The Unique Identification Authority of India (UIDAI) has launched its first structured Bug Bounty Programme aimed at further strengthening the security of the Aadhaar ecosystem.

The initiative allows cybersecurity experts to identify potential vulnerabilities in some of UIDAI’s key digital platforms. Experts who responsibly report genuine security gaps will be rewarded based on the severity of the issue discovered.

As part of the programme, a panel of 20 experienced security researchers and ethical hackers has been selected to participate. They will assess several UIDAI digital assets, including the official UIDAI website, the myAadhaar portal, and the Secure QR Code application.

The researchers will evaluate these systems for vulnerabilities categorized as Critical, High, Medium, and Low risk. Rewards will be granted depending on the seriousness of the security issue identified.

UIDAI is implementing the initiative in partnership with ComOlho IT Private Limited, a cybersecurity solutions provider.

Highlighting the importance of information security in the digital era, UIDAI stated that it continuously works to strengthen its digital infrastructure in the interest of residents. The authority already employs multiple security layers, including regular security audits, vulnerability assessments, penetration testing, and continuous monitoring.

The Bug Bounty Programme will add another layer of protection by inviting independent experts to help uncover potential risks. UIDAI said the initiative reflects its ongoing efforts to ensure that its digital platforms remain secure for residents and stakeholders.

Bug bounty programmes are widely adopted by global technology platforms as an effective way to enhance cybersecurity and make digital systems more resilient.