Kaarana

A strange year in Aadhaar – Kaarana – Medium

This is a very personal account of how I became an Aadhaar critic. It was September 2016 and I was staring at my grand father’s notes on the effects of Saturn, which represents the idea of limits in all human endeavours and provides brutal reminders of this concept during 3 blocks of 7.5 years of […]

Aadhaaritis effects on PayTM usability & security – Kaarana – Medium

So Paytm Payments Bank recently introduced entry of Aadhaar for password resets. As with many, I had been a PayTM user for years now, I was so convinced of its utility, that I chose to upgrade myself to a full KYC status providing my PAN card, back when eKYC didnt exist. In this post, I […]

Insecure App Making – Kaarana – Medium

The application eco-system built around Aadhaar is vulnerable to malware. In this article we will describe this vulnerability in detail and how the conflicting requirements between utility, security, delegation and profit making, created the perfect environment for this vulnerability to come about in the Aadhaar system, as acknowledged by Nandan Nilekani himself. Security and Utility […]

It is the Math. that is the problem – Kaarana – Medium

Why do biometric devices that work in one setting do not work well in other settings? The usual answers to this question are: There is a variance in the conditions. Operator errors which will go away once everyone gets trained on using the device (including users). There are people who want to see the system […]

The inside man (Part 4) – Kaarana – Medium

A version of this story appeared in a different form in AltNews. Do read Part 1 (Very technical), Part 2 (Non technical) and Part 3 (Technical) for background. The Breach Was Aadhaar really breached? After all did not Nandan Nilekani, proudly say “Show me even one example of data theft. Aadhaar is very, very secure” […]

Knowing Your Transactions (and thyself) – Kaarana – Medium

By Anand Venkatanarayanan and Anivar Aravind This is Part 3 of a series on Ola Qarth FIR. Here we focus more on why eKYC design is flawed and why it can’t be used for fraud prevention (someone getting multiple SIMs on your name), expanding further the issues pointed by Prof. Jayant Varma. We also point […]

UID Savings on NREGA – Kaarana – Medium

The Government of India has argued in the Supreme Court and Parliament that its primary purpose in promoting Aadhaar is to improve the efficiency of social schemes, and that the use of Aadhaar has generated huge savings since 2014. The UIDAI (in a statement), its CEO Dr AB Pandey (in a column) and the Attorney […]

When UIDAI Leaks Aadhaar numbers directly from Its servers

In India, on past one month there are many news reports on various #AadhaarLeaks from Aadhaar seeded Govt services. As of now combined number of Aadhaar numbers leaked will cross 200 million , considering various leaks from Employment Guarantee, minor /student scholarship portal leaks, Social assistance schemes, and various pension schemes. Yesterday I was closely […]

Back to top