New Delhi: The Unique Identification Authority of India (UIDAI) has launched a structured Bug Bounty Programme aimed at further strengthening the security of the Aadhaar ecosystem.
Through this initiative, the authority is inviting cybersecurity experts and ethical hackers to identify potential vulnerabilities in its digital platforms and report them responsibly in exchange for rewards.
The Bug Bounty Programme marks a new step in UIDAI’s efforts to safeguard digital infrastructure associated with Aadhaar.
The programme encourages independent security researchers to detect and disclose vulnerabilities across selected UIDAI digital assets while adhering to responsible disclosure practices.
20 Security Researchers Selected for Bug Bounty Programme
As part of the programme, UIDAI has selected a panel of 20 experienced security researchers and ethical hackers. These experts will examine several critical digital platforms operated by the authority.
The selected participants will analyse systems including the UIDAI official website, the myAadhaar Portal, and the Secure QR Code Application.
Under the Bug Bounty Programme, the researchers will search for potential vulnerabilities across these platforms and report their findings to the authority.
Also Read: UIDAI Google Maps Integration to Display Authorised Aadhaar Centres Across India
Vulnerabilities Categorised by Severity
The Bug Bounty Programme evaluates discovered vulnerabilities across four categories based on severity:
- Critical
- High
- Medium
- Low
Rewards under the programme will be determined according to the seriousness of the reported issue.
Researchers who identify legitimate vulnerabilities and disclose them responsibly will receive incentives corresponding to the severity level.
Collaboration with Cybersecurity Partner
UIDAI is implementing the Bug Bounty Programme in partnership with ComOlho IT Private Limited, a cybersecurity solutions provider.
The company will support the initiative by facilitating coordination with participating researchers and assisting with vulnerability reporting and validation processes.
Strengthening Information Security for Aadhaar
According to UIDAI, information security remains a critical priority in an increasingly digital environment. The authority already employs multiple security measures to safeguard Aadhaar-related digital systems.
These include regular security audits, vulnerability assessments, penetration testing, and continuous monitoring of digital infrastructure.
The introduction of the Bug Bounty Programme adds another layer of protection by enabling independent experts to help identify hidden risks.
The Bug Bounty Programme is expected to further strengthen the resilience of UIDAI’s digital platforms and ensure that Aadhaar services remain secure for residents and stakeholders.
Global Practice in Cybersecurity
Bug bounty initiatives are widely used by technology companies and digital platforms worldwide as a proactive cybersecurity strategy.
By inviting ethical hackers and security researchers to test systems, organisations can detect vulnerabilities early and strengthen their digital defences.
