You are here: Home » Economy & Policy » News
Business Standard

Aadhaar data kept, processed only on own secure servers: UIDAI

Role of the biometric service providers is to offer de-duplication software, says UIDAI

Press Trust of India  |  New Delhi 

Photo: Reuters
Photo: Reuters

The on Wednesday rejected charges that foreign firms were accessing sensitive data, saying no information has ever been stored or processed outside its own data centre and resides only within its fully-secured servers.

"data is fully safe and secure and has robust uncompromised security. The data centre is an infrastructure of critical importance and is protected accordingly with high technology, conforming to the best standards of security," the said in a statement.


The Unique Identification Authority of India (UIDAI), which is the issuing body, said such data is accessible only to the biometric software provider's solution for the purpose of processing of data "within the highly secure environment of data centre".

The data is stored, kept and processed only on the severs within its data centre. Moreover, it said these servers have no linkages to the "outside world" through the Internet or any other means, including laptops and pen drives.

The data centre premises are fully protected "physically", the claimed, adding that hardware supplies are also tested twice before being put to use in the data centre.

"No data has ever been kept, stored or processed outside the data centre and is always on servers," it added.

The said the role of the biometric service providers is to offer de-duplication software which too runs on UIDAI's and data centres.

"The biometric image data is never in physical possession of biometric service provider or any of its employees at any point of time, in any case," it said further.

The terms of contract require the software solution to be secure and conform to the government's data security guidelines, the statement said, adding that applications running on IT hardware too are secured through firewall and intrusion prevention system.

All the service providers are bound by strict confidentiality regime under the contract, and violation would lead to three years of imprisonment, it added.

The statement from the comes amid reports that an RTI application has revealed that the contract gave foreign firms access to classified personal data such as fingerprints and iris scan information.

The has been fire-fighting allegations of unauthorised access to data. Last week, WikiLeaks hinted that the had allegedly accessed the database, a claim strongly refuted by the

WikiLeaks, in a tweet last week, had said, "Have spies already stolen #India's national ID card database?"

It was alleged that the Central Intelligence Agency (CIA) was leveraging tools of US-based technology provider Cross Match -- incidentally, an vendor -- for snooping, and that sensitive data could have been compromised.

First Published: Wed, August 30 2017. 22:14 IST
RECOMMENDED FOR YOU