In a major setback for authorities, an IIT Kharagpur student Abhinav Srivastava has been accused of accessing Aaadhar data without any authorisation. He allegedly accessed the central identities data repository through an online app eKYC Verification which he had developed as a software developer on his own, according to sources close to him. The app was developed by him and not as part of the companies he is associated with. Indian Express reports that it did not belong to his current employer cab aggregator Ola (ANI Technologies Ltd), nor Qarth Technologies, the startup founded by him which was bought by Ola way back in March 2016.
Srivastava has been accused of illegally accessing the Aadhaar data repository of Unique Identification Development Authority of India (UIDAI) according to the complaint. After developing the app Srivastava placed it on Google Play Store. Notably, Srivastava’s batchmate Prerit Srivastava has said that he was not involved in it. The app delivered demographic data such as names, the address of individuals from the central identities data depository of Aadhaar. Archival data suggest the app was on Google Play store at least till June. According to Indian Express, the UIDAI has accused Abhinav Srivastava of illegally accessing Aadhaar data between January to July 26 2017.
You may also like to watch:
Ola had bought Qarth Technologies last year for its mobile wallet app X-Pay. According to start-up industry experts, X-Pay is the “fastest way to make person-to-person payment in India, with transaction time as close as 10 seconds”. If we go by Abhinav’s profile, he has proclaimed himself as a hacker and had worked as a security researcher at Iviz Security and has experience in exploring vulnerabilities in Internet Payment Gateways.
After UIDAI’s complaint against Shrivastav and an accomplice, Bengaluru Police have filed a case under Section 37 and 38 of The Aadhaar (Targeted delivery of financial and other subsidies benefits and services) Act, 2016.According to a senior officer of Bengaluru Police, “We do not know the number of people whose unique identity was verified using this app. It is a highly technical investigation and it has only begun.’’