GIFT a SubscriptionGift
HamberMenu
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon

To enjoy additional benefits

GIFT a SubscriptionGift
ShowcaseCrossword+

CONNECT WITH US

year
Click here for our in-depth coverage of Lok Sabha and Assembly elections #ElectionsWithTheHindu

Aadhaar on shaky foundation?

French cyber-security researcher says document can be accessed online using Google ‘dork’ search

March 17, 2018 11:15 pm | Updated March 18, 2018 09:20 am IST - Hyderabad

Syed Mohammed
Syed Mohammed
An Aadhaar biometric identity card, issued by the Unique Identification Authority of India (UIDAI), is arranged for a photograph in Mumbai, India, on Saturday, Jan. 28, 2017. India's Finance Ministry will recommend bold tax reform to ensure that Prime Minister Narendra Modi's growth-crimping cash ban wasn't in vain, people familiar with the matter said. Photographer: Dhiraj Singh/Bloomberg via Getty Images

An Aadhaar biometric identity card, issued by the Unique Identification Authority of India (UIDAI), is arranged for a photograph in Mumbai, India, on Saturday, Jan. 28, 2017. India's Finance Ministry will recommend bold tax reform to ensure that Prime Minister Narendra Modi's growth-crimping cash ban wasn't in vain, people familiar with the matter said. Photographer: Dhiraj Singh/Bloomberg via Getty Images

After raising concerns over finding a large number of Aadhaar cards publicly online, French cyber-security researcher Robert Baptiste has revealed that the document can be accessed by means of a Google ‘dork’ search.

Dork is an advanced mechanism which narrows down search by using strings which indicate the type of file. Mr. Baptiste, who operates the Twitter handle Elliot Alderson, tweeted a screenshot of dork strings and keywords that can be used to view Aadhaar cards online.

Responding to questions from The Hindu , the cybersecurity expert said that Unique Identification Authority of India (UIDAI) should ensure that parties which handle Aadhaar cards should have in place strong security measures. He also said that the QR Code on Aadhaar cards could be scanned with Android apps.

“Hi @UIDAI and @ceo_uidai, it’s time for you to force your partners to handle #Aadhaar cards in a secure way. If you make a Google search query with one of this line you will find thousand of #Aadhaar card. @UIDAI: It’s time to admit that this is not OK and to work on a fix (sic),” he tweeted.

Though calls to the regional office in Hyderabad remained unanswered, it was on March 11 that the UIDAI took to Twitter to dismiss Mr. Baptiste’s tweets on the subject, though it did not name him.

“UIDAI has dismissed the reports as irresponsible, which appeared in a section of social and other media on security of Aadhaar system being questioned on account of a few Aadhaar cards reportedly put on the Internet by some unscrupulous elements. 1/n,” the verified UIDAI Twitter handle said.

It also pointed out that publication of Aadhaar details neither has a bearing on UIDAI, nor on Aadhaar security. It underscored that Aadhaar is like any other identity document and must not be treated confidential.

In another tweet, the UIDAI said, “If anybody unauthorisedly publishes someone’s personal information such as Aadhaar card, passport, mobile number, bank account number, his photograph, he can be sued for civil damages by the person whose privacy right is infringed. 6/n”. It signed off by reiterating that Aadhaar remains ‘safe’ and ‘secure’.

Related Topics

Aadhaar

Top News Today

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.