Lately, the potential security issues around the Aarogya Setu application have been puzzling the users and created quite a stir. On Twitter, French ethical hacker Robert Baptiste, who tweets with an other name Elliot Alderson, posted that he had discovered a significant security issue on the Aarogya Setu application that could be a threat to the citizens.
In a tweet, Elliot Alderson says, “A security issue has been found in your application. The protection of 90 million Indians is at stake . Would you be able to reach me in private?” by tagging he official handle of the application. After a 49 min duration he tweeted again by tagging @IndianCERT and @NICMeity stating that the concerned authorities reached him out and issue has been revealed to them.”Aarogya Setu app designers within a stipulated time responded and made a statement explaining how the application functions.
“No personal information of any user has been proven to be at risk by this ethical hacker,” Aarogya Setu officials stated on its twitter handle. And also added that team Aarogya Setu has been continuously upgrading the system to not let any data or security breach issue occur.
They claim that the Aarogya Setu application is designed to identify a user’s area—during setting up the app and enrolling, when the user is making a self-assessment, and furthermore when he/she either consciously shares their contact tracing information from the app.
Aarogya Setu is a contact-tracing application created by the National Informatics Center (NIC) under the Ministry of Electronics and Information Technology, and is being endorsed by the Government of India, as a simple and effective tool for contact tracing during the lockdown. Government has made compulsory for employees of every single privately owned business, government workers and likewise cautioned people in containment and red zones to install the application on their mobile phones.