Lack of live authentication led to Aadhaar-enabled Payment System fraud in Karnataka

As Karnataka reported cases of fraudulent financial transactions using Aadhaar numbers and thumb impressions downloaded from the public domain recently, it has now emerged that the transactions took place over the non-live fingerprint authentication that led to multiple frauds in the Aadhaar-enabled Payment System. The modus operandi Documents were downloaded from the Kaveri system Aadhaar number and thumb impression in documents were used A 3D print of thumb impression found in document was generated Fraudulent transactions undertaken using Aadhaar number and 3D print of the thumb to withdraw money using Aadhaar-enabled Payment System The fraudsters used Aadhaar numbers and thumb impressions from the property registration documents that were available in the domain of the Stamps and Registration Department in Karnataka and created 3D images of the fingerprints. In this case, the fraudsters have been able to siphon off money because a non-live authentication is available.” Though most banks have a live authentication system, sources suspected that this fraud would not have taken place unless the banking correspondents hired/contracted by the banks who operate the AePS connived with the fraudsters. Karnataka masks first eight digits of the 12-digit Aadhaar number in documents The State government has asked sub-registrars to mask the first eight of the 12-digit Aadhaar numbers in documents related to registrations and has curtailed the certified copy available on the public domain to one page.