UIDAI has started “Bug Bounty Programme”, in which 20 top hackers have been invited. There has been a demand for such a program for some time now due to the many perceptions regarding the lapses in the security of Aadhaar data. News18 quoted an order issued by UIDAI on July 13 and informed that the authority has decided to run a bug bounty program on its system. Hackers invited in this program have been given a challenge to find flaws in the security system of Aadhar card.
The report says that 20 different hackers or groups will be given a chance to study UIDAI’s Central Identity Data Repository (CIDR), which stores the world’s largest digital database, i.e. Aadhaar data of 132 crore Indians. “The selected candidate must be listed in the top 100 of the Bug Bounty Leaders Board such as HackerOne, Bugcrowd or should be listed in the Bounty Program conducted by reputed companies such as Microsoft, Google, Facebook or Apple etc.,” the order said.
The order further said, “The candidate should have submitted a valid bug in the past one year or received the bounty.” These hackers will also be required to sign a non-disclosure agreement with UIDAI and follow its instructions. The report further says that the UIDAI has also interestingly stated that the 20 hackers selected for the program “must have a valid Aadhaar number and must be Indian residents”.
The authority states that if it receives more than 20 applications, UIDAI reserves the right to evaluate and select the top 20 suitable candidates.