Engr. Aliyu Aziz, NIMC’s Director-General
As the keeper of Nigeria’s most important national database, the National Identity Management Commission (NIMC) has stated that its servers have not been penetrated and are completely optimized at the highest international security levels.
According to certain social media reports, a hacker known as Sam got into the NIMC system and stole over three million Nigerians’ National Identity Numbers (NINs).
The Director-General of NIMC, Engr. Aliyu Aziz, responded to the rumors in his New Year message on Monday, saying that as the custodian of Africa’s most populous nation’s foundational identity database, NIMC has gone to great lengths to ensure the database is adequately secured and protected, especially given the recent spate of cyber-attacks on networks around the world.
“NIMC has created a comprehensive and reputable system for Nigeria’s identification database over the years via laborious work.” The Commission and its infrastructure have been accredited to the ISO 27001:2013 Information Security Management System Standard, which is revalidated on a yearly basis.”
“Because of the critical nature of the identification data that the Commission collects, manages, and maintains as critical assets for the country, NIMC has secured utmost security of its systems and database.”
“The Commission guarantees the public that, on behalf of the Federal Government, it will continue to follow the highest ethical standards in data security and ensure compliance with data protection and privacy rules,” he stated.
Despite the use of the NIMC Mobile App allowing public access to their NIN on the move, the Commission does not use or keep information on the AWS cloud platform or any other public cloud, according to the NIMC Director-General.
“The Commission has made this app available to the general public in order to decrease and eliminate any delay or challenge(s) in accessing one’s NIN,” he stated.
“The public should be informed that having a NIN slip does not grant access to the National Identification Database; rather, it is merely a tangible declaration of a person’s identity.” No licensed partner/vendor is authorized to scan and store copies of individual NIN slips under the data protection requirements; instead, they must validate the NIN using the approved and authorized verification platforms/channels supplied.
“The public may recall that the Ministry of Communications and Digital Economy, through NIMC, implemented the Tokenization elements of the NIN verification service as part of its policies to protect personally identifiable information kept in the National Identity Database. Individuals’ personal data will be safeguarded, and user rights and privacy will be maintained.”
“In accordance with the mandatory use of NIN for government services, the Commission also applauds the concerted efforts of several Federal Government agencies, including the Joint Admissions and Matriculations Board (JAMB), the Federal Road Safety Corps (FRSC), Nigeria Immigration Services, Pension Commission (PenCom), Nigeria Police Force, Nigeria Correctional Service, Nigeria Customs, and a host of others, who have streamlined their services in accordance with the use of NIN.”
The NIMC DG, on the other hand, urged everyone to accept the identity, enroll, and acquire their NINs.