Context: The Unique Identification Authority of India (UIDAI) has launched its first structured Bug Bounty Programme to strengthen the cybersecurity of the Aadhaar ecosystem.
About Bug Bounty Programme:
What it is?
- A Bug Bounty Programme is a cybersecurity initiative where organizations invite ethical hackers and security researchers to identify vulnerabilities in digital systems.
- Participants are rewarded for responsibly reporting security flaws before malicious actors can exploit them.
Aim:
- To strengthen the security of digital platforms by proactively identifying vulnerabilities.
- To promote responsible disclosure of security flaws and enhance trust in digital infrastructure such as Aadhaar systems.
Key Features:
- Expert Participation: 20 experienced ethical hackers and cybersecurity researchers selected for the programme.
- Scope of Testing: Researchers will test key UIDAI digital assets including the UIDAI website, myAadhaar portal, and Secure QR Code application.
- Risk-Based Reward System: Vulnerabilities categorized as Critical, High, Medium, and Low, with rewards based on severity.
- Public–Private Collaboration: Implemented in partnership with ComOlho IT Private Limited, a cybersecurity solutions provider.
- Layered Security Approach: Complements existing security measures such as security audits, vulnerability assessments, penetration testing, and continuous monitoring.
Relevance in UPSC Examination
GS Paper III – Science & Technology
- Cybersecurity, digital infrastructure protection, ethical hacking, and vulnerability management.
GS Paper II – Governance
- Digital governance initiatives, Aadhaar ecosystem, and data protection in public service delivery.
