Sameer Kochhar , Chairman, Skoch Group , 11 February 2017

Given that Indian economy is fast becoming digital and from opening a bank account, to making financial transactions, for every facility, an Aadhaar Authentication is required. Even the Supreme Court has been working on making Aadhaar mandatory. Imagine my shock when I was told that Aadhaar can be hacked as it has very poor security. My eyes popped out when I saw the video as given below.

Apparently, when you use an Aadhaar enabled front-end application, your biometric is scanned and stored on the device along-with your Aadhaar Number. Common sense would tell you that such a number should be heavily encrypted – the fact is, it is not, every time you scan your biometric only one unique number is generated. In the name of security, it has an additional time-stamp and location added to this number. It takes an easy hack to change this information and anybody can become you and transact on your behalf.

This article is the first in a series of exposes that shows how India is being taken for a ride by vested interest on Aadhaar enabled payment systems. Some of the questions I am going to examine moving forward are:

Is there a deep-state at work to steal Digital India? Why have the Prime Minister and Finance Minister not been informed of such a serious problem? Who all in the government are aware of this flaw? Have the security agencies warned NPCI, UIDAI, RBI etc. on this problem? Why is this problem being kept under wraps? Who made BHIM app? Who owns the company that made BHIM app? Why is Niti Aayog and select media pushing BHIM? Why would Amitabh Kant say that soon there would be no need for PoS machines and card swipes as everything would be done on a biometric dongle and a mobile as shown in this video? Who is pushing this technology? Which bank(er) stands to gain the most? What is the role of a multinational foundation close to Niti Aayog?

As you all are aware that over the years Inclusion has been a serious magazine and has never indulged in sensationalism. This time our national security is at stake and to not blow a whistle would be tantamount to treason.

Watch this space for finding answers or even more meaningful questions on this site.

Video transcript

I am going to walk you all through the biometric verification process using mobile. So just to start with the process you just need to click on Start Verification Button. So here you’ll be taken to a page where you can see biometric. In order to proceed, you just click on Next button. So as you can see here, the device will ask you to connect the biometric device. So in my case, I have already connected the device earlier in order to avoid discontinuation, so as I click OK, I’ll be taken to the next screen where you can see Capture Button. If I click on Capture button the device gets active and I’m just putting my thumb, so this is how my thumb impression has been captured. In order to Verify the impression, I’m just clicking on Verify Button and this is how the Lead gets verified.

This is another slide, where saved lead can be verified, so if you click on Start Verification button, you need to select the biometric here you can see as you just need to click on Next Button and the application will show you the replica finger impression of the Aadhaar number without having Biometric device connected, so if I click on verify, the lead gets verified.

So guys here I wanted to show you the Aadhaar number can still be verified with stored biometric finger impression without having Aadhhar card holder physically being present here. Thank You.







(Sameer Kochhar can be reached at skoch@skoch.in)

Please enable JavaScript to view the comments powered by Disqus.

Disqus