SUMMARY
Financial fraud related to Aadhaar is occurring more often. There have been instances where hackers have taken advantage of the AEPS Cash Withdrawal.
AePS Full Form
AePS, short for Aadhaar Enabled Payment System, is a safe and practical payment system that uses the Aadhaar infrastructure to support financial transactions.
What is Aadhaar Enabled Payment System(AePS)?
The Aadhaar Enabled Payment System (AePS) is a payment service that enables bank customers to access their Aadhaar-enabled bank accounts and carry out standard banking operations including balance inquiries, cash withdrawals, and remittances through a Business Correspondent by using their Aadhaar as their identity.
What are the services available under AePS?
- AePS Cash Withdrawal
- Balance Enquiry
- Mini Statement
- Aadhaar to Aadhaar Fund Transfer
What is important for AePS Cash Withdrawal to work?
The customer looking to avail AEPS should mandatorily:
- Have a Bank Account with a Bank participating in AEPS
- His / Her Aadhaar should be linked to his/her Bank account with other Bank.
- Transaction is completed using his/her biometric authentication only.
Which banks falls under AePS Cash Withdrawal?
Due to lack of efficient AePS service for all banks in India, many people are facing problems. If your bank is included in the following list, you can avail basic banking services from your neighborhood BC Point. So far 120 banks have participated and are able to provide AePS service. Checkout the list here.
What is AePS Cash Withdrawal limit for individual banks?
The NPCI has fixed the maximum transaction amount for a single AePS financial transaction at Rs. 10,000.
Why AePS Cash Withdrawal in News?
Cybercriminals have lately taken advantage of India’s AePS Cash Withdrawal, allowing illegal access to consumers’ bank accounts.
- Leaked biometric information has been used by scammers to avoid One Time Passwords (OTPs) and steal money from gullible victims.
- The AePS’s weaknesses have recently come to light, as have the ways in which hackers are taking advantage of the system’s flaws to deceive innocent consumers.
How is AePS Cash Withdrawal Exploited?
Leaked Biometric Details:
Leaked biometric data, including fingerprints taken during Aadhaar enrolment, is obtained by cybercriminals.
- They run biometric POS systems and ATMs using this stolen data without the requirement for two-factor verification or one-time passwords. They are able to transfer money from consumers’ bank accounts by getting over these security precautions.
Silicone Thumbs:
Biometric devices have been reported to be tricked by con artists using silicone thumbs.
- They fool the system into verifying their fraudulent transactions by placing the fake thumb on the fingerprint reader.
- By using this technique, they can carry out illicit financial transactions on the account holder’s behalf.
Lack of Transaction Notifications:
- AePS Cash Withdrawal scam victims occasionally don’t get any notice from their banks about fraudulent transactions.
- They don’t become aware of the scam until there are anomalies in the balance of their bank account.
Exploiting Weak Security Measures:
- Cybercriminals might use security flaws in the AePS Cash Withdrawal system, such as insufficient identity verification or authentication procedures, to carry out their illegal operations. They employ these vulnerabilities to the system’s advantage and get access to consumers’ bank accounts.
Systemic Issues:
- Other problems that influence the AePS’ performance and dependability include biometric mismatches, bad connectivity, poorer systems of some financial partners, etc.
- These factors can sometimes cause transactions to fail, although the money is still deducted from clients’ accounts without their awareness.
How to Prevent AePS Cash Withdrawal Frauds?
Aadhaar Lock:
- Users are encouraged to use the UIDAI website or mAadhar mobile app to lock their Aadhaar information.
- Aadhaar may be locked to prevent the improper use of biometric data for financial transactions.
- When biometric authentication is necessary, such as for the renewal of a passport or the registration of property, Aadhaar can be unlocked.
- Aadhaar might be locked once again for security reasons following the required authentication.
Amendments to Aadhar Regulations 2016:
- The Aadhaar (Sharing of Information) Regulations, 2016, are being modified, according to UIDAI.
- The amendment mandates that organizations who have access to an Aadhaar number refrain from disclosing information unless Aadhaar numbers have been redacted or obscured.
Other Preventive Measures:
- Avoid scanning QR codes or clicking on links that come from unidentified or dubious sources.
- Use careful and don’t believe anyone who offers help with cash withdrawals from locations other than approved bank offices or ATMs.
- On a PoS device, it is advised to double-check the displayed amount and seek a receipt for each transaction before entering your fingerprint.
- Check your bank account’s balance and transaction notifications on a regular basis if it is connected to your mobile number.
- Report any suspicious or fraudulent activity right away to the bank as well as the police.
- Customers are exempt from responsibility for unlawful transactions, according to the RBI, if they quickly report them within three working days.
What experts say
Former IPS officer Rajan Medhekar who retired as director-general (DG) of the National Security Guard(NSG), said, “It might be harmful to national security if Aadhaar data is being copied. National security has a number of important components. Banks, hospitals, and servers for critical installations are a few examples. Since 2017, cyberattacks have already been a problem for us.“
He added, “I also question why government agencies must post someone’s biometric information on a public website. To do the verification, they might create a special identifying number.“