The Unique Identification Authority of India (UIDAI) on Saturday dismissed reports of any breach in its Aadhaar database, assuring that the biometric ID programme remains “safe and secure”.
The response of the Aadhaar issuing authority came after ZDNet, an online portal, reported that a data leak on a system run by a state-owned utility company can allow access to private information of Aadhaar holders, exposing their names, their unique 12-digit identity numbers, and their bank details.
"UIDAI refutes reports in sections of media sourced from news website which quoted a man purportedly claiming to be a security researcher that a state-owned utility company has vulnerability which can be used to access a huge amount of Aadhaar data including banking details," UIDAI said in a statement on Saturday.
UIDAI refuted claims made in the story and maintained that Aadhaar remains safe and secure.
"There is no truth in this story as there has been absolutely no breach of UIDAI’s Aadhaar database. Aadhaar remains safe and secure," the statement added.
The UIDAI has argued that even if the report claims were taken to be true, the security-related concerns should be around the database of a utility company in question. It has "nothing to do with the security of UIDAIs Aadhaar database", it said.
Going by the logic of the report, since the utility company's database also had bank account numbers of its customers, would bank databases also be considered to have been breached, UIDAI questioned.
"The answer would obviously be in negative," it added.
UIDAI argued that mere availability of Aadhaar number with a third person "will not be a security threat to the Aadhaar holder" nor will it lead to financial or other fraud. This is because a transaction is contingent upon a successful authentication through fingerprint, Iris or OTP of the Aadhaar holder, UIDAI said.
The report of the alleged security lapse comes at a time when Constitutional bench of the Supreme Court is hearing a clutch of petitions challenging the Aadhaar Act and the use of a biometric identifier in various government and non-government services.
Earlier this week, UIDAI CEO Ajay Bhushan Pandey had made a powerpoint presentation in the Supreme Court to defend the government's ambitious Aadhaar scheme. He had said that breaking Aadhaar encryption may take "more than the age of the universe for the fastest computer on earth.