After numerous allegations of data breach of Aadhaar card holders in the past, the Unique Identification Authority of India (UIDAI) has decided to run a bug bounty programme.
Under this programme, a team of 20 hackers will look for loopholes and bugs in the security system that guards Aadhaar data of 120 crore Indians, according to a News 18 report.
In this programme, the hackers will study the world’s largest database of people and fix problems, if there are any. “In case more than 20 applications are received, then UIDAI will have the right to evaluate and select top 20 suitable candidates. An independent committee shall be formulated to assess and verify the candidates,” the order said
UIDAI aims to secure Aadhaar data hosted in its Central Identities Data Repository, “along with responsible disclosure of vulnerabilities,” the report said. No candidate can be a current or former employee of UIDAI or its technology support and audit organisations.
The candidates interested in this work must be an Indian citizen with a valid Aadhaar number, the report said. They should also be listed in top 100 of bug bounty leaderboards such as HackerOne, Bugcrowd, or listed in the Bounty Programs conducted by reputable companies such as Microsoft, Google, Facebook, or Apple etc., the order said.
It is not clear from the order if the ethical hackers will be paid for the exercise.
(Published 19 July 2022, 06:41 IST)