[Representational image]Flickr.com/Victor

A Bengaluru-based engineer has been arrested by the police for allegedly accessing Aadhaar data of people illegally and building an app which verifies it.

 The actions come after similar allegations had surfaced against a subsidiary company of Ola just about a week ago. Reports stated that a subsidiary of Ola called Qarth Technologies was stealing Aadhaar data. 

Ola, in a statement released to the local edition of a daily, washed its hands of the entire matter, claiming it has "nothing to do with the arrest."

Illegal access

The City Crime Branch (CCB) of the Bengaluru City Police on Tuesday, August 1, arrested Abhinav Srivastava after a case was registered against him at High Grounds police station a week ago over. The complaint was filed by Unique Identification Authority of India (UIDAI) Deputy Director Ashok Lenin.

The Kanpur-resident engineer is a postgraduate in Industrial Chemistry from IIT-Kharagpur, and was arrested from the Koramangala area of South Bengaluru on Tuesday. The police recovered a CPU, four laptops, a tablet, four mobile phones, six pen drives and some other accessories — with a total worth of Rs 2.25 lakh — from Srivastava.

He is accused of developing an app for the Android OS platform that illegally accesses Aadhaar data from the National Informatics Centre (NIC) servers for e-verification. Shockingly, the app had not only made its way to Google Play Store but had also been downloaded more than 50,000 times and netted Srivastava Rs 40,000 before it was shut down. 

Aadhaar stall
In picture: An Aadhaar enrolment stall. [Representational image]UIDAI official website

Heavy damage?

The true extent of the damage caused by Srivastava's actions will become apparent only as the investigation into the case progresses, but one may get a rough idea of it from the police complaint Lenin had made. 

He had said in the complaint: "Qarth workers have developed an app and accessed details on Aadhaar website without authentication and provided the same as e-KYC details. The Data theft started on January 1 and went on until July 26."

Under Section 37 of the Aadhaar Act, people who share or access Aadhaar data without permission are punishable with a term imprisonment up to three years along with a penalty of Rs 10 lakh.

Ola has, meanwhile, distanced itself from Qarth technologies. The ride-hailing service has been quoted by the Hindu as saying: "The company has nothing to do with the arrest nor did it authorise the person to develop the app."