Aadhaar biometric data is 100% secure, asserts India’s cybersecurity chief Gulshan Rai

The Hindu
May 02, 2018


Despite a series of government website failures, and the Supreme Court hearings over Aadhaar data security and privacy, India’s cybersecurity chief, Chief Information Security Officer in the Prime Minister's Office Gulshan Rai tells The Hindu he is confident of India’s cybersecurity systems, and says the government, consumers and civil society must work closer to ensure a balance between national security and privacy is maintained.

There have been a spate of incidents involving government run websites, including the Defence Ministry website, NICNET failures, and the Supreme court website being hacked. What is the reason for this?

There are several trends when it comes to cybersecurity that are leading to these attacks or incidents. The proliferation of IT is increasing in all sectors, including government, industry, everywhere. CERT has seen about one lakh reported cyber incidents in the past year, and the number is rising definitely. The financial sector has emerged as the place the most cyber incidents occur, then the government sector, then others. One startling trend is the spike in cases of cyber incidents in the medical sector.

Indians are facing increasing cyberthreats with bank accounts and identity details being hacked. How are you helping them?

I agree that cases are rising, but it must be remembered that the weakness in the banking industry is due to too much outsourcing for services. These are the weak links that criminals exploit to identify customers who can be taken advantage of. The fact is that technological hacks are less than human fraud in these cases, and consumers need to be better educated about the risks of fraud if they want to protect themselves.

The people who are most vulnerable are those lacking such education. Is the government then pushing too far and fast with its digitalisation goals?

No, there is no contradiction. The government is creating a massive awareness programme, pushing banks to advertise to educate consumers not to give away private information. Particularly after demonetisation, we have more than 2.8 billion e-transactions per day. Obviously, people have faith in these transactions. So transactions are increasing, and we need to do more to protect people, but consumers must do their bit too.

One of the big concerns on privacy and security comes from the Aadhaar database. In court, the government said there is “ten foot wall” to protect Aadhaar data, which raised many laughs, but on a serious note, how secure is the Aadhaar data of every Indian?
Yes, it is secure, one hundred per cent. Ultimately, what do you mean by the Aadhar database? There are two parts to it: the demographic data (name, age, address etc) and the biometric database. When people speak of security, they are referring to the biometric database. So far there have been no cases of biometric leaks. The central part has the maximum security, and is kept behind several rings of protection. Even with the worst cases of leaks that have appeared publicly, none have touched this central part. When Jio was attacked, it was their database that leaked, not the Aadhaar database.

But Jio has access to the Aadhaar database, as do others that need Aadhar authentication or “bridging” services?

Yes, but it is their databases that need to be secured better. We do 180 crore (18 million) of Aadhaar authentications everyday, how many breaches have been reported in comparison. I would say that accusations are far more than the reality. It is important for civil society groups to point out places where the government needs to improve, but it is necessary that they do it in a constructive manner.

Shouldn’t these input and authentication services also be taken care of by government agencies then? Does the Aadhaar act, which includes the provision of outsourcing to these companies (Section 8(4)) need to be amended?

These are places where we need to learn from experience, and Aadhaar has already moved to tighten its systems, and weed out such companies where there may be any problem. Let us remember that many countries want us to help them build their database. Why would they, if our system was not secure? We are the only country that has a 10-finger (biometric) database.

You have expressed such confidence, yet you have been quoted as saying you don’t use netbanking and I see you carry a small phone, not a smartphone. How confident are you personally about cybersecurity systems, and what precautions would you suggest to all?
My personal philosophy is that we must reduce our surface of risk. I do use netbanking, but I reduce my risk by using it for a separate account where I keep a small amount, not connected to my main account where I conduct internet transactions. What I said was that I don’t do any international internet banking, because I don’t believe we can control those transactions. I use a smartphone, but only when necessary.

Comments

Post a Comment

Popular posts from this blog

India Joins Russia in Voting Against West-Backed Move to Expand Powers of OPCW

The Wire: June 28, 2018 New Delhi: India voted against a UK-backed move that will allow the global chemical weapons watchdog to apportion blame for illegal attacks, criticising the decision to grant “unchecked powers” to the head of the group which could be used for “partisan” purposes. On Wednesday, more than two-thirds of the member states of the Organisation for the Prohibition of Chemical Weapons (OPCW) voted to authorise the international body to identify the perpetrators and sponsors of a chemical weapons attack. It also specifically called on the OPCW’s technical secretariat to begin work on identifying the perpetrators behind the use of chemical weapons in Syria. The draft decision, sponsored by 30 countries, was adopted at the fourth special session of the conference of the states parties to the Chemical Weapons Convention at the Hague, with 82 in favour and 24 negative votes. While Europe, the United States and their allies voted ‘yes’, there was strong oppo...
Read more

ED tracks Swiss Bank A/Cs of Agusta scamster

The Poineer February 10,2019 Rakesh K Singh The Enforcement Directorate (ED) has tracked a dozen Swiss bank accounts in the name of Rajiv Saxena, who is key accused in the Rs 3,600 crore AgustaWestland VVIP chopper scam. The ED has also found out accounts held by  his family members and associates where the kickbacks in the now scrapped deal were allegedly parked. Two bank accounts are in the name of Rajiv Saxena’s  associates Pankaj Jain and Sumita Jain who are also the authorised signatories. The  third is in the name of another associate Ajit Singh Bubber, but Rajiv and his family members are authorised signatories. The remaining nine accounts are largely owned and operated by Rajiv, his family members and associates. Rajiv Saxena was deported by the UAE authorities on January 30 and the ED formally arrested him the next day and a court later granted his remand to the agency. He is currently undergoing custodial interrogation by the ED. The agency had in 2017...
Read more

As financial insecurity rises in urban India, so does investment in insurance

Image
Scroll.in March 13, 2020 Urban Indians are becoming less confident about their financial security. Up to 58% of them fret over financial independence post retirement, which is a 4% increase from last year. An equal share of urban Indians worry about meeting their daily medical expenses and sustaining their current lifestyle once they stop working. The findings are part of a survey published by Delhi-based Max Life Insurance in association with London-based consultancy Kantar. The firms surveyed 7,014 respondents in 25 cities, including six metros, nine tier-1 cities, and 10 tier-2 cities, between December 2019 and January 2020. Source: Max Life Insurance via Quartz The trends Source: Max Life Insurance via Quartz Source: Max Life Insurance via Quartz Source: Max Life Insurance via Quartz A significant share of urban Indians also say their families will have no financial support in the event of the breadwinner’s death. In such a scenario, around 57% believe the family sav...
Read more