Published: Mon, August 07, 2017
Economy | By Melissa Porter

IIT Kharagpur graduate arrested for accessing UIDAI data through Digital India app

IIT Kharagpur graduate arrested for accessing UIDAI data through Digital India app

The complaint against Srivastav and Qarth Technologies was filed on July 26 with the High Ground Police station which after registration transferred the case to Cyber Crime investigation cell. "I developed the app giving out e-KYC details, thinking it would help the common man access Aadhaar information". Srivastava is now working with Ola as a software engineer at its head office in Koramangala. Srivastava completed MSc in Industrial Chemistry from IIT Kharagpur. Preliminary inquiry has revealed that Srivastava developed a mobile app that provided "Aadhaar e-KYC verification" by accessing data hosted in the National Informatics Centre (NIC) server.

He had said in the complaint: "Qarth workers have developed an app and accessed details on Aadhaar website without authentication and provided the same as e-KYC details". "As far as the said App is concerned, it was trying to provide Aadhaar verification to the residents based upon their own consent and to download their own demographic data".

According to a report in Indian Express, Bengaluru Police on Thursday formally announced the arrest Srivastava - hailing from Uttar Pradesh - in connection with a complaint of unauthorised access of the central identities data repository filed by the Unique Identification Development Authority of India's (UIDAI) on July 26.

Chennai-based Qarth was acquired by cab aggregator Ola in March 2016, in a bid to bolster Ola's mobile wallet service, Ola Money. The hospital was a Know Your Customer user agency which has tied up with the UIDAI. The app used for the alleged cybercrime was identified as "Aadhaar E-KYC Verification", downloadable on Google Play , As Reported By Hindustan Times.

Apart from it, the code of the app, allowed it to run against the production database without displaying the name of the agency running the programme, leading to violation of Aadhaar Act.

By the time the leak came to light, the app had been downloaded by about 50,000 mobile users, and he had earned Rs 40,000 from advertisements. The UIDAI system gave permission to access because the authentication requests were coming from the e-hospital system.

The police said a computer, four laptops, a tablet, four mobile phones, six pen drives and other material worth Rs 2.25 lakh were found with him. Apart from Aadhar-eKYC, he has created five other mobile applications.

Like this: