New Delhi: Amid reports of alleged Aadhaar database breach, the Unique Identification Authority of India (UIDAI) on Tuesday dismissed the Aadhaar Enrolment Software hacking reports saying that no operator can make or update biometric details unless they are given by the residents themselves. Calling the claims of database hacking “baseless, incorrect and irresponsible”, UIDAI claimed that “certain vested interests have been deliberately trying to create confusion in the minds of the people” which it called unwarranted.Also Read - Aadhaar Card For Children: How To Apply For Blue Aadhaar Or Baal Aadhaar? Check FAQs And Other Details Here
“Unique Identification Authority of India dismisses a news report appearing in social & online media about Aadhaar Enrolment Software being allegedly hacked as completely incorrect and irresponsible. No operator can make or update Aadhaar unless resident himself give his biometric. Any enrolment or update request is processed only after biometrics of the operator is authenticated and resident’s biometrics is de-duplicated at the backend of UIDAI system,” it said. Also Read - Right To Dignity: Supreme Court Directs Issuance Of Aadhaar Cards To Sex Workers
Also Read - Rules On Linking Aadhaar With Electoral Rolls Likely To Be Issued Soon - FAQs Answered
“Claims made in the report about Aadhaar being vulnerable to tampering leading to ghost entries in Aadhaar database by purportedly bypassing operators’ biometric authentication to generate multiple Aadhaar cards is totally baseless,” UIDAI said in a tweet, adding that all the necessary measures were taken to ensure every encrypted packet is tracked.
It said that full measures are taken to ensure “end-to-end security of resident data, spanning from full encryption of resident data at the time of capture, tamper resistance, physical security, access control, network security, stringent audit mechanism, 24×7 security and fraud management system monitoring, and measures such as data partitioning and data encryption within UIDAI controlled data centres” and any enrolment and update request is processed only after the biometric details are authenticated.
The UDAI also claimed that during the update process, all the biometric and other parameters are first checked before processing it further for the changes or updates. “Therefore it is not possible to introduce ghost entries into Aadhaar database. Even in a hypothetical situation whereby some manipulative attempt, essential parameters…are not captured, blurred…the same is identified by the robust backend system of UIDAI, and all such enrolment packets get rejected and no Aadhaar is generated.”
In another tweet, the UIDAI added that if anyone is found violating the enrolment and update process or indulges any fraudulent practice, it blacklists them and imposes a fine up to Rs 1 lakh per case.