NewKerala.com

UIDAI Launches Bug Bounty Program to Fortify Aadhaar Security

The Unique Identification Authority of India (UIDAI) has launched a structured Bug Bounty Programme to strengthen the security of the Aadhaar ecosystem. A selected panel of 20 cybersecurity researchers will probe key digital assets like the UIDAI website and myAadhaar portal for vulnerabilities. Researchers will be rewarded based on the severity of the security issues they identify, in line with global practices for major technology platforms. This initiative complements UIDAI's existing security measures, which include regular audits and penetration testing, and follows a recent drive that enabled biometric updates for over 1.2 crore school children.

Key Points: UIDAI Bug Bounty Program for Aadhaar Security

  • Panel of 20 security experts to probe UIDAI systems
  • Rewards based on severity of vulnerabilities found
  • Focus on websites, portals, and QR code app
  • Part of ongoing multi-layered security strategy
  • Aligns with global tech security practices
2 min read

UIDAI launches bug bounty programme to strengthen Aadhaar security

UIDAI launches a bug bounty program, inviting ethical hackers to find vulnerabilities in Aadhaar's digital platforms to enhance security for residents.

"The new Bug Bounty Programme is another example of how UIDAI continuously strives to further strengthen and ensure that its platforms remain secure - Ministry of Electronics & IT"

New Delhi, March 11

The Unique Identification Authority of India on Wednesday launched structured Bug Bounty Programme to further strengthen the security of the Aadhaar system, inviting independent cybersecurity experts to identify vulnerabilities in digital platforms.

A panel of 20 experienced security researchers and ethical hackers has been selected to look for possible weaknesses in some of UIDAI's key digital platforms, an official statement said.

They will examine UIDAI digital assets such as UIDAI official website, myAadhaar portal and the Secure QR Code application.

Researchers will check these systems for vulnerabilities classified as Critical, High, Medium and Low risk and will receive rewards in line with the severity of issues they find, the statement from Ministry of Electronics & IT said.

The ministry said the programme is being run in partnership with M/s ComOlho IT Private Limited, a cybersecurity solution provider.

The new Bug Bounty Programme is another example of how UIDAI continuously strives to further strengthen and ensure that its platforms remain secure for residents and stakeholders, the statement noted.

Such programmes are widely used around the world by major technology platforms to make digital systems safer and more future ready.

UIDAI believes information security is critical in today's digital world, and UIDAI is continuously engaged in improving its digital assets keeping people's interest in mind, it added.

The authority already uses several layers of protection, including regular security audits, vulnerability assessments, penetration testing, and continuous monitoring.

UIDAI recently announced covering over 1.03 lakh schools nationwide to facilitate mandatory biometric updates (MBU) for students under Aadhaar. The initiative has enabled nearly 1.2 crore children to complete their biometric updates within their school premises.

The mission-mode drive began in September 2025 following integration with the Unified District Information System for Education Plus (UDISE+) platform of the Department of School Education & Literacy.

- IANS

Share this article:

Reader Comments

P
Priya S
Good initiative, but I hope the rewards are substantial enough to attract top talent. Global bug bounties pay lakhs for critical flaws. For something as crucial as Aadhaar, we need the best minds on the job. The security of crores of citizens depends on it.
R
Rohit P
Finally! This should have been done years ago. With so many data leaks in the news, this brings some confidence. Hope they are transparent about the vulnerabilities found and fixed. Public trust is key.
S
Sarah B
As someone who works in tech, this is a global best practice. Google, Microsoft, they all do it. It's smart to crowdsource security. The real test will be how quickly they patch the bugs that are reported.
V
Vikram M
A step in the right direction, but security is an ongoing process, not a one-time programme. Along with this, they must focus on educating the common man about Aadhaar safety - not sharing OTPs, being wary of phishing calls, etc. Janta ko bhi jaagruk hona hoga.
K
Karthik V
Respectfully, while this programme is good, my concern remains about the mandatory linking and biometric updates for school children mentioned at the end. Are we collecting too much data from our kids? The security needs to be ironclad for their future.
A

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50