For years, India’s biometric system known as Aadhaar has been highly criticized for its glaring security flaws. Recently those flaws were widely exposed after the personal data of its users was put up for sale for under $10 on WhatsApp.
Over 1.19B people have enrolled in the world’s largest biometric ID system, which houses a bevy of personal info (like fingerprints, retina scans, names, addresses, phone numbers, even bank account info) — and puts the identities of those enrolled in the system at risk.
Aadhaar has pretty much been a mess since day one
Created in 2009, the 12-digit biometric identity number was originally formed to prevent fraud. But, in the 9 years it’s been around, it’s acted as more of a direct invite for those looking to steal an entire country’s identity.
In 2010, over 200 government agencies (with access to the accounts) accidentally published sensitive Aadhaar info online, and since 2015, banking fraud has run rampant on Aadhaar users, with identity thieves attempting to open bank accounts in their names.
And, on the same day as the WhatsApp scandal, a local media company reported a major hole in Aadhaar’s security that allows pretty much anyone to become a data admin for the entire system.
But the UIDAI refuses to acknowledge the problem
The Unique Identification Authority of India (UIDAI) has brushed off claims of these pressing Aadhaar security loopholes as “fake news.”
They’ve gone so far as to file an investigation against the journalist for The Tribune (a North Indian newspaper) who reported the WhatsApp incident.