11 January, 2018

Aadhaar adds fresh security layer with 16-digit ‘Virtual ID’

For increased privacy of Aadhaar holders, the Unique Identification Authority of India (UIDAI) has introduced a temporary 16-digit virtual ID for Aadhaar holders that can be used in place of their Aadhaar numbers for authentication purposes. The new system, aimed at minimising instances of leak and misuse of Aadhaar numbers, will be effective from end of March. The announcement comes at a time when privacy concerns around Aadhaar are at peak after a newspaper expose on unauthorised access of the UIDAI database earlier this month.

Here's all you need to know about Virtual Aadhaar ID and how it works:

It isn't just the banks and income tax but an increasing number of private agencies too have started demanding Aadhaar number of their clients to authenticate their identity. By end of March, however, people will have an option not to do so. They will be able to share a Virtual ID instead. A Virtual ID is a temporary, revocable 16-digit random number that is mapped with the Aadhaar number.
The users will be able to generate, retrieve and revoke their Virtual ID number from UIDAI website, mAadhaar mobile app or Aadhaar enrolment centres.

The temporary virtual ID will give only limited details to the authorized agencies. For any kind of verification, only name, address and photograph will be shared. This will reduce the number of people who will know your Aadhaar number.

At any given point in time, there will only be one active and valid Virtual ID for any Aadhaar number.

The Virtual ID will be revocable and a user would be able to generate as many Virtual IDs as he or she wants. The older ID would automatically get cancelled once a fresh one is generated.

Since Virtual ID is temporary, agencies will not be able to use it to remove duplicates or ghost beneficiaries from their database. They will still need Aadhaar to do this.

Only Aadhaar number holders would be able to generate a Virtual ID. Identities like Authentication User Agency (AUA) and KUA (KYC User Agency) cannot generate Virtual ID on Aadhaar holder's behalf.

UIDAI will set a minimum validity period for Virtual ID and the user would be able to replace their ID from time to time.

All the authorization agencies and e-KYC services will have to ensure Aadhaar number holders are able to use Virtual ID. From June 1, 2018, it will be compulsory for authorized agencies to accept virtual ID for authentication.

UIDAI has also introduced another feature called 'Limited KYC' which provides need-based or limited details of a user to an authorised agency.

https://timesofindia.indiatimes.com/india/aadhaar-adds-fresh-security-layer-with-16-digit-virtual-id/articleshow/62450598.cms

https://www.ndtv.com/india-news/how-aadhaars-virtual-id-works-all-you-need-to-know-1798436

10 January, 2018

SBI, ICICI and more banking apps targeted by new malware

The newly discovered Android malware is targeting 232 banking apps including several Indian banks.
Some of the banking apps being targeted by new Android malware include Axis Mobile, HDFC Bank MobileBanking,
SBI Anywhere Personal, HDFC Bank MobileBanking Lite, iMobile by ICICI Bank, IDBI Bank GO Mobile+, Abhay by IDBI Bank Ltd, IDBI Bank GO Mobile,
Baroda mPassbook, Union Bank Mobile Banking, and Union Bank Commercial Clients.

The new Android Banking Trojan known as "Android.banker.A9480" was discovered by Quick Heal Security Labs
and it is claimed to be designed for stealing login credentials, hijacking SMSs, uploading contact lists and SMSs on a malicious server.

"Android.banker.A9480 is being distributed through a fake Flash Player app on third-party stores.
This is not surprising given that Adobe Flash is one of the most widely distributed products on the Internet.
Because of its popularity and global install base, it is often targeted by attackers," Quick Heal explains in a blog post.

https://gadgets.ndtv.com/apps/news/android-banker-a9480-malware-steals-bank-otp-232-apps-sbi-hdfc-axis-icici-target-quick-heal-1795635

http://www.timesnownews.com/technology-science/article/android-banking-trojan-targets-sbi-hdfc-idbi-and-more-banking-apps-steals-login-id-password-data-and-more/185169

03 January, 2018

How To Link Mobile Number (SIM) With Aadhaar Card From Home Via IVRS

Here's how the IVRS-based Aadhaar authentication through helpline 14546 works:

Once you call the toll-free helpline 14546, the IVR system asks you whether you are an Indian citizen or an NRI. 

The caller is to provide response 1 in case of Indian citizen.

The caller is then asked to enter his or her 12-digit Aadhaar number.

The IVRS then repeats the number entered and asks the caller to confirm by pressing response 1.

After this step, an OTP or One-Time PIN is sent to the registered mobile number.

The IVR system asks the caller to give consent to the telecom operator to pick his or her name, photo and date of birth from the UIDAI database.

The caller is asked to enter the OTP in the next step.

The caller is asked to press 1 to complete the Aadhaar-mobile number re-verification process.

*NRIs/OCIs are not eligible to enrol for Aadhaar and hence fully exempted from any Aadhaar verification of bank accounts/mobile SIM or other services, the UIDAI has said.



24 November, 2017

IMP. WEBSITES: ONLINE NEWS PAPERS

ONLINE NEWS PAPERS: 

Read thousands of worldwide news papers & Magazines at one place 
And u can also add the latest Links. 

14 November, 2017

Daily Security Mistakes You Should Stop Making

New Bacteria Could Turn Methane Into Clothes

Technology Breakthrough Allows Western Digital to Produce 40TB Hard Drives

All Wi-Fi Vulnerable To Hackers Due To Security Flaw