As technology progresses and more and more of our personal information becomes digital, it’s important to be able to protect ourselves and our assets from those who would try to steal or copy it. That was the thinking behind India’s Aadhaar system: a nationwide program to identify all the nation’s citizens and residents by unique ID codes, authenticated with biometric information, to ensure the highest level of security. Unfortunately, that security appears to have been compromised, and now 130 million residents of India are at risk of fraud.
Aadhaar and Biometrics
The Aadhaar system is a massive undertaking, which assigns a unique, 12-digit code to every resident of India. That 12-digit code is then linked to the bearer’s biometric data: digital scans of all ten fingerprints, plus a retinal scan. In this way, your identity can be confirmed simply by entering in a few digits. It’s used for a variety of different purposes, from financial transactions to receiving welfare, to health care and schools.
Unfortunately, many people who handle transactions using the Aadhaar system don’t look at the biometric data. In fact, in online and phone transactions, biometric data can’t be confirmed at all, as the person’s fingerprints and iris can’t be scanned. Yet the Aadhaar system is still used in such situations, even though it’s much less secure.
A Security Breach
So what happens if someone gets hold of an Indian resident’s Aadhaar number? Well, imagine if someone was able to procure your social security number. They’d have access to all of your important personal and financial information and be able to steal your identity, ruin your credit, clean out all of your money, and much more. This is what can happen in the Aadhaar system when identities aren’t confirmed by biometrics.
And unfortunately, this is exactly what has happened. An Indian government database was accessed, and Aadhaar numbers, birthdates, addresses, and other information was leaked in Excel spreadsheets that anyone could find simply by Googling. The potential damage done by this leak is massive, and authorities estimate that anywhere between 130 and 135 million people were affected by it.
For many experts, this incident just serves to highlight the massive flaws inherent in the Aadhaar system and hopefully force the Indian government to address and correct them.
Unless you’ve lived or worked in India over the past few years, chances are this enormous leak won’t affect you. However, identity theft is a very real problem in any country. What if someone did get hold of your social security number? What would you do? There are a few steps you can take.
First, to determine if someone is indeed using your number, review your social security earnings statement, as well as your credit report, to see if there’s any suspicious activity. If you find some, go to IdentityTheft.gov to report the fraud. Then notify the IRS, as well as the local police, to tell them what happened. They’ll be able to work with you to help you recover any lost money, such as wages or tax refunds, and hopefully find the person responsible. They’ll also help you get a new, hopefully more secure, social security number.
Identity theft is serious business. No matter how secure you think you are, there’s always the possibility that someone will penetrate your defenses, leaving you exposed and vulnerable. Protect yourself as best you can and be constantly vigilant against a suspicious activity or other signs of fraud. And if you go to India, try to avoid being issued an Aadhaar number, at least until the bugs are worked out of the system.