{"id":187629,"date":"2022-06-01T21:04:32","date_gmt":"2022-06-01T15:34:32","guid":{"rendered":"https:\/\/blog.forumias.com\/?p=187629"},"modified":"2022-06-01T21:04:32","modified_gmt":"2022-06-01T15:34:32","slug":"why-misuse-of-aadhaar-information-is-a-real-danger","status":"publish","type":"post","link":"https:\/\/forumias.com\/blog\/why-misuse-of-aadhaar-information-is-a-real-danger\/","title":{"rendered":"Why Misuse Of Aadhaar Information Is A Real Danger"},"content":{"rendered":"\n<p><strong>Context<\/strong>: In a bizarre reversal, the Union government withdrew a notification from a Unique Identification Authority of India (UIDAI) office cautioning people against sharing photocopies of their Aadhaar card, just two days after the advisory was issued, claiming that it would be \u201cmisinterpreted\u201d.<\/p>\n<p>The advisory had urged people to use masked Aadhaar.<\/p>\n<p>The masked Aadhaar facility has been in place since 2018 and this came about following a report by the Centre for Internet and Society that<strong> publicly available datasets<\/strong> had sensitive details such as full Aadhaar number details and also included bank account details of individuals.<\/p>\n<h5>Why UIDAI was right to issue the advisory?<\/h5>\n<p>The dangers of providing the full Aadhaar number to several agencies are evident in the way these <strong>numbers have been used by fraudsters for criminal purposes<\/strong> such as identity theft, Know Your Customer (KYC)-related fraud among others in recent years, and which have been documented in news reports.<\/p>\n<p>The UIDAI has itself registered far more potential <strong>fraud cases<\/strong> related to the issue highlighted above in recent years compared to the past.<\/p>\n<p>Other scams that are of a higher order have also been revealed recently, related to <strong>biometrics theft<\/strong> that have allowed scamsters to steal welfare benefits at the expense of genuine beneficiaries.<\/p>\n<p>The Internet is full of <strong>leaked data<\/strong> and this poses a major <strong>threat to user privacy<\/strong>.<\/p>\n<h5>How identity can be verified using one&#8217;s Aadhaar copy?<\/h5>\n<p>One way is to <strong>scan the QR code on one&#8217;s Aadhaar copy<\/strong> (through UIDAI\u2019s QR Code Reader app).<\/p>\n<p>By scanning the QR code, the entity (that wants to verify your identity) receives a document with one&#8217;s personal details and photo. The entity can then match the details on one&#8217;s Aadhaar copy with this digitally signed document.<\/p>\n<p>So, if someone morphs one&#8217;s Aadhaar copy, the <strong>fraud will be caught once the QR code is scanned<\/strong>, because details on the Aadhaar copy won\u2019t match the ones on the QR Code Reader app.<\/p>\n<p>Scanning the QR code tells the entity if the Aadhaar copy is genuine (or not). It won\u2019t however tell them if the person who submitted the Aadhaar copy is you. To check this, the entity <strong>must match<\/strong> the photo thrown up by the scanned Aadhaar QR code with your face \u2013 in person. Or, like banks and other RBI regulated entities, conduct video verification.<\/p>\n<p>Unfortunately, not all players follow this process. <span id=\"articlecardpara\" class=\"mt-2 mb-1\">Often, service providers <strong>simply accept the Aadhaar copy as proof of identity without scanning the QR code<\/strong> on UIDAI\u2019s QR Code Reader app. They also don\u2019t verify through in-person, video or live selfie-based verification.<\/span><\/p>\n<p><span id=\"articlecardpara\" class=\"mt-2 mb-1\"> If a service provider fails to conduct this diligence, a fraudster can use a stolen Aadhaar copy to <strong>impersonate someone<\/strong>. <\/span><\/p>\n<h5><span class=\"mt-2 mb-1\"><b>What happens if Aadhaar OTP or biometrics are also stolen?<\/b><\/span><\/h5>\n<p>Once a scammer has access to OTP or biometrics, it becomes easier to commit <strong>financial frauds<\/strong>. <strong>For instance<\/strong>: <span id=\"articlecardpara\" class=\"mt-2 mb-1\">Telangana police\u2019s recently warned about frauds perpetrated using the Aadhaar-enabled Payment System (AePS). <\/span><\/p>\n<p><span id=\"articlecardpara\" class=\"mt-2 mb-1\">&#8211; <em>AePS is a facility that lets one perform banking transactions like cash withdrawal and fund transfer. These transactions are done through a mini-ATM carried by a banking correspondent. For an AePS transaction, all you need is a person\u2019s Aadhaar number, bank name and fingerprints.<\/em> <\/span><\/p>\n<p><span id=\"articlecardpara\" class=\"mt-2 mb-1\">So, <strong>criminals can withdraw funds from a victim\u2019s bank account<\/strong> by stealing her Aadhaar number and biometrics. This type of AePS-related fraud recently happened in Haryana with criminals allegedly stealing victims\u2019 biometrics from a government website.<\/span><\/p>\n<h5>A divided view on safety of Aadhaar<\/h5>\n<p>The UIDAI has been indecisive about the inherent dangers in the indiscriminate use of the Aadhaar number or the Aadhaar card by citizens. This is evident from its <strong>series of flip-flops on the issue<\/strong>, even before this latest withdrawal notice.<\/p>\n<p>There seems to be a <strong>contradiction of views within the authority<\/strong> on the issue of potential misuse of the Aadhaar number.<\/p>\n<p><strong>&#8211;<\/strong> On the one hand, in statements <strong>advising caution and user discretion<\/strong> in revealing one\u2019s Aadhaar number, it is seeking to treat these as sensitive information just like the biometrics provided by citizens to the authority.<\/p>\n<p><strong>&#8211;<\/strong> Yet, on the other, it has sought to <strong>universalise the open use of the Aadhaar<\/strong> as an identity document with missionary zeal and has downplayed the risks of doing so.<\/p>\n<h5>Way forward<\/h5>\n<p>The UIDAI must <strong>popularise the use of the masked Aadhaar facility<\/strong> as a start and rethink ways to tighten the scrutiny over how Aadhaar numbers are issued and utilised.<\/p>\n<p>Law enforcement agencies must crack down on data leaks and websites carrying unmasked Aadhaar-related information.<\/p>\n<p><span id=\"articlecardpara\" class=\"mt-2 mb-1\">Further, to protect the public against misuse of Aadhaar data, a <strong>data protection law is critical<\/strong>.<br \/>\n<\/span><\/p>\n<p><strong>Source<\/strong>: This post is based on the following articles<\/p>\n<p><b><span data-contrast=\"auto\">&#8211; <\/span><\/b><span data-contrast=\"auto\">&#8220;<\/span><b><span data-contrast=\"auto\">Caution first: On the Aadhaar advisory<\/span><\/b><span data-contrast=\"auto\">&#8221; published in <\/span><b><span data-contrast=\"auto\">The Hindu<\/span><\/b><span data-contrast=\"auto\"> on <\/span><b><span data-contrast=\"auto\">1st June 22<\/span><\/b><span data-contrast=\"auto\">.<\/span><\/p>\n<p><b><span data-contrast=\"auto\">&#8211;<\/span><\/b><span data-contrast=\"auto\"> &#8220;<\/span><b><span data-contrast=\"auto\">Why Misuse Of Aadhaar Information Is A Real Danger<\/span><\/b><span data-contrast=\"auto\">&#8221; published in <\/span><b><span data-contrast=\"auto\">The Times of India<\/span><\/b><span data-contrast=\"auto\"> on<\/span><b><span data-contrast=\"auto\"> 31st May 22<\/span><\/b><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Context: In a bizarre reversal, the Union government withdrew a notification from a Unique Identification Authority of India (UIDAI) office cautioning people against sharing photocopies of their Aadhaar card, just two days after the advisory was issued, claiming that it would be \u201cmisinterpreted\u201d. The advisory had urged people to use masked Aadhaar. The masked Aadhaar&hellip; <a class=\"more-link\" href=\"https:\/\/forumias.com\/blog\/why-misuse-of-aadhaar-information-is-a-real-danger\/\">Continue reading <span class=\"screen-reader-text\">Why Misuse Of Aadhaar Information Is A Real Danger<\/span><\/a><\/p>\n","protected":false},"author":10328,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1230,9],"tags":[10498,10496],"class_list":["post-187629","post","type-post","status-publish","format-standard","hentry","category-9-pm-daily-articles","category-public","tag-the-hindu","tag-times-of-india","entry"],"jetpack_featured_media_url":"","views":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/187629","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/users\/10328"}],"replies":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/comments?post=187629"}],"version-history":[{"count":0,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/187629\/revisions"}],"wp:attachment":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/media?parent=187629"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/categories?post=187629"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/tags?post=187629"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}