This Article is From Mar 23, 2018

Will Take Supercomputer "Age Of Universe" To Hack Into Data: Aadhaar Boss

The Supreme Court observed during hearing into the Aadhaar case that people were suffering due to authentication failures.

UIDAI chief Ajay Bhushan Pandey today made a presentation before Supreme Court judges

Highlights

  • UIDAI chief gives presentation to top court focused on Aadhaar security
  • Says it would take billions of years to crack into system
  • Aadhaar system has faced strong concerns of user data being compromised
NEW DELHI: Aadhaar data has been secured by a 2048-bit encryption key that will take a supercomputer more than the age of universe, or over 13 billion years, to crack, Ajay Bhushan Pandey, the chief of UIDAI which runs the identification programme, told the Supreme Court today. Mr Pandey, who made an 80-minute rare presentation before the five judges of the top court, said once any Aadhaar data reached its central database, it could not be shared with anyone except on grounds of national security.

The thrust of Mr Pandey's presentation was to establish that the Unique Identification Authority of India, or UIDAI, which holds biometric data of 1.2 billion Indians, had taken steps to ensure that its database could not be accessed by anyone.

Mr Pandey said UIDAI received about 4 lakh authentication requests in a day but underlined that the authority did not collect the location or purpose of the transaction. "From 1 July 2018, face identification will also be used for authentication," he said.

The judges, however, were also concerned about frequent reports of people being denied services because the Aadhaar programme wasn't able to authenticate their identity.

Like a ration shop in Jharkhand turning back a woman who later died on grounds that her authentication had failed. "But the ration was shown to have been delivered to that lady. How do you deal with such a situation," Justice AK Sikri, one of the five judges on the bench, asked.

Mr Pandey said they did probe this case. "We found that in the same village, the shop keeper not only denied food grains to the lady but to a few others also, saying biometrics didn't match. But it matched," he said.

"Every problem can't be solved by Aadhaar," the UIDAI chief acknowledged.

Justice DY Chandrachud said failure of authentication was one thing but they had to address the failure to provide benefits even after authentication has taken place.

KK Venugopal, the centre's top law officer had yesterday persuaded the constitution bench, to allow Mr Pandey to make a presentation in the court where he could address aspects relating to the technology used by UIDAI.

Mr Pandey will continue the presentation on Tuesday, 27 March.

The five-judge court had started hearing the batch of petitions challenge the identification programme and has held nearly 20 hearings since January. Campaigners and experts have raised concerns about privacy and the safety of the data, the susceptibility of biometrics to failure, and the misuse of data for profiling or increased surveillance.

Aadhaar was launched by the previous UPA in 2009-10 to reduce the government's subsidy bill and improve the delivery of services. A 2016 law pushed through parliament, however, gave the government power to force people to produce their Aadhaar number to access government services.
.