UIDAI says Aadhaar misuse traceable, system secure

The UIDAI today dismissed reports of full Aadhaar details being made available on payment of Rs 500 by anonymous sellers, asserting that its system is "secure" and any misuse can be traced and action taken as it maintains complete log of various functions.
In a statement issued here, the Unique Identification Authority of India (UIDAI) reiterated that there "has not been any Aadhaar data breach".
"The Aadhaar data including biometric information is fully safe and secure," UIDAI claimed.
The statement comes amid news reports that anonymous sellers were offering unrestricted access to Aadhaar details for Rs 500 over WhatsApp.
The Aadhaar-issuing body said it has given the "search facility" for grievance redressal to designated personnel and state government officials to help residents, that too only upon entering their Aadhaar number.

"UIDAI maintains complete log and traceability of the facility and any misuse can be traced and appropriate action taken. The reported case appears to be instance of misuse of the grievance redressal search facility," it claimed.

UIDAI said since it maintains full log and traceability of the facility, legal action including FIR against the persons involved in the case, is being initiated.
UIDAI said even its grievance redressal search facility offers only limited access to name and other details and "has no access to biometric details".
"...there has not been any data breach of biometric database which remains fully safe and secure with highest encryption at UIDAI and mere display of demographic information cannot be misused without biometrics," it said.

At the same time, UIDAI said Aadhaar number is not a secret number, and is to be shared with authorised agencies whenever an Aadhaar holder wants to avail a service or benefit of government welfare schemes.
"Also, mere availability of Aadhaar number will not be a security threat or will not lead to financial/other fraud, as for a successful authentication, fingerprint or iris scan of individual is also required," UIDAI said adding that "claims of bypassing or duping the Aadhaar enrolment system are totally unfounded".