The Unique Identification Authority of India (UIDAI) has denied the media report published in The Tribune titled "Rs 500, 10 minutes, and you have access to billion Aadhaar details" and has said that it is a case of misreporting.
The UIDAI assured that there has not been any Aadhaar data breach. The Aadhaar data including biometric information is fully safe and secure.
In a statement issued today, the UIDAI said that UIDAI has given the said search facility for the purpose of grievance redressal to the designated personnel and state government officials to help residents only by entering their Aadhaar number/EID.
The UIDAI maintains complete log and traceability of the facility and any misuse can be traced and appropriate action taken.
No #Aadhaar data breach; Aadhaar data including biometric information is fully safe and secure: @UIDAI, denying report by @thetribunechd, saying it is a case of misreporting 1/2 pic.twitter.com/2d4ORHqqMh
— PIB India (@PIB_India) January 4, 2018
The reported case appears to be instance of misuse of the grievance redressal search facility. As UIDAI maintains a complete log and traceability of the facility, the legal action including lodging of FIR against the persons involved in the instant case is being done.
The UIDAI reiterates that the grievance redressal search facility gives only limited access to name and other details and has no access to biometric details. UIDAI reassures that there has not been any data breach of biometric database which remains fully safe and secure with highest encryption at UIDAI and mere display of demographic information cannot be misused without biometrics.
Claims of bypassing or duping the #Aadhaar enrollment system are totally unfounded: @UIDAI, denying report by @thetribunechd 2/2 pic.twitter.com/Rn3k15mDJJ
— PIB India (@PIB_India) January 4, 2018
Further, the Aadhaar number is not a secret number. It is to be shared with authorized agencies whenever an Aadhaar holder wishes to avail certain service or benefit of government welfare scheme/s or other services. But that does not mean that the proper use of Aadhaar number poses a security or financial threat.
Also, mere availability of Aadhaar number will not be a security threat or will not lead to financial/other fraud, as for a successful authentication fingerprint or iris of individual is also required.
Claims of bypassing or duping the Aadhaar enrolment system are totally unfounded.
Aadhaar data is fully safe and secure and has robust uncompromised security. The UIDAI Data Centres are infrastructure of critical importance and is protected accordingly with high technology conforming to the best standards of security and also by legal provisions.
After the Aadhaar authority’s response, The Tribune said the UIDAI’s promise that it would file a case against any breach of data was “an admission of something being amiss”.
“UIDAI has admitted that a facility on their website has been ‘misused’,” the newspaper wrote. “The fact is that it has been ‘misused’ to steal data...at will, for any Aadhaar number... Also, the tracking system obviously never realised that unauthorised people were accessing the data. And if FIRs are being contemplated, is that not an admission of something being amiss?”