Security News > 2022 > May > Indian authorities issue conflicting advice about biometric ID card security
The Unique Identification Authority of India has backtracked on advice about how best to secure the "Aadhaar" national identity cards that enable access to a range of government and financial serivces.
Privacy concerns have also been raised over whether biometric data is properly secured stored and secured, if surveillance of individuals is made possible through Aadhaar, and and possible data mining of the schemes' massive data store.
UIDAI did not help assuage such fears last Friday, when its Bengaluru office issued that card-holders should not share photocopies of their Aadhaar card because it could be "Misused." Copies of cards were sometimes required when checking into hotels.
UIDAI has previously advised, in an FAQ that "No Aadhaar holder has suffered any financial or other loss or identity theft on account of any said misuse or attempted impersonation of Aadhaar." The document was likened to a mobile phone number or bank account number, something that requires "Ordinary protection" to secure privacy.
"UIDAI issued Aadhaar card holders are only advised to exercise normal prudence in using and sharing their UIDAI Aadhaar numbers," said UIDAI in a canned statement before describing the technology's ecosystem as having "Adequate features for protecting and safeguarding the identity and privacy" of the user.
The Register fancies replacing the photograph on the card could make it a handy fake ID - hardly worth the panic of recommending against an established practice.