BENGALURU: In a case highlighting the security flaws in the Unique Identification Authority of India (UIDAI) system, officials have filed a complaint against Abhinav Shirvastava and others of Qarth Technologies Pvt Ltd for allegedly leaking Aadhaar data.
According to the complaint by Ashok Lenin, Deputy Director of UIDAI, the accused had developed an Android app available on Google Play Store to provide e-KYC documents for customers. The documents were allegedly provided by accessing the Aadhaar database from Aadhaar website, without any permission from UIDAI or other authorities concerned.
According to the complaint, UIDAI officials suspect that the accused colluded with ‘some others’ to get access to the secure database and leak the information to Qarth Technologies. Accessing secure Aadhaar database and leaking information from the same is an offence under Aadhaar (Targeted Delivery of Financial and other Subsidies, Benefits and Services) Act 2016, IT Act and IPC.
In the FIR, Section 37 (intentionally discloses, transmits, copies or otherwise disseminates any identity information collected in the course of enrolment or authentication ....) and Section 38 (deals with intentionally accessing Central Identities Data Repository and downloading data) read with Section 29 (2) of Aadhaar Act has been evoked. Apart from these, accused have also been booked under Section 65 (tampering with computer source documents), Section 66 (hacking a computer system) of IT Act, and other relevant sections of the IPC.
When contacted, Pronab Mohanty, Deputy Director General, UIDAI, Bengaluru confirmed that a case has been filed in Bengaluru. “However, it does not pertain to the Bengaluru regional office,” he said.
He said that it was not a case of malpractice, and the fault leading to the illegal access to a private party stemmed from the flaws in National Informatics Centre.
According to UIDAI sources, the complaint was filed based on an alert provided by the head office in Delhi.Sources added that the app has been removed from the App Store and the only connection to Bengaluru in the case was that the founder of the company was from Bengaluru.
Qarth Technologies involved
According to Zauba Corp — a databank of various firms — Qarth Technologies was incorporated in October 2012 at Kolkata and was involved in data processing. Directors of the company were Abhinav Srivastava (accused) and Prerit Srivastava. The firm was based out of Science and Technology Entrepreneurs’ Park, IIT Kharagpur, West Bengal. High Grounds Police have registered a case.