Dismiss Notice
Welcome to IDF- Indian Defence Forum , register for free to join this friendly community of defence enthusiastic from around the world. Make your opinion heard and appreciated.

Aadhaar,UIDAI,UPI,IndiaStack - News and Discussions

Discussion in 'World Economy' started by arbit, Apr 5, 2017.

  1. PeegooFeng41

    PeegooFeng41 2nd Lieutant FULL MEMBER

    Joined:
    Feb 8, 2017
    Messages:
    307
    Likes Received:
    433
    Country Flag:
    India
    Hahahahaha. This why Indians 'trump' Americans in their own field a lot of time. Its called thinking naturally. For Americans it is thinking out of box. Honestly, a single IT worker in UDI can put the entire database on a bunch of tapes and without no-one ever knowing.

    Oh well, it could be used to falsify a attestation -- success or failure. If you control the reader, you can make to send false reading of say finger print and hence falsify an attestation. Imagine a CIA operative needs a local bank account. He can choose a poor road side guy who looks even a lick like him, steal his aadhar, get it address etc updated in Aadhar centre which are privately operated and are a dime a dozen. Since biometrics are used to verify the identity, and bio metrics are captured by the sensor, so faking biometrics can help you to fake attestation and hence allow you to hijack someone else identity.


    That said, an easier route will be to simply ask a aadhar center to register a new identity for you.

    Top secret military research is not safe from hacking these days. An intrusive database of 1.3 billion Indians that includes biometric data that can never be changed (unlike a password) is a huge national security, internal security and fraud risk. A horrible idea.

    Even today you can get someones call records with an analyses report for 10000 rupees. Think about it guys.
     
    Last edited by a moderator: Aug 27, 2017
    Golden_Rule likes this.
  2. Agent_47

    Agent_47 Admin - Blog Staff Member MODERATOR

    Joined:
    Aug 3, 2011
    Messages:
    2,793
    Likes Received:
    5,472
    Country Flag:
    India
    Fake Aadhaar card network busted in Kanpur


    According to police, hackers have devised ways to not only bypass the biometric procedure of fingerprinting but also to scan the retina.

    Could the Aadhaar card you possess be fake? You might just want to check.

    According to Uttar Pradesh police, hackers have devised ways to bypass not just the Aadhaar biometric procedure of fingerprinting but also retina-scanning to come out with fake Aadhaar cards.

    A Special Task Force (STF) of the police busted a State-wide network of hackers who allegedly bypassed the set standards of the biometric system of the Unique Identification Authority of India (UIDAI) and created fake Aadhaar cards through cloning of fingerprints.

    The STF, which carried out the operation in Kanpur, arrested 10 persons on the charge of forgery and impersonation.

    According to the STF, the accused would bypass the biometric norms of the UIDAI with fingerprint copies and tamper with the source code of the UIDAI application client (software used by Aadhaar enrolment agencies) to create a fake application client. They would then bypass the operator authentication process to create fake Aadhaar cards. The hackers would send the client application to unauthorised operators for a sum of ₹5, 000 each, police said.

    A case has been registered at the Cyber Crime police station, Lucknow, under Sections 419, 420, 467, 468, 471, 474 and 34 of the Indian Penal Code, Sections 66 and 66C of the Information Technology Act and Section 7/34 of the Aadhaar Act.

    After questioning the accused and through investigation, police explained the elaborate method of impersonation and fraud. The police operation followed the recent recovery of fake Aadhaar cards in Deoria, Kushinagar and Lucknow.

    As per the STF, the accused accessed the fingerprint impressions of authorised Aadhaar enrolment operators on the UIDAI system. They would then print out the fingerprints on butter paper. After this, the accused would create artificial fingerprints using polymer resin. They would log on to the Aadhaar website using the artificial fingerprints created by them.

    The artificial fingerprint of the operator would then be used by multiple members of the gang to complete the process the Aadhaar card enrolment.

    The police have recovered the devices and equipment used for impersonation, including 38 fingerprints on paper, 46 fingerprints manufactured by chemicals, two Aadhaar finger-scanners, two finger-scanning devices, two iris retina scanners, eight rubber stamps, 18 Aadhaar cards, a webcam, GPS equipment and a Polymer Curing Instrument.

    Eleven laptops and 12 mobile phones were also seized.

    Police say that previously Aadhaar operators would get access to the UIDAI client application through their fingerprints. However, when hackers started cloning finger prints, the UIDAI introduced retina scanning or IRIS as part of the authentication process, after which impersonation was brought under check. However, investigators are worried that hackers have created new client applications to hack and bypass the biometrics.

    Police have decided to conduct a “security audit” of the entire Aadhaar enrolment process after it discovered that the norms of the Information Security Policy of Aadhaar were not followed by registrars, enrolment agencies, supervisors, verifiers and operators.

    The STF arrested Saurabh Singh, alleged kingpin of the gang, from Kanpur on September 9. The other nine have been identified as Shubham Singh, Shobhit Sachan, Manoj Kumar, Tulsiram, Shivam Kumar, Kuldip Singh, Chaman Gupta, Guddu Gond and Satyendra Kumar. They belong to various parts of the State.

    http://www.thehindu.com/news/nation...fake-aadhaar-card-network/article19660140.ece
     
  3. Agent_47

    Agent_47 Admin - Blog Staff Member MODERATOR

    Joined:
    Aug 3, 2011
    Messages:
    2,793
    Likes Received:
    5,472
    Country Flag:
    India

Share This Page