Security and Privacy Challenges of Aadhaar-based AuthenticationNa. Vijayashankar Reviews the Risks Inherent in Aadhaar
Because the Aadhaar identification system is now being used for many purposes for which it was not designed, such as transaction authentication, the risks involved are growing, says cyberlaw expert Na. Vijayashankar, who's known as Naavi.
See Also: Assessing Threats Outside the Perimeter
"Originally a person's Aadhaar number was supposed to be confidential, and not to be reduced to a printable item or card. This is where risks started coming into the Aadhaar system," Naavi says. "Today the Aadhaar ID is being used at hundreds of locations by an individual, and the risks are coming in at the usage points." (see: India's Banks Must Move to Aadhaar-Based Biometric Authentication)
The Aadhaar-enabled payments system is amplifying these risks because it was not designed to support transactions, he adds (see: Aadhaar Authentication for Banking: Is It Premature?).
In an exclusive video interview with Information Security Media Group in Bengaluru, Vijayashanka discusses:
- The Aadhar-enabled authentication and payments system;
- How Aadhaar risks need to be addressed;
- Data protection and privacy in India.
Vijayashanka is a cyber law and information assurance consultant based in Bengaluru. He is the author of the first book and e-book on cyber laws in India. He has also written "Cyber Laws, Corporate Mantra for the Digital Era" and "Cyber Laws Demystified". Vijayashanka is the founder of www.naavi.org, a cyber law portal, where he blogs regularly. He has conducted training of Tamil Nadu and Karnataka police on several cyber law courses.