Gang spoofing fingerprint biometrics busted by India’s Cyberabad police
Seven persons suspected of cloning fingerprints to defraud poor farmers of money from their bank accounts through the Aadhaar Enabled Payment System (AEPS) have been arrested by the Cyberabad police in the state of Telangana, reports Times of India (TOI).
Going by the report, the gang members were picked up following a complaint from Epoint India, the city franchise of a fintech company Roinet Solution that provides services to rural farmers.
The report explains that the key accused person obtained an AEPS license from a representative of Epoint India to provide mini-banking services using forged Know Your Customer verification from cloned fingerprints. This led to unlawful withdrawal of money from the bank accounts of more than one hundreds farmers who bank with the fintech, and the stolen money was transferred to nine other bank accounts.
The amount stolen from the farmers’ bank accounts is estimated at 1,464,000 Indian rupees (about US$18,780), but the police say the amount could be higher as they are still working to put together the figures, the report notes.
In the wake of these fraudulent transactions, a complaint was lodged and the police launched a manhunt for the suspects who were eventually arrested in the home of the gang leader whose name TOI mentions as N Venkateshwarlu.
TOI writes that the gang leader had worked as a desktop publishing operator, was familiar with land registration and rural banking issues and the susceptibilities of the Andhra Pradesh IGRS portal.
“Venkateshwarlu downloaded land registration documents from IGRS portal of AP and collected names, Aadhaar numbers and fingerprints of over 10,000 people. They cloned fingerprints on butter paper by using a polymer sheet and heating it with certain temperature with a chemical,” a police official was quoted as saying.
Items seized from the suspects at the time of their arrest include 2,500 cloned fingerprints, 340,000 rupees ($4,360) in cash, SIM cards, telephones, fingerprint scanners, debit cards and other documents, TOI notes.
Indian authorities have warned in the past about a rise in Aadhaar enabled payment fraud across states in the country, and arrest of suspects has been a common feature.
Facial recognition for pension payments using Aadhaar reaches 100K
Biometrics continue to be relied upon for more services in India, and the country’s system for pension earners to receive their payments by obtaining digital life certificates (DLCs) through an Aadhaar-based facial recognition system has reached a milestone in user adoption.
Money Control writes that information it gathered from a Right to Information (RTI) application indicates over 100,000 pensioners have received their DLCs after their identities were verified using facial recognition. However, critics say the facial recognition systems are flawed, and can increase discrimination.
The DLC is a document that brings eligible pension earners closer to payment as the Pensions Disbursing Agencies (PDAs) are the ones to decide whether or not to accept the DLC for payment.
The outlet says at the time of its report, 52,987 DLCs had been accepted by PDAs while 18,603 others were rejected.
While the government is arguing for the facial recognition system, critics and digital rights organizations have raised various concerns including the fact that there is no law on the use of facial recognition in India and that the personal data protection law is yet to be fully operationalized.
In the absence of these safeguards, the critics fear the facial recognition data obtained could be misused exposed to privacy risks.
The outlet quotes an Indian digital rights organization Internet Freedom Foundation (IFFF) as saying “Linking welfare schemes to Aadhaar and its biometric verification system has caused mass exclusions… an untested facial recognition system will increase the risk of exclusion,” in reaction to when authorities introduced an Aadhaar-based facial recognition system for COVID-19 vaccination.