- Scammers are operating biometric POS machines and ATMs with silicone thumbs, emptying victims’ bank accounts.
- There have been reports of Aadhaar-linked fingerprint abuse and unauthorised withdrawals.
- AePS data breaches have been reported, although UIDAI denies that Aadhaar data has been compromised.
- Information Breach: Criminals can gain Aadhaar numbers through photocopies and soft copies and utilise Aadhaar-enabled payment systems to compromise user data.
Securing Aadhaar
- Regulation: The UIDAI has proposed restrictions to ban the unredacted sharing of Aadhaar details.
- New two-factor authentication: For fingerprint liveness, this combines finger minutiae and image capture.
- Aadhaar can be locked online via the UIDAI website or the myAadhaar app. Locking generates a 16-digit VID code, which is required for unlocking.
- Customers are entitled to zero liability if unauthorised transactions are notified to the bank within three working days.
Way ahead
- If suspect behaviour is detected, immediately lock Aadhaar biometric information.
- Inform banks and authorities as soon as possible so that relevant actions can be taken.
- Timely notification ensures that money transferred fraudulently can be returned.
- Check bank accounts on a regular basis for any unusual activity and instantly notify the banking institution.
Source: https://www.thehindu.com/sci-tech/technology/explained-gaps-aadhaar-enabled-payment-system-aeps-abused-cybercriminals/article66842275.ece