Access to phone makes Aadhaar app vulnerable
UIDAI's official Aadhaar app can be accessed without password if the hacker has access to person's phone, due to a flaw in the app.
Hyderabad: UIDAI’s official Aadhaar app can be accessed without password if the hacker has access to person’s phone, due to a flaw in the app. A French security researcher who goes by the name Robert Baptiste previously exposed several vulnerabilities, took to twitter and “Bypass the password protection of the official Aadhaar android app in 1 minute. For this attack, the attacker need a physical access to the phone, rooted phone is not needed and yes this is the latest version of the app(sic).”
Aadhaar app helps citizens to import their respective Aadhaar profile to smartphone instead of carrying the card.
The Android Package (APK) used in this app has been tampered. APK package file format used by the Android operating system for distribution and installation of mobile apps and middleware.