The Unique Identification Authority of India (UIDAI) has launched its first structured Bug Bounty Programme to enhance the security of the Aadhaar ecosystem by inviting cybersecurity experts to identify potential vulnerabilities in its digital platforms.
Under the initiative, a panel of 20 experienced security researchers and ethical hackers has been selected to examine key UIDAI digital assets, including the official UIDAI website, the myAadhaar portal and the Secure QR Code application.
The programme allows experts to test the systems for potential security weaknesses and report them responsibly. Identified vulnerabilities will be classified into Critical, High, Medium and Low risk categories, with researchers receiving rewards depending on the severity of the issues discovered.
UIDAI said the initiative is aimed at proactively identifying and fixing security gaps before they can be exploited.
The programme is being implemented in collaboration with ComOlho IT Private Limited, a cybersecurity solutions provider that will support the coordination and management of the bug bounty initiative.
According to UIDAI, safeguarding information security is critical in an increasingly digital environment. The authority already uses multiple layers of protection, including regular security audits, vulnerability assessments, penetration testing and continuous monitoring.
The bug bounty programme adds another layer of defence by allowing independent experts to help detect hidden risks and strengthen the resilience of Aadhaar’s digital infrastructure.
The Ministry of Electronics & IT said that similar bug bounty initiatives are widely used by leading technology companies worldwide to make digital systems more secure and future-ready.
