Bank Scam using AADHAR - Deactivate Aadhaar Enabled Payment Service (AePS)

[Deleted member 9785]

Very Imp

Lock AADHAR Based authentication on UDAI website.

Only open it for short while when u need to do a KYC

New fraud method exposed: Cyber scammers clear bank accounts with Aadhaar number, no OTP needed

New cyber fraud method: Money withdrawn from accounts via Aadhaar, bypassing OTP, CVV and bank details.

www.dnaindia.com

 

[Strange]

I understand this but what I am asking is:-
I have a/c in HDFC, sbi, axis etc and aadhar is seeded in hdfc, so using aeps money can be withdrawn only from hdfc or all others also

You can withdraw money from other banks if aadhaar is linked and bank has enabled AePS transaction in your account.

Aadhaar linking and seeding both are different things.

 

[varun__goel_]

You can withdraw money from other banks if aadhaar is linked and bank has enabled AePS transaction in your account.

Aadhaar linking and seeding both are different things.

Then banks should give a option in nb/mb to disable/enable it

 

[Strange]

Then banks should give a option in nb/mb to disable/enable it

Check the old posts in this thread; someone has emailed HDFC to disable the AePS service in their account.

 

[Sourabh_13]

I heard in some shocking incident, fingerprint info was leaked and was cloned using some polymer. Everything is now possible in the world of fraud 😢😢.

Meanwhile one Japanese Prof working in the area of computer vision: "Fingerprint information can be captured from a photo taken from a common good-quality camera, from a distance of not more than 2-3 metres, where.. say, a person is showing a ✌🏻 sign."

 

[shivkumar]

One thing everyone should do is to enable sim lock (please get puk code etc from network provider before enabling the same) & use a Lock Screen password. In case of phone loss even if the scammer puts your sim in a different phone, he won’t be able to use the same to get otp.

I use an Apple Watch cellular version. So at least in case of sim damage/loss I have an option to receive otp on my watch.

I have disabled biometric authentication for now. I am safe in a sense my biometric cannot be used to get replacement sim or for aeps transaction.

Banks should provide in app option to enable / disable aeps.

 

[Trust Me]

Then banks should give a option in nb/mb to disable/enable it

Check the old posts in this thread; someone has emailed HDFC to disable the AePS service in their account.

The question is, is AePS in a disabled state by default for everybody? If not, why not?

 

[shivkumar]

The question is, is AePS in a disabled state by default for everybody? If not, why not?

From what I gather it’s enabled by default.

 

[Trust Me]

Meanwhile one Japanese Prof working in the area of computer vision: "Fingerprint information can be captured from a photo taken from a common good-quality camera, from a distance of not more than 2-3 metres, where.. say, a person is showing a ✌🏻 sign."

... Meanwhile the typical fingerprint scanners used in our banks often fail to read fingerprints of many aged people (and also for people who work with their hands, like household helps, for example). It is a MAJOR issue for many pensioners trying to get a life certificate. One would wonder why a signature cannot be used (like in the good old non-digital days). But the so called modern banks typically refuse to do that anymore!

Funny thing is, a pensioner in my family faces this issue every year, come November, but his fingerprints came out crystal-clear on a property transaction deed in court (stamp-pad ink on paper)! .... Perhaps just in order to facilitate this AePS scam some day soon! 🙂

 

[cyberlocker]

Recently I made a mistake of linking aadhar to my hdfc bank thinking it could help me change mailing address online without visiting branch or providing address proof for current/rented address.
This hdfc expressway is most useless, it just authenticate aadhar using OTP and fills both permanent and mailing address from aadhar and doesn't even allow entering different mailing address. What's the use of this? It's only usefull if a person changes the address in their aadhar which i dont think people keep doing every time they change their rented place.

And regarding locking biometric, it might sound good but it can turn into nightmare.
Just a year ago, my second mobile number just stopped working due to problem in sim card itself. Went to Airtel shop, they did biometric and gave me replacement.

What if, biometric is locked and suddenly the number used in aadhar stopped working for some reason? No OTP to unlock and cannot do biometric too. So basically done.
Phone getting lost, stolen, etc are different but sometimes even sim cards develop some issues.
Aadhar is one of the weakest authentication and ID ever produced by a country and that too linking with payments is just idiotic.

 

[quino]

Aadhar is one of the weakest authentication and ID ever produced by a country and that too linking with payments is just idiotic.

careful where you say that. you could get jailed into oblivion under the uapa act these days.

 

[cyberlocker]

careful where you say that. you could get jailed into oblivion under the uapa act these days.

I redact my statement. Aadhar is one of the best invention ever done for mankind since fire and wheel.

 

[quino]

the question was for a replacement sim (means same number). did you get a new sim of existing number or new number?

also could you tell which provider? airtel/vi etc

yet to get a confirmation from anyone on this forum. maybe this isn't possible.

 

[cyberlocker]

1.Get a new sim
2. Link it to aadhar
3. Put it in secondary phone
4. Lock biometric
5. Never use that phone number for anything, apart from aadhar authentication and keep the phone safe at home.

Using different phone number in banks/cc.
This way aadhar number is somewhat safe and can also use UPI on the go with less probability of losing aadhar number and locking oneself from biometric.
Only wondering if aadhar authentication will fail at bank side with mismatch of phone number.

 

[SSV]

Okay, I will add another dimesion to it..
What about e-sim? how hard it is to replace e-sim ?? can we do it without aadhar authentication at the service provider outlet??

PS; never used -esim before.. just asking..

 

[Trust Me]

1.Get a new sim
2. Link it to aadhar
3. Put it in secondary phone
4. Lock biometric
5. Never use that phone number for anything, apart from aadhar authentication and keep the phone safe at home.

... You've probably forgotten about one of the great inventions on your list, -- fire !

Why not keep up with the modern times, and on your next flight somewhere, drop your phone in the cloud? 🙂

 

[chandra.prakash]

Can this be disabled by customer or bank can only disable it on customer request?

You can lock using maadhaar app and disable when you want

 

[cyberlocker]

... You've probably forgotten about one of the great inventions on your list, -- fire !

Why not keep up with the modern times, and on your next flight somewhere, drop your phone in the cloud? 🙂

There is no 100% full proof system. One can only implement a system with lower probability of damage. Probability of losing a phone in a home with both natural and man-made calamities is much much lower than losing your phone when you carry it everyday and everywhere!

 

[cyberlocker]

 

[ghost of sparta]

View attachment 33042

Did the poor guy find a solution at the end?

 

[quino]

1.Get a new sim
2. Link it to aadhar
3. Put it in secondary phone
4. Lock biometric
5. Never use that phone number for anything, apart from aadhar authentication and keep the phone safe at home.

Using different phone number in banks/cc.
This way aadhar number is somewhat safe and can also use UPI on the go with less probability of losing aadhar number and locking oneself from biometric.
Only wondering if aadhar authentication will fail at bank side with mismatch of phone number.

upi apps won't work if the registered sim isn't in the device ig