This article is specially written only for Indians those are having “AADHAR CARD“. Like before, Still the Cybersecurity is a major issue in India. Well, In this small research we will be going to reveal some common Security Flaws in Aadhar Card information. So far, It’s Gonna Viral 😛
We all have our secrets. We all have our vulnerabilities.
As you know that Aadhar card is a unique identity card for the people Living in India. It has been made mandatory for an Indian to have an Aadhar card. This Aadhar card has your fingerprints, iris scans, signature, photo, etc. You have provided the government with all your biometric data but, how safe is it with the government? Till date, there have been many instances in which the UID data of the people got compromised. However, the government always denied these allegations until the NDA government acknowledged that personal details of individuals, such as Aadhaar number, and other sensitive information, has been leaked on public websites.
The concerned officials have been doing whatever they can to stop this leaking of personal information of the people but, has been surely falling short to do so. Many letters have been written to Ministry of Electronics and Information Technology which have been traced, and they confirm the news of Aadhar card data getting hacked and being published online.
Is your Aadhar biometric data safe? Be specific, you all have given your fingerprints and iris scans to the government right? (Only Smart peoples never did that 😛 ) Jokes Apart! In simple words, we all have given our ‘Unique’ data to our trusted Government. But what if the details of your Aadhaar get leaked? Well, this is not a big deal, it can be hacked even and the recent news said, 130 million leaked from govt websites. This is such a real matter of concern, Ain’t it?
Research Says, Your Aadhar Card Information Can Be Hacked?
Aadhar Card Information Can Be Hacked by ANYONE – A Research By Vikash Pandey
This Is A Small Research Write-Up About, How an Aadhar card Information Can Be Hacked And Used For Illegal Activities Or Make it scarier Like You Can Be A Murderer Or Even A Terrorist.
Disclaimer: Not itechhacks, nor its official Authors are responsible for any illegal issues. However, the only motto to publish this research is to show that how much your personal information is safe. Plus, we need that Indian Government must take some action and make our information more private.
Let Me Explain How Aadhar Authentication Works.
When An Aadhar User Do a Verification Or A Transaction They Provide Their Finger Print And Aadhar No. To A Public Host Machine And A Public Biometric Reader For Authentication Purposes.
The Host Machine Takes Aadhar No. and That Fingerprint Photograph Captured By Optical Biometric Sensor. Then The Whole Data is Converted Into A Template, Which Is Then Converted To PID BLOCK Or Personal ID Block.
Note: I Will Provide A Link Down About What Is PID Block.
So, After The Whole Process, The PID Block is Sent To UIDAI Gateway Servers For Authentication.
Then, The UIDAI (Unique Identification Authority of India) Servers responds Either A Successful Or A Failed Authentication.
THIS IS THE WHOLE PROCESS TO Authenticate An AADHAR CARD. (Well, Looking quite easy Ahn! 😛 )
Now let Me Explain About Its Vulnerability?
GOOGLE DORK: Aadhaar name filetype:xls (PUBLIC AADHAR CARD INFORMATION AVAILABLE THROUGH A GOOGLE SEARCH)
So, let’s Start With the First Step, Host Machine Takes Fingerprint Aadhar No. OK.! POC: First Thing, The Host Machine Can Store The User Adhar No. And Biometrics, Which Can Then Be Used Without Individual’s Consent.
In Second Step, POC: The PID Block Is Not Encrypted And So It Is Vulnerable To Interception By Hackers Or Criminals While Data Transmission.
In the Last Process, POC: The Host Computer Is Connected To Public Internet Servers (ISP) And Hence Is Vulnerable To Viruses And Malware That Can Also Steal The PID BLOCK.
How My Data Is Used For Illegal Activities?
Once your INFORMATION and BIOMETRIC are stolen they can be used against you. Biometrics can be used to make A 3D PRINTED FINGERPRINT clone that can be planted in A CRIME SCENE.
This Information can also be used in a bomb blast to identify a specific person. having this information in wrong hands can save a criminal and ruin your life.
IS THAT SCARY ENOUGH.? Can it be more worst than this? (Imagine How??)
Sources that Vikash used for this research:
- https://authportal.uidai.gov.in/web/uidai/developer —
Now Moving further let me show you How could they make it more private.
How Aadhar Information gets more Security?
Well, on this I am going to share some of my thoughts that can add more security features in this. look at this:
Current Security Status:
Wrap Up: Well, This is something that we feel to share with you. Like, we need a license to drive a car same, we need Aadhar to buy anything like Air Ticket, Loan, Admission, etc and this is mandatory in every field. Feel free to SHARE it with your friend circle. We will be going to add more such security flaws that can be a serious issue in this digital world! Thanks.
iTech Hacks wanna say Special Thanks to Vikash Pandey (Follow), Who do not even gives us permission to share this research here but he also helps us to make our website more secure. Cheers!