Cyber expert fears misuse of UID numbers

New Delhi: The Aadhaar Number, or the Unique Identification Card (UID) that will create a database for 1.2 billion people in India, may go out of hand, leading cybersecurity expert R. Bhaskar says.

“The facility is ambitious and is sure to make functioning easy from the governance perspective. But at the moment, it is not clear how the government’s plan for UID will work out,” Bhaskar said.

“There is some kind of certification or guarantee needed from companies that are pooling the database or will be handling it,” he said on the sidelines of a seminar on cyberspace and democracy at the India International Centre here.

UIDs, the UPA government’s flagship programme chaired by Nandan Nilekani, seeks to accord each Indian a unique identification number.

The Unique Identification Authority of India (UIDAI) is the nodal agency which has appointed registrars across the country to facilitate the enrolment process. Registrars, typically government departments and public sector organisations, have in turn appointed the agency to collect data.

Over 200 such agencies, including Wipro, Comat Technologies, Alankit and Virgo Softech, are involved in enrolment and will issue a 12-digit number.

Within the proposed process, it is to be delivered in 20-30 days at the person’s address by speed post, after verification of biometrics and demographic data. Data verification is done by the authority under a centralised system.

“The immediate threat may not be realised now. But in a span of next five years, when the cards will be rolled out completely, we may also witness cases of cyber mischief such as hacking,” Bhaskar said.

He further warned that cybermischief may also evolve into cybercrime that poses serious threat to country’s national security.

While the UID guarantees uniqueness and a universal identity through a centralised online identity verification process, experts point out that biometric information such as iris scan and fingerprinting lead to a misuse of an individual’s personal information.

Experts have also raised concerns on the number getting misused by anti-socials such as terrorists, since they can get it issued through fake identities during large-scale enrolments.

“If the key to the database is owned by non-sovereign entities, then we really need certification and stronger laws that sort the issue of licensing of the UIDs,” Bhaskar concluded.

The UID cards are expected to ease the administrative pathway for citizens, as one card will serve all purposes related with identification.

Currently, on average, 150,000 enrolments are done each day. The number of enrolments is expected to reach six million per day by October. The task, therefore, is daunting, since the latest data places the country’s population at 1.21 billion. By Madhulika Sonkar