Cyber Fraud- No OTP, No PIN Needed! AePS Scam Can Drain Your Bank Account

AePS: It’s a common belief that as long as we keep our OTP and ATM PIN private, our bank accounts are entirely safe. Yet, cybercriminals have discovered a new method to breach this security. Fraudsters are now taking advantage of the government-supported AePS service to illegally withdraw funds from individuals’ accounts without needing any codes or PINs. Cybercrime investigator Shubham Tripathi shares tips on how to protect yourself from this:

What exactly is AePS?

AePS, or Aadhaar Enabled Payment System, was created to assist those who may struggle with using ATM cards or remembering their PINs. This system enables you to withdraw cash from your bank by simply providing your Aadhaar number and placing your thumb on a biometric device. There’s no need for phones or OTPs.

How do criminals commit fraud?

This OTP-free feature has unfortunately become a major tool for cyber fraudsters. Often, when documents are submitted for land registration or other government processes, thumbprints are collected as well. Fraudsters manage to steal these fingerprint details. They then create a counterfeit thumb.

These criminals input the victim’s Aadhaar number into a micro-ATM machine and use the fake thumb on the scanner. The machine is tricked into believing that the actual person is making the withdrawal. Consequently, money is withdrawn directly from the account without the victim’s knowledge. Numerous complaints regarding such frauds are being reported to the National Cyber Crime Reporting Portal and the helpline 1930.

5 ways to avoid this scam

1. This is the surest solution. Lock your biometrics using the mAadhaar app or the UIDAI website. When you need to use your thumbprint, simply unlock it from the app for 10 minutes.
2. Never give a photocopy of your Aadhaar to anyone. Always sign it (self-attest) and clearly state the purpose for which you are providing it. If possible, use a “masked Aadhaar,” which hides the first eight digits of your Aadhaar.
3. You can use your 16-digit Virtual ID (VID) instead of your full Aadhaar number anywhere. It’s valid everywhere and very secure.
4. Contact your bank and set a Fraud Risk Indicator (FRI) or transaction limit in your account, so that any unusual transaction can be stopped immediately.
5. To keep your bank account and financial transactions safe, keep your Aadhaar linked with PAN card.