16th May 2023 (7 Topics)
1
May
2
May
3
May
4
May
5
May
6
May
8
May
9
May
10
May
11
May
12
May
13
May
15
May
16
May
17
May
18
May
19
May
20
May
22
May
23
May
24
May
25
May
26
May
27
May
29
May
30
May
31
May
Gaps in AePS abused by cybercriminals
Context
There has been a noticeable rise in fraud related to Aadhaar-enabled Payment Services (AePS).
About
What is Aadhaar-enabled Payment Services (AePS)?
- Aadhaar-enabled Payment Services (AePS) is a bank-led model that facilitates online financial transactions at Point-of-Sale (PoS) and Micro ATMs.
- It enables secure transactions through the business correspondent of any bank by leveraging Aadhaar authentication.
- AePS eliminates the need for OTPs, bank account details, and other financial information, streamlining the process.
- AePS requires only the bank name, Aadhaar number, and fingerprint captured during Aadhaar enrolment as inputs for various transactions.
- These transactions include cash deposit, cash withdrawal, balance inquiry, mini statement, Aadhaar to Aadhaar fund transfer, authentication, and BHIM Aadhaar pay.
Are AePS transactions enabled by default?
- The default enabling status of AePS transactions is not explicitly mentioned by the Unique Identification Authority of India (UIDAI) or the National Payments Corporation of India (NPCI).
- According to Cashless India, a website managed by MeitY, AePS does not require any activation; however, the user's bank account should be linked to their Aadhaar number.
- Additionally, users who intend to receive benefits or subsidies under schemes governed by section 7 of the Aadhaar Act are required to provide their Aadhaar number to the banking service provider.
- Aadhaar is also the preferred method for KYC (Know Your Customer) in the banking sector, which often leads to the automatic enabling of AePS for most bank account holders.
What are the ways to secure Aadhaar biometric information?
- Aadhaar (Sharing of Information) Regulations, 2016: The UIDAI is proposing an amendment to theregulations, which will require entities in possession of an Aadhaar number to not share details unless the Aadhaar numbers have been redacted or blacked out through appropriate means, both in print and electronic form.
- Authentication:The UIDAI has also implemented a new two-factor authentication mechanism that uses a machine-learning-based security system, combining finger minutiae and finger image capture to check the liveness of a fingerprint.
- Locking Aadhaar:Additionally, users are also advised to ensure that they lock their Aadhaar information to ensure that their biometric information, even if compromised, cannot be used to initiate financial transactions. Aadhaar can be unlocked when the need for biometric authentication arises, such as for property registration and passport renewals, after which it can again be locked.
More Articles
Courses
Study
Notes
Home
Resources
More
