NEW DELHI: Amid concerns raised by Moody’s Investor Services over the safety of Aadhaar, the government has said that not only the biometric citizen identity system but all applications under “India stack” remain highly protected against cyberattacks despite the country witnessing several hack attempts every single day.
Abhishek Singh, the CEO and MD of Digital India Corporation, under the IT ministry, said that the trust of citizens in government-managed services remains strong as the systems are safe, secure, and protected. “…the security and privacy is unparallelled (and) the amount of efforts the government spends in ensuring that our data and our systems remain safe doesn’t get noticed, because there are no breaches, or no major breaches. We have heard about Citibank losing their data, or LinkedIn losing data, or big companies losing their data. But Aadhaar data has been completely safe and secure,” Singh said at The Times of India Right To Excellence-Tech Summit 2023.
The senior IT Ministry official said there is complete safety and security of data, and most people are able to use India stack. “When it comes to inclusion, and when it comes to empowering people, technologies help. There will be some critiques and that’s okay.”
Singh said that the government is making a lot of efforts to ensure that systems remain safe. “We are safe till the next breach, because the amount of attacks that happen on our systems are probably the highest in the world because of the neighbourhood that we live in. So kudos to the engineers at CERT-In (India’s top cybersecurity agency) and other people who are 24×7 on the job to ensure that our systems remain safe and secure.”
He said security audits are carried out at regular intervals to check vulnerabilities. “Because in any software system, there will be vulnerabilities. We always hear of zero day vulnerability and all kinds of issues. So, the tech teams keep on checking that all the time. The other important thing that we do is that most of our systems follow the federated architecture — in the sense that we don’t centralise the data.”
Giving an example, he said that the DigiLocker app currently has 20 crore users and six billion documents. “But it’s not that all the data is stored at one location. So, data is actually stored with the data fiduciary who is the owner of the data.” He said under the Ayushman Bharat digital mission, health records are not kept in a centralised data centre, but rather remain with a hospital’s data centres or the service provider used by the hospital. “And whenever you need your health records, you will be able to fetch it on your phone or on your device and share it with your consent to a private third party.”
This, he said, makes it safer than the documents being kept in a physical form in paper records. “Anybody could photocopy or do anything without any audit trails.”
Abhishek Singh, the CEO and MD of Digital India Corporation, under the IT ministry, said that the trust of citizens in government-managed services remains strong as the systems are safe, secure, and protected. “…the security and privacy is unparallelled (and) the amount of efforts the government spends in ensuring that our data and our systems remain safe doesn’t get noticed, because there are no breaches, or no major breaches. We have heard about Citibank losing their data, or LinkedIn losing data, or big companies losing their data. But Aadhaar data has been completely safe and secure,” Singh said at The Times of India Right To Excellence-Tech Summit 2023.
The senior IT Ministry official said there is complete safety and security of data, and most people are able to use India stack. “When it comes to inclusion, and when it comes to empowering people, technologies help. There will be some critiques and that’s okay.”
Singh said that the government is making a lot of efforts to ensure that systems remain safe. “We are safe till the next breach, because the amount of attacks that happen on our systems are probably the highest in the world because of the neighbourhood that we live in. So kudos to the engineers at CERT-In (India’s top cybersecurity agency) and other people who are 24×7 on the job to ensure that our systems remain safe and secure.”
He said security audits are carried out at regular intervals to check vulnerabilities. “Because in any software system, there will be vulnerabilities. We always hear of zero day vulnerability and all kinds of issues. So, the tech teams keep on checking that all the time. The other important thing that we do is that most of our systems follow the federated architecture — in the sense that we don’t centralise the data.”
Giving an example, he said that the DigiLocker app currently has 20 crore users and six billion documents. “But it’s not that all the data is stored at one location. So, data is actually stored with the data fiduciary who is the owner of the data.” He said under the Ayushman Bharat digital mission, health records are not kept in a centralised data centre, but rather remain with a hospital’s data centres or the service provider used by the hospital. “And whenever you need your health records, you will be able to fetch it on your phone or on your device and share it with your consent to a private third party.”
This, he said, makes it safer than the documents being kept in a physical form in paper records. “Anybody could photocopy or do anything without any audit trails.”