The Times of India reports that a SIM card distributor has been arrested for using fake fingerprints to fraudulently activate 6,000 SIMs in order to earn extra commission. The fraud was only noticed because the national biometric authorities noticed an unusual number of queries of their database.
P Santosh Kumar, who distributed Vodafone prepaid SIMs in Dharmaram, a town in the Indian state of Telangana, is accused of illegally accessing property records maintained on India’s national Aadhaar biometric identity database. Kumar allegedly downloaded the details of individuals registered on the database and then recreated their fingerprints using a process he had learned from watching videos on YouTube.
The Unique Identification Authority of India (UIDAI), the government department who runs the Aadhaar program, initiated an investigation after spotting how many queries came from the machine used by Kumar. Kumar was arrested after UIDAI passed their information to the police.
New technology based on biometric data offered the potential to greatly enhance security by implementing identity checks which would have been difficult to defeat. The value to telcos is obvious; comms providers serve millions of people each day but rarely see them face to face. However, if there is inadequate security protecting biometric data then it does not matter that properties like fingerprints are unique to each individual. It can be said that fraud is a ‘race’ between criminals and the people seeking to stop them, but criminals will find it easy to catch up if the authorities carelessly supply the security data they previously amassed. There are indications that several countries have already blown the advantage they gained by implementing national biometric controls because they have not sufficiently limited access to the biometric data.
The full story of this scam can be found in The Times of India by looking here.