If you are worried about the security of your Aadhaar data, here is some news for you. Your biometric data is stored in such a system that it will take for a fastest computer in the world more than the life of the universe to hack it; this is what UIDAI CEO Ajay Bhushan Pandey told the Supreme Court on Thursday. That is not all.
The complex where these systems are kept or protected has a 13-feet high and five feet thick walls, Attorney General KK Venugopal told the apex court hearing a number of pleas challenging the constitutional validity of Aadhaar. In last two days, two top government officials - Ajay Bhushan Pandey, KK Venugopal - have explained the technology and structure that have been put in place to protect the sensitive data. Does the UIDAI data centre really have a 13 feet high and five feet thick wall?
UIDAI DATA CENTRES
The UIDAI has two data centres, one at Bengaluru in Karnataka and another at Manesar in Haryana. The Bangalore data centre is the city's first blast, flood and earthquake-proof building. The centre, which was constructed by state-owned Engineers India at a cost of Rs 116 crore, is spread over 6,245 sqm and has a storage capacity of 6 peta bytes with 4,000 servers. The building is blast proof with category 'C' rating. It has a 500-mm-thick wall. The home ministry had sanctioned a 162-member CISF (Central Industrial Security Force) squad to guard the highly sensitive data centre.
The Manesar facility is a state-of-the-art, energy efficient, captive green data centre as per global standards and guidelines, according to former UIDAI DG RS Sharma. The data centre is designed as per seismic zone-IV compliance requirements. The Manesar Data Centre houses a building to accommodate UIDAI Biometric Centre of Competence or UBCC and National Training Facilities of UIDAI. The foundation stone for this Data Centre was laid by former Haryana Chief Minister Bhupinder Singh Hooda in 2013.
The Supreme Court on Thursday allowed the UIDAI CEO to give presentation to explain the Aadhaar security system. The Court asked the Aadhaar CEO to address concerns such as surveillance, data security and exclusion of some people from receiving government benefits in case of authentication. The petitioners, challenging the Aadhaar, had earlier argued that the biometric collection from 2010 to 2016 was illegal and invalid.
Explaining the security system of the Aadhaar, UIDAI CEO said that the entire data gets encrypted, even the fastest system in the world can't breach it. However, the bench said that it gets encrypted when it reaches you, but what about the collection centre where it could be captured by a private party. On this point, AB Pandey said that UIDAI did not share biometric details with anyone and the moment 'the resident presses the save key, entire data gets encrypted by the 2048-bit key'.
On authentication and foreign developed software, the UIDAI chief told the court that the agency has bought data matching software from the world's top three companies and stored on UIDAI's servers. The details saved on these servers are not shared with the software-providers, claimed AB Pandey. To make his point, Pandey said that even banks use such software but they don't share their details with software developers.