within a minute. OK. Pandeyji had a busy day in office that day. He definitely came home late and did not reach before 9 PM.

Anand V@iam_anandv

OK. OTP linking at midnight. He definitely has 3 accounts with ICICI Bank. May be a credit card (OR) 2 bank accounts (OR) 3 bank accounts. He has linked them all on Republic day. So he was not in office but is doing it from his home. Why 3 accounts? UKC:XXX is different.

Anand V@iam_anandv

OK. OTP linking at midnight. He definitely has 3 accounts with ICICI Bank. May be a credit card (OR) 2 bank accounts (OR) 3 bank accounts. He has linked them all on Republic day. So he was not in office but is doing it from his home. Why 3 accounts? UKC:XXX is different. pic.twitter.com/RIPGA18rDl

Anand V@iam_anandv

Another “Internal Auth Service Monitoring” at Republic day at 7 PM? Hmnn, he was probably in office checking out some data centers. May be they have a special PIN based terminal for him to go in. That is one hypothesis. Let us keep that to ourselves for now. pic.twitter.com/3BnKZpfDJd

View image on Twitter

Anand V@iam_anandv

He has a Vodafone phone and did not link it until last week for the court demo (OR) He just bought a new one. Given his position and status, this is most likely a Post Paid connection.

Anand V@iam_anandv

He used “UIDAI Services”. That is not an internal AUA and not a public one. So we can conclude that he was browsing the web then from the confines of his office during this time among other things.

Related posts