Unique Identification Authority of India (UIDAI) has announced a bug bounty program to smoke out bugs and vulnerabilities in Aadhaar and its databases. As a part of the bug bounty program, the organisation will select top 20 ethical hackers for the job who will be given access to UIDAI’s Central Identities Data Repository (CIDR) that hold the Aadhaar data for over 1.32 billion Indians. Also Read - How to lock (or unlock) Aadhaar biometric details online: A step-by-step guide
“UIDAI consistently undertakes strategic security initiatives to strengthen its foundational security infrastructure for secure and safe delivery of Aadhaar services. In its endeavour to secure Aadhaar data hosted in UIDAI’s Central Identities Data Repository (CIDR), UIDAI intends to conduct a ‘Bug Bounty’ program along with responsible disclosure of vulnerabilities,” UIDAI wrote in a circular announcing its bug bounty program. Also Read - How to link Aadhaar with Voter ID online: A step-by-step guide
Who can apply to be a part of UIDAI’s Bug Bounty Program?
According to the details shared by UIDAI, the candidate who apply to be a part of the organisation’s bug bounty program should be either an individual or a group of individuals not representing or aligned to any organisation. The candidate should be an Indian residents having a valid Aadhaar number. “The candidate is responsible for reviewing his/her/their employer’s rules for participating in the Program and should be free from any conflict of interest with UIDAI,” UIDAI wrote in the circular. Also Read - How to download e-Aadhaar Card online: A step-by-step guide
The organisation also said that the candidate who applies to be a part of this program ‘must not be a current or former employee of UIDAI or one of its contracted technology support and audit organisations during past seven years’. In addition to this, the candidate, according to UIDAI, ‘should be listed in top 100 of the bug bounty leaders board such as HackerOne, Bugcrowd or listed in the Bounty Programs conducted by reputable companies such as Microsoft, Google, Facebook or Apple or the candidate should be active in the bug bounty community or programs and should have submitted valid bugs or received bounty in last one year’.
How can I apply for this program?
UIDAI said that interested people can submit their application to firstname.lastname@example.org to participate in the program. The organisation will select top 20 ethical hackers who will be given required accesses for finding vulnerabilities in Aadhaar databases.