CIA stealing Aadhaar data? Baseless says UIDAI
Refuting reports that biometric data was being accessed by some foreign agencies, the UIDAI has said that Aadhaar system has stringent security features to prevent any unauthorised capture or transmission of data.
The statement by the Unique Identification Authority of India (UIDAI) came after WikiLeaks hinted that CIA had allegedly accessed the Aadhaar database. Dismissing the allegations, UIDAI said Aadhaar biometric capture system has been "developed within our own country and it has adequate and robust security features to prevent any possibility of any such unauthorised capture and transmission of data regardless of any biometric device that may be used." The UIDAI said that such "misinformation was being spread by certain "vested interests".
"Some vested interests are trying to spread misinformation that since 'Cross Match' is one of many devices which are being used in biometric devices by various registrars and agencies in Aadhaar ecosystem, the biometrics being captured for Aadhaar are allegedly unauthorisedly accessed by others," the UIDAI statement said rejecting charges of data compromise. Outlining the stringent checks and balances in UIDAI system, it said that any biometric device before being used in Aadhaar system is "thoroughly tested" internally and externally extensively by Standardised Testing Quality Certification (STQC) and certified.
WikiLeaks in a tweet two days ago had said, "Have CIA spies already stolen #India's national ID card database?" It has been claimed that the Central Intelligence Agency (CIA) was leveraging tools of US-based technology provider Cross Match (incidentally, an Aadhaar vendor) for snooping, and that sensitive data could have been compromised.
"Some news are being circulated on the basis of wikileaks regarding some purported Express Lane project whereby it is alleged that the Express Lane system uses computer system consisting of a computer or laptop, windows XP operating system along with biometric software of Cross Match, a company manufacturing biometric sensors," UIDAI said terming allegations of Aadhaar biometric data being compromised as "completely false and baseless".
"In addition, there are many other rigorous security features and processes within UIDAI through which it ensures that no biometric data of any individual is unauthorised accessed by anyone in any manner whatsoever," the UIDAI said. The Aadhaar issuing body said that the biometric identifier had been issued to over 117 crore people, with around 4 crore authentication taking place every day. "Till date, there has not been a single case of leak of biometric data, theft of identity, or financial loss to any one on account of use of Aadhaar. The UIDAI will continue to take every possible measure to ensure that Aadhaar remains safe and secure," it said.