SBI Alleges Aadhaar Data Misuse
Image Coutesy: Maharashtra Times
New Delhi: State Bank of India (SBI) officials have alleged that data of the Unique Identification Authority of India (UIDAI) has been misused. Bank officials informed UIDAI that logins and biometrics of their Aadhaar operators have been misused to generate Aadhaar cards, according to a report in Times of India. Countering the claims, UIDAI has said that no security breach, biometric or otherwise, has taken place as their Aadhaar database is fully secured.
The entire issue unfolded when SBI, like other banks, was given an Aadhaar enrolment target for which it selected FIA Technology Services Pvt. Ltd and Sanjivini Consultants Pvt Ltd. as vendors in the Chandigarh region, which covers Haryana, Punjab, Himachal, Jammu & Kashmir and the Union Territory of Chandigarh itself. However, of the nearly 250 operators employed with these agencies, almost half were penalised in the last two months and were either deactivated or blacklisted, which brought SBI’s Aadhaar enrolment to a halt. As a result, the public sector bank failed to meet targets and face penalties.
As per the TOI report, one of those penalised was Vikram-40, who worked as an Aadhar operator at an SBI branch for a monthly salary of Rs 10,000 in Uchana village in Haryana’s Jind district. It is also reported that on December 26, 2018 UIDAI fined him more than Rs 33 lakh.
According to UIDAI, what had happened was that Vikram had used his operator ID to generate Aadhaar cards using fraudulent documents between November 9 and November 17, 2018. UIDAI alleged that it was done using multiple station IDs in Vikram’s name, which allowed 143 Aadhaar cards to be made from multiple devices. It said every device like a laptop, desktop or tablet used for Aadhaar enrolment is registered with UIDAI and identified by a station ID.
But, as pointed out by SBI officials, as a “registrar” (as all banks entrusted with Aadhaar enrolment are) only SBI could have approved multiple station IDs and they had not done so. Therefore, the bank’s officials in Chandigarh wrote to their corporate office in Mumbai to appraise the matter with UIDAI saying that they did not create these multiple station IDs and there must have been lacunae in UIDAI’s security system that allowed someone to hack and create multiple station ID’s in Vikram’s name.
Even more baffling was the misuse of Vikram’s personal biometrics, such as fingerprints, to generate Aadhaar cards, carry out unexplained transactions at places like the I-T department, Maharashtra government, Madhya Pradesh government, National Informatics Centre and various banks with money also being withdrawn from his personal accounts. All this while, UIDAI did not act against any bank official, which would have been the case had there been a lapse or wrongdoing by SBI officials.
SBI Deputy General Manager B Rajendra Kumar told the newspaper that he was aware of misuse of Vikrams’s biometrics and problems faced by other sub vendors and that their corporate office had raised the issue with UIDAI and had urged UIDAI to make their system more transparent with them and to make their database more secure.
An internal inquiry by the bank and the agency has cleared Vikram of all the charges levelled by UIDAI and SBI has requested the authorities to remove the penalty and allow Vikram to return to work. In a reply sent to TOI, UIDAI refused to share details of the case but admitted that an inquiry was going on. Meanwhile, almost all the operators were cleared by UIDAI and allowed to return to work except Vikram.
On January 9, the authorities finally introduced an additional step in the registration of Aadhaar operators as an extra security step.
Get the latest reports & analysis with people's perspective on Protests, movements & deep analytical videos, discussions of the current affairs in your Telegram app. Subscribe to NewsClick's Telegram channel & get Real-Time updates on stories, as they get published on our website.