MANGALURU: Days after a couple applied to register their new property, they lost Rs 10,000 each from their Aadhaar-linked bank accounts. Many others have lost money after their biometrics and Aadhaar Enabled Payment System (AePS) details were taken for property registration at the sub-registrar office here.
Lokesh and his wife from Shaktinagar in the city, who lost Rs 10,000 each, filed a complaint that money was siphoned off their Aadhaar-linked bank accounts. The city cyber crime police have registered a case.
CREDAI Mangaluru president, Vinod Pinto has also lost Rs 10,000.
Another victim Rohith said, “I purchased a new property and applied to register it in my name at the sub-registrar office.
When I contacted the bank staff, they said the money was withdrawn using AePS mode of transaction. We immediately blocked our bank accounts and filed a police complaint. We had submitted our fingerprints, Aadhaar number and bank details only at the sub-registration office for new property registration just 10 days before losing the money.”
Dr Ananth Prabhu, a cybersecurity expert, said the fraudsters might have secured fingerprints from the land registration department documents and forged it. “It is easy for fraudsters to siphon off funds if they have access to Aadhaar details, fingerprints and bank name. Under AePS mode, Aadhaar number is entered in a micro ATM and biometric details are submitted.
From an Aadhaar-linked bank account, payment is made and the daily limit under this mode is Rs 10,000. I appeal to the government to enable two-factor authentication for the AePS mode–either a password or OTP. The finance ministry must ensure a high resolution photo with location data for every user. Instead of SMS, the account holder should get an instant IVR call before the transaction is confirmed. Also there is an option to lock the biometric feature by logging on to the Aadhaar portal.”
Mangaluru city police commissioner Anupam Agarwal said many people have met him and complained about losing money. An investigation is under way, he said, adding, “It is yet to be confirmed from where the data breach took place.”
Kavitha, senior sub-registrar, Mangaluru, told TNIE she has not received any written complaint yet. “But Mangaluru city police visited our office on September 21 and verified the information after complaints were filed. We will look into it once we receive written complaints from those who have lost money,” she said.