The Unique Identification Authority of India
(UIDAI) has registered a case with the Bengaluru Police against Abhinav Srivastava and Qarth Technologies
Pvt Ltd for misusing Aadhaar
data obtained from its website without any authentication.
Chennai-based Qarth Technologies
was acquired by India's largest taxi aggregator Ola
in March last year, to help grow its in-house payments service. Srivastava, the founder of Qarth, worked at Ola
in the position of "Hacker at Ola
Connected Car Platform", as per his LinkedIn Profile.
declined to comment on Srivastava's current position in the company, while his LinkedIn profile has been edited to hide all his professional experience.
"He has a play store app and access to information from the Aadhaar
website without the permission of UIDAI
and offers eKYC services to users. He had joined hands with another person to leak Aadhaar
details," the report filed by Ashok Lenin, Deputy Director at UIDAI's regional office in Bengaluru, with the city police states.
While the report does not divulge any further details on the nature of the violation, a cyber expert who did not want to be named speculated that Qarth could have been using someone else's license to access Aadhaar
data for eKYC, which is not allowed as per the regulations set by the Aadhaar
has neither commissioned nor is involved in any such activity. No such complaint has been brought to our notice," Ola
said in an e-mail statement.
Qarth had developed an app X-Pay
that allowed customers to process one-touch mobile payments through their bank accounts. The company was acquired by Ola, which was looking to strengthen its own Ola
Money digital wallet.
"An investigation has begun and he has been briefed about the complaint," read the first information report (FIR). Other media reports said that the data theft began on January 1 and went undetected until July 26.