The Unique Identification Authority of India (UIDAI) launched its first structured Bug Bounty Programme on March 11, 2026 to strengthen cybersecurity of the Aadhaar ecosystem. A panel of 20 experienced ethical hackers and security researchers has been selected to test UIDAI's digital platforms including the official website, myAadhaar portal, and Secure QR Code application.

Vulnerabilities are classified as Critical, High, Medium, and Low risk, with a risk-based reward system. The programme is run in partnership with M/s ComOlho IT Private Limited. This is part of India's broader push to secure digital public infrastructure, with information security spending projected to reach $3.4 billion in 2026, an 11.7% increase from 2025.