JOIN USAadhaar is fully protected: UIDAI's former tech head
Aadhaar system is fully protected and well-designed from any data breach, according to Srikanth Nadhamuni, who was the first technology head of Unique Identification Authority of India (UIDAI), which issues identification numbers to citizens.
In an interaction with DH, Nadhamuni said Aadhaar system can proactively plug any attempts to steam data. “I firmly rule out any possibility of hacking into the Central Identities Data Repository (CIDR), where the Aadhaar data is saved in the country. It is extremely secure and well-designed system,” Nadhamuni said.
Commenting on the recent attempt by technology professional Abhinav Srivastava to illegally create a public app that could obtain details of Aadhaar holders, Nadhamuni said the National Informatics Centre (NIC) website which is giving AUA (Authentication User Agency) services is not secure.
“NIC, which is giving AUA service provider is outside the purview of Aadhaar, is not complying with its security standards. Instead of Aadhaar’s HTTPS, NIC is hosting their data on HTTP website, application layer protocol designed within the framework of the Internet protocol suite,” he said.
Misinformation
Nadhamuni said it is a misinformation that the hackers got into the CIDR.
“There is no way Aadhaar servers can be hacked. The government and other parties who are using Aadhaar services have to make their systems secure. In this recent case, the person impersonated and acted as a NIC person to directly take data from Aadhaar server,” he said.
The Khosla Lab India head also pointed out that all the entities directly availing Aadhaar services should comply with strict security standards. “We have to further strengthen this security standard so that it is ensured that they are following it,” he said.
UIDAI has appointed 27 KYC Service Agencies to provide authentication services and under them, there are different KYC User Agencies to verify users details.
According to experts, in the recent incident, the accused accessed passwords by hacking E-Hospital - a healthcare delivery platform developed by NIC.
Recently Nandan Nilekani, former head of UIDAI, stated that Aadhaar security was a big concern. The Aadhaar security issue is coming up a time when the Supreme Court is hearing a petition to decide if data privacy is a fundamental right. The Centre made it very clear to the apex court on July 27 that data privacy cannot be a fundamental right as it has many facets.
To give further momentum on data privacy, the government on August 1 formed an expert committee to deliberate on data protection laws, which will also come up with a draft data protection Bill.