Not long ago trumpeted as the world’s largest biometric database, India’s Aadhaar system covers 1.2bn citizens. Lately, though, it’s acquired a less impressive reputation – that it’s one of the easiest to breach.
In a matter of days, two sets of journalists claimed they’ve bypassed its security with worrying ease, apparently by gaining access to a layer of privileged and admin accounts that have ended up in the wrong hands.
In the most widely-reported incident, a researcher paid Rs 500 ($8) to an anonymous WhatsApp seller for credentials giving access to the name, address, phone number, postal PIN, email address and photograph of anyone in Aadhaar after entering their 12-digit UIDAI (Unique Identification Authority of India) number.
Read full news article on Naked Security