Smartphone users in India are demanding answers after people on Twitter began posting screenshots of their phones’ contact lists with a strange number included in it. Users are claiming that they didn’t add the contact to their devices, and no one company or person knows how it got there in the first place.
The contact, 1-800-300-1947, is an old toll-free number for the Unique Identification Authority of India (UIDAI), and it’s been showing up in contacts lists originating from Android devices. The same number has showed up on iPhones as well, but only if its owner imported those contacts from an Android device before. People are just now widely noticing the number’s inclusion, but it’s uncertain when this contact was first forced onto phones. It appears that it could have started years ago.
Many people, with different provider, with and without an #Aadhaar card, with and without the mAadhaar app installed, noticed that your phone number is predefined in their contact list by default and so without their knowledge. Can you explain why?
— Elliot Alderson (@fs0c131y) August 2, 2018
UIDAI was created by the Indian government in 2009 to produce 12-digit unique identification numbers for residents and run the database in which the information is held. The numbers work similarly to Social Security numbers in the States: they’re used to make it more difficult for people to stew up fake identities and to help easily identify people.
The government body denied that it had anything to do with forcing the number onto devices. In a statement, UIDAI said it “has reiterated that it has not asked or advised anyone including any telecom service providers or mobile manufacturers or Android to include [the contact] in the default list of public service numbers.”
— @kingslyj (@kingslyj) August 1, 2018
Security experts and regular users have taken Android, service providers, and the Indian government up to task and have been demanding answers online. Others are performing their own tests and experiments to pinpoint how the number was placed on their devices without their previous knowledge or formal permission. Some claim that Google is to blame after tests showed that the number only populated on Android devices that are “Made in India.” Others believed the number was pushed by their service providers, like Vodaphone, which denied responsibility to Indian Express earlier today.
Despite the online outrage over privacy and security concerns, no governmental body, regulator, telecom, or device maker has come forward to claim responsibility.
The Verge reached out to Google for comment, but as of press time, it has not responded.