In the realm of cyber financial scams originating in India in 2023, Aadhar Enabled Payment System (AePS) frauds accounted for a significant 11% in 2023 accounted for a significant 11%, as revealed by an analysis conducted by the Indian Cyber Crime Coordination Centre (I4C). Notably, a considerable number of these fraudulent activities were concentrated in the states of Bihar and Jharkhand.
Government Initiatives and Cybercrime Statistics
The central government’s cybercrime portal (cybercrime.gov.in) and the dedicated 1930 helpline played pivotal roles in addressing the surge in cyber-enabled financial frauds last year. A staggering 13,10,329 complaints were registered, encompassing various fraudulent activities. AePS frauds, a subset of these complaints, involved the illicit practice of cloning biometrics.
Decoding AePS and its Vulnerabilities
Aadhar Enabled Payment System (AePS) functions as a payment service that leverages Aadhaar as the primary means of identity verification. This system empowers bank customers to access their Aadhaar-enabled bank accounts, conducting essential banking transactions such as balance inquiries, cash deposits, withdrawals, and remittances through designated Business Correspondents/Agents.
The Menace of Biometric Cloning
In a disturbing incident reported by The Hindu on October 31 last year, the Karnataka Police apprehended two individuals from Bihar engaged in unauthorized withdrawals from Aadhaar-linked bank accounts. The modus operandi involved accessing the Karnataka government’s Kaveri portal to download sale deeds containing fingerprints. Subsequently, the fraudsters replicated thumb impressions onto AePS-enabled devices to siphon money from the targeted accounts.
Reporting Mechanisms and Real-time Vigilance
It’s crucial to note that filing a complaint through the portal or helpline doesn’t automatically translate into a First Information Report (FIR). The helpline, operated by the I4C under the Ministry of Home Affairs (MHA), facilitates real-time complaint registration. Given the interconnectedness of banks and financial institutions on this platform, prompt reporting within one or two hours significantly increases the likelihood of freezing funds in the perpetrator’s account.
A Comprehensive Look at National Cybercrime Reporting
An insightful analysis of the national cybercrime reporting portal (NCRP) identified two categories of cyber financial frauds: local and international.
Local-Origin Frauds
Within the spectrum of local-origin frauds, 35% were linked to customer care numbers, refund issues, and KYC expiry, enabling fraudsters to gain remote access to victims’ phones and pilfer funds. Sextortion constituted 24% of complaints, involving coercive demands for payment after recording individuals watching explicit content. Additionally, 22% of frauds were associated with online bookings, fake franchise schemes, QR code scams, and 8% of complaints were attributed to Android Mobile Malware.
International-Origin Frauds
International-origin frauds comprised 38% related to investment and task-based scams, authorized push payments, while 23% were connected to illegal loan apps. A significant 21% involved scams related to illegal gaming and cryptocurrencies, 11% were romance scams, and 7% of complaints pertained to ransomware attacks and hackings.
The Social Media Cybercrime Landscape
In 2023, a staggering 1,41,056 social media-related cybercrimes were reported, underscoring the evolving nature of digital threats.
In conclusion, combating the rising tide of AePS frauds necessitates a multi-faceted approach, involving technological advancements, robust reporting mechanisms, and public awareness campaigns. Only through concerted efforts can we mitigate the impact of these cyber threats on individuals and the financial ecosystem.