The Uttar Pradesh Police arrested 10 men on Sunday who allegedly bypassed the biometric systems of Aadhaar cards to come out with fake ones.
A Special Task Force (STF) of the police said a wide network of hackers created fake Aadhaar cards by cloning fingerprints. The STF operation, conducted in Kanpur led to the arrests.
According to the STF, the hackers used fingerprint copies to bypass the extensive biometric security set by the Unique Identification Authority of India or UIDAI which issues the cards and tampered with the source code of the application client to create a fake application client. Then they bypassed the authentication process to generate the fake cards. By doing this the hackers allegedly earned a sum of Rs 5,000 for each fake card.
A case has been filed at the Lucknow Cyber Crime police station under sections 419, 420, 467, 468, 471, 474 and 34 of the Indian Penal Code, Sections 66 and 66C of the Information Technology Act and Section 7/34 of the Aadhaar Act.
Police have recovered several gadgets used by the hackers including 38 fingerprints on paper, 46 fingerprints manufactured by chemicals, two Aadhaar finger-scanners, two finger-scanning devices, two iris retina scanners, eight rubber stamps, 18 Aadhaar cards, a webcam, GPS equipment and a Polymer Curing Instrument, 11 laptops and 12 mobile phones.
Police say that the UIDAI introduced retina scanning as part of the authentication process when it was realized that fingerprints were being cloned. However, investigators say that hackers have managed to create new client applications to hack and bypass biometrics.
A “security audit” of the Aadhaar enrollment process is on the cards after the discovery that the norms of the Information Security Policy of Aadhaar were not followed by registrars, enrolment agencies, supervisors, verifiers and operators.