Telangana Smart Card Controversy: What Went Wrong With Colourplast?
Hyderabad | A major public safety concern is brewing in Telangana, where smart cards used for driving licences and vehicle registrations have come under intense scrutiny. At the centre of it is Colourplast India Pvt. Ltd., a vendor accused of supplying substandard smart cards embedded with non-compliant chips — allegedly of Chinese origin.
The issue was first flagged by Raahat – The Safe Community Foundation, a reputed NGO focused on road safety and digital integrity. Its chairman, Dr. Kamal Soi, raised the red flag in a detailed letter to the Transport Minister of Telangana. He alleged that Colourplast was supplying smart cards that violate SCOSTA standards, putting citizen data and even national security at risk.
What the Allegation Says
In February 2023, Colourplast was awarded a contract to supply pre-printed PVC smart cards to the Telangana Transport Department. These cards were required to comply with SCOSTA (Smart Card Operating System for Transport Applications), the Indian government’s security standard. However, Dr. Soi’s complaint suggests otherwise.
He claims that multiple smart card series – including DL0358000/24 and RC0380000/24 – were found to contain non-approved Chinese chips, which lacked proper encryption protocols. The concern? These chips could potentially be accessed remotely, exposing personal data and sensitive information to cyber threats or even espionage.
What Happened Next?
The Telangana Transport Department took the matter seriously. On June 10, 2024, NIC (National Informatics Centre) confirmed that 12 out of 20 card samples provided by Colourplast failed compliance checks. These cards reportedly carried Samsung S3K140A chips, which were not listed under SCOSTA-approved models.
Following this, the Transport Commissioner issued a Show Cause Notice to Colourplast on June 24, demanding an explanation. But by August 7, no reply was received. This led Dr. Soi to escalate the matter again, urging authorities to recover the full project cost, impose penalties, and blacklist Colourplast from future tenders.
What Colourplast Says
In its response, Colourplast denied any wrongdoing. The company clarified that it was only responsible for supplying blank smart cards and had no role in personalizing or embedding sensitive user data. “We use high-quality materials and follow every guideline laid out in the contract,” said Saurabh Yadav, Head of Legal Affairs at Colourplast.
Why This Case Matters
This isn’t just a supplier issue — it's a wake-up call for how public contracts involving digital infrastructure are handled. If the allegations against Colourplast are proven true, it could mean that thousands of Telangana residents have been issued potentially compromised smart cards.
In today’s age, where data is power, weak digital security can lead to massive consequences — from identity theft to large-scale surveillance. NGOs like Raahat are calling for more transparency, third-party checks, and stricter enforcement of technical standards in such tenders.
