Pradeep Thakur, TNN - The Times of India

NEW DELHI: After seeking information from the US authorities on who picked up the tab for Pakistani-American terrorist David Coleman Headley’s credit cards, security agencies have launched a crackdown against terror suspects using international cards as a mode of funding their operations in India.

In two operations in Lucknow and Delhi, intelligence agencies with the help of local police seized more than 65 international credit cards with at least Rs 4-5 crore withdrawn on them and distributed to sleeper cells, sources said.

In the first operation, the Anti-Terrorist Squad of the UP police last month recovered 20 international cards from two individuals in Lucknow after a close surveillance revealed that they were using the credit cards to draw money and pass it on to sleeper cells in the city on the instructions of Nepal-based masterminds.

In a similar action in the national Capital, officials of the Delhi Police raided a resident in Rohini and recovered 45 international credit cards from his possession along with Rs 6 lakh in cash. Initial questioning of the accused in both the cases that the revealed money was paid in Nepal and the operatives in Lucknow and Delhi were instructed to withdraw it and pass it on to contacts as per orders.

While the income tax department is on the job to map the economic footprint of these jehadis within the country, the government has roped in the Enforcement Directorate to register and investigate each of these cases to identify the sources of transactions made in foreign countries on these cards and further investigate the cases under the Prevention of Money Laundering Act (PMLA).

Meanwhile, the government is in touch with the authorities in US and Canada to ascertain who had paid for the credit card bills of Headley and other accused linked to the 26/11 Mumbai terror attack.

A year-long investigation in the use of international credit cards by terror suspects in India has revealed that at least Rs 20-25 crore had been spent by them in the recent past across the country. These credit cards were issued in US, Canada, UK, Dubai, Nepal and Bangladesh and the bills were picked up by terror masterminds based there. Agencies are identifying all such payment gateways, their beneficiaries and sponsors.

The authorities are hopeful of busting the terror and narcotics syndicates by establishing a link between the users of such credit cards and their masterminds who are picking up the tab. Though the FBI has shared some details with the National Investigation Agency while referring to Headley’s co-accused Tahawwur Hussain Rana’s company, World Immigration Service, as one of the funding sources which also provided him a cover for his jehadi mission, it is not yet clear who picked up Headley’s credit card bills in the US.

Sources said Pakistan-based jehadi outfits are using the new modus operandi to fund their operatives in India without alerting the security agencies as the earlier hawala mode of funding had come under close surveillance.

By Swati Prasad, ZDNet Asia – Friday, September 25, 2009 04:59 PM

NEW DELHI–The need for standards and concerns over security and privacy were highlighted this week, as the Indian government prepares to roll out various e-government projects based on biometrics.

“The industry, government and academia need to collaborate to evolve standards for biometrics,” Nandita Jain Mahajan, IBM’s India South chief privacy and information security office, said during the India Preparatory Meeting: Biometrics and Data Protection, held here Thursday. The two-day event was organized by the Data Security Council of India, a self-regulatory organization led by Nasscom.
According Mahajan, the Indian government should adopt open standards to avoid heavy dependence on one technology vendor.
The country is in the process of deploying biometric cards for various e-government schemes, including the national unique identity card and e-passport projects.
“No government wants to be locked into any one technology,” S. K. Sinha, senior director of National Informatics Centre (NIC), said during a panel discussion, adding that India has put much emphasis on standardization for the technology.
“The Indian government is working on a national standard for biometrics [and] wants to have a technology standard that is open and provides a level-playing field so that many vendors can take part,” Sinha said. However, he noted that standards should be established such that they can widely adopted by the industry. “Standards should be implementable,” he said.

Are biometric cards privacy-compatible?
According to Shree Parthasarthy, a director at Deloitte said biometrics is “as old as forensics”, taking into account several factors such as the iris scan, finger prints, appearance, social behavior, skull measurement, voice, and so on. “It’s impossible to replicate or mimic all of these characteristics,” Parthasarthy noted.
And while biometric cards offer better security, he noted that there are several primary concerns over the use of such cards, including questions about privacy protection, misuse of biometric data and how biometrics will support privacy policies.
According to Mahajan, there are three technology components in biometrics: acquisition, extraction and matcher. Often, all attributes of biometric cards do not match and the acceptability error rates can be high, he said.
“If your password is compromised, you can change it, but if your biometrics is compromised, what can you do about it,” he questioned.
Y. D. Wadaskar, managing director of Pune-based IT security products company, WYSE Biometrics Systems, said: “Every individual is unique and therefore, biometrics and privacy go hand in hand. We need to trust these cards just as we trust our doctors and lawyers when we share personal information with them.”
Sunil Dhaka, chief information security officer of ICICI Bank, said the bank has been successful in implementing biometric cards for agriculture-based banking in rural areas.
“Since rural India has no Internet or tele-banking facility, we realized the solution had to be online-offline ready,” Dhaka said. “With such cards, we can do banking at the speed of thought.”

One billion ID cards challenge
Zia Saquib, executive director of Centre for Development of Advanced Computing (C-DAC), who also attended the meet, noted that deploying biometric cards for citizens in New York is different from implementing similar schemes in rural India. C-DAC develops applications for e-government projects.
According to Saquib, data collection and enrolment in rural areas can prove a challenge as “identification is a sensitive issue,” he said.
“We need to have strong authentication processes in place at the time of enrolment, he explained, adding that biometric data must not be stored in the same place as personal data.”
Biometric data must be stored locally,” he said. Saquib also highlighted the benefits of using digital rights management methodology for biometrics, giving users access to information only on a “need to know” basis.
Sinha said generating over 1 billion national unique ID cards cannot be done with small number of stakeholders. “You need different stakeholders for enrolment, creation of database, generating algorithms, verifying and distributing these cards,” he added.
“And when you have so many stakeholders, the need for standards becomes all the more critical,” he noted. Asked how the government plans to address privacy and security concerns over biometric cards, he said it is still too early to provide comments.
Sinha said: “All we can say is that the data will be highly protected and we will put several cyber-controls and encryptions in place, in both online and offline mode.”
Swati Prasad is a freelance IT writer based in India.