sorry to hear that. hope it gets fixed soon.
Honestly, I didn't know that.
I locked mine, my wife, my mother, my sister, my brother-in-law without any issue. (Artel, Jio, Vi, BSNL)
Biometric locking and unlocking have always been an issue from the beginning of time from when that feature that introduced.
So, nobody is alone, take your own due diligence. Because if you suddenly need it and if the app and web crap it out, you will be in difficult situation.
So, nobody is alone, take your own due diligence. Because if you suddenly need it and if the app and web crap it out, you will be in difficult situation.
Both the website and the app have been crapping out for the past 4 days as far as I am concerned. The website keeps giving out the cannot connect to backend error. As for the app every time I try to lock my biometric and input the OTP I get a pop-up notification that says my biometric has been locked, but when I check again in the 'My Aadhaar' tab my biometric is clearly not locked.
Happens for me as well, but if you click biometric lock it shows the status as locked. On the my aadhar screen it initially shows the lock icon for biometric as open, but that seems to be incorrect as it shows the correct status on clicking into it.
Did any of the news article actually address the details of the attack?
- How can just the image of a fingerprint be used for aadhaar authentication without some serious silicone 3D printing or something like that?
- Which merchant processed the AEPS? Why have those merchants not been penalized?
- How did the crooks obtain the images of the fingerprint in the first place?
Oh no. In my case my biometric is still unlocked, but the app keeps giving out false notifications.
Step1 I go to My Aadhaar tab of app> Step2 Tap on biometric lock option> Syep3 enter the captcha> Step4 wait for otp> Step5 Enter the otp> Step6 Get fake notification from app that my biometric has been locked> Step7 Completely close the app> Step8 Open the app and go to myadhaar and see that biometric is unlocked > Repeat step2 to Step8
I have done this at least 18 times now ( counting all the Aadhaar OTP emails from last 3 days).
Strangely enough, I was able to lock my dad's biometric after only 6 attempts on his phone. The first 5 attempts I got the same fake success notification. I know that his biometrics have been properly locked because now if I tap on biometric lock/unlock (the lock icon is red and locked) then the next page I get clearly mentions that "your biometric is locked" along with the options to unlock, and disable.
Apparently from state govt websites and land registries. Recently read some news articles:
https://indianexpress.com/article/c...umb-prints-from-land-registries-7914530/lite/
https://www.thehindu.com/sci-tech/t...eps-abused-cybercriminals/article66842275.ece
https://www.boomlive.in/amp/decode/...hands-of-scammers-pulling-off-aeps-scam-23120
I firmly believe that govt. officials are completely in cahoots with the criminals to pull off this kind of fraudulent activity.
Completely agree with @iosoft, @TEUser2K1 and @LinkdJay: govt. should be more responsible with data. But it is also important not to stop at the first problem we notice and ignore the remaining problems. I am still wondering about the remaining parts of the puzzle: how did they convince the aadhaar system that this stolen picture was a live fingerprint: did they mod some hardware, or did they use silicone transfers? Who was the recipient of the money? Why can't they just trace it simply by going to the point of sale?
Furthermore, at least to my knowledge, no govt body, RBI or UIDAI have even acknowledged this blatantly obvious flaw in the system (please correct me if I am wrong about this).
If I was a bigger sceptic then I would say that our govt knowingly kept these flaws & loopholes and are themselves responsible for doing these scams or at the very least the higher ups are quite closely associated with the scammers.
"...It seems anyone can learn how to clone a fingerprint with epoxy putty on YouTube; and anyone can buy an identification card online. Fingerprints can be lifted from digitized property sale deeds. Or, to steal money from bank accounts, one could hack into a mobile app used by small village shops that double up as micro-ATMs for Aadhaar-holders...."
thehackernews.com
economictimes.indiatimes.com
timesofindia.indiatimes.com
www.drishtiias.com
timesofindia.indiatimes.com
www.mid-day.com
timesofindia.indiatimes.com
www.hindustantimes.com
www.hindustantimes.com
edit: Unfortunate reality is that fraudsters will get control of technology, they are more capable and wiling in taking risks where common man cannot even get legal things legitimately; it's systemic collateral damage in poor country like ours. How to strictly control the same is what need to be checked. People insisting aadhar card details even for silliest of work to get done need to be strictly controlled, for eg., courier companies irks me the most - this must've been made punishable offense, not just illegal.
Any Indian DigiLocker Account Could've Been Accessed Without Password
Any User Account On DigiLocker Service Operated by Indian Government Could've Been Accessed Without OTP or Password
thehackernews.com
Aadhaar: A bit of resin is putting India’s welfare system at risk
Aadhaar is being very successfully used — by fraudsters. Blame it on ubiquity combined with lax controls. While the unique ID was conceived to make welfare programs more efficient, private entities didnt lose any time in realizing its potential.
How crooks are exploiting gaps in Aadhaar system in Delhi | Delhi News - Times of India
Delhi Police is learnt to have detected and flagged numerous vulnerabilities in the Unique Identification Authority of India (UIDAI)'s system. These h
timesofindia.indiatimes.com
Gaps in AePS Exploited by Cybercriminals
Cybercriminals are taking advantage of gaps in the Aadhaar-enabled Payment System (AePS) to carry out fraudulent activities. By using leaked biometric details, they can bypass the need for OTPs and siphon money from users' bank accounts.
Three Held In Aadhaar-gst Multi-crore Bogus Billing Scam | Ahmedabad News - Times of India
Parts of the multi-crore bogus billing scam have begun unfolding. Three persons were arrested by Bhavnagar Police on Tuesday, for conning unsuspectin
timesofindia.indiatimes.com
Mumbai: Cops bust fake Aadhaar and PAN card making centre in Goregaon; one held
The official have also seized around 30 Aadhaar cards and 7 PAN cards from the suspect, an official said
4,120cr Fake Billing Scam: Four Arrested In Bhavnagar | Ahmedabad News - Times of India
Ahmedabad: In the alleged Rs 4,120 crore fake billing scam that recently surfaced, an Aadhaar Centre in Palitana was raided for fudging data in some 1.
timesofindia.indiatimes.com
Fake Aadhaar enrolment centre uncovered in Ludhiana, three held
Trio had access to a UIDAI User ID registered in Dhubri, Assam; using these details, they would log in to the UIDAI portal to make corrections in Aadhaar cards
Gang busted for operating an illegal Aadhar card centre in Noida
Police in Noida have arrested seven people, three of whom it is alleged created fake Aadhaar cards using toe prints instead of fingerprints.
edit: Unfortunate reality is that fraudsters will get control of technology, they are more capable and wiling in taking risks where common man cannot even get legal things legitimately; it's systemic collateral damage in poor country like ours. How to strictly control the same is what need to be checked. People insisting aadhar card details even for silliest of work to get done need to be strictly controlled, for eg., courier companies irks me the most - this must've been made punishable offense, not just illegal.
Last edited:
Thanks for the links.
Reading between the lines of the reporting so far, there is still the language like "criminals have been known to use silicone" for fingerprint cloning, but I guess no one will actually know what happened in this particular case until the criminals are caught. What is sad is that we still don't really know the details of how this particular instance of the crime is being conducted.
@tearphones
www.drishtiias.com
This link gives some clarity on how scam actually works ?
Gaps in AePS Exploited by Cybercriminals
Cybercriminals are taking advantage of gaps in the Aadhaar-enabled Payment System (AePS) to carry out fraudulent activities. By using leaked biometric details, they can bypass the need for OTPs and siphon money from users' bank accounts.
This link gives some clarity on how scam actually works ?
Moody's questions Aadhaar's reliability; govt rebuffs
www.ndtv.com
Moody's questions Aadhaar's reliability; govt rebuffs
The UIDAI issued a strong rebuttal to Moody's Investors Service which claimed that the Aadhaar system often results in service denials and the reliability of biometric technologies, especially for manual labourers, in hot and humid climates is questionable.
www.rediff.com
"Over A Billion Indians...": Centre Counters Moody's Aadhaar Criticism
Responding to global credit agency Moody's claims that Aadhaar poses privacy and security risks, and the use of its biometric technology in humid climates is unreliable, Centre on Monday termed the assertions baseless and lacking evidence.
www.ndtv.com
Thank you so much for the article, there're so many interesting things in it:
- They've arrested the people based on the Customer Service Point machine, which I thought was an obvious way to track people down. Good.
- They claim that they converted photos of fingerprints into a near-perfect silicone fingerprint with a success rate of 6 - 12%
- To make this, they used a hard dice and silicone solution. I don't know if this is a mistranslation or a transcription error, but I really don't understand it.