Yesterday at night 10:50 PM I got an SMS from Axis Bank notifying Rs.10000/- had been deducted via AEPS Withdrawl. I immediately called the Bank Customer Care, and they froze the account and advised me to visit the home branch today. I was not aware of AEPS, so did a quick Google search and found out that by using AADHAAR/Bank Account Number and Biometric, cash can be withdrawn. Within the last 1year, I haven't done any AADHAAR-based KYC. The transaction details is showing the location as BAGACHRA, BENIPUR, MURSHIDABAD, West Bengal. I found out from my friend that the best way to prevent this is to lock Biometric in the Unique Identification Authority of India (UIDAI) portal. After locking it when I checked Aadhaar Authentication by Biometric history from the last 6 months, I noticed that last Sunday (17th Sep), there were multiple successful and failed Authentication of my other Banks (no money has been deducted though due to low balance). I raised a complaint to the National Payments Corporation Of India (NPCI) and the National Cyber Crime Reporting Portal. I have the following concerns. 1. How one can get access to biometrics so easily? I just now read one article that thumb impressions are being stolen from the land registration office, which is a possibility provided I had registered properties last year. 2. Why is this feature enabled by default and the Bank didn't ask/gave any notification? Even a tech-savvy person like me who always does online transactions was not aware of this feature. Otherwise, I could have disabled the feature. 3. I haven't received a single notification from the past authentications from the Unique Identification Authority of India (UIDAI). Usually, it should block multiple random failure attempts and or at least send any e-mail or SMS. 4. Axis Bank and National Payments Corporation Of India (NPCI) could have also blocked this transaction provided it is in an unusual time and location completely out of pattern. It's 2023, how is it allowed to transact without a two-factor authentication? 5. If the Government is forcing all financial entities to be linked to AADHAAR, it should take responsibility for safeguarding such critical biometric data. It's not just a Phone Number or Account Number that I can change, it's BIOMETRIC data including Fingerprints and Iris. Not sure in the future how these can be used to commit fraud. Update: The full amount was refunded by the bank after a week. #cybercrime #aadhar #aeps #fraud #fingerprint #biometric
Well said… On a separate note, are you sugesting that they lifted the finger prints from the registration office and used it for AEPS? That is very worrying... I hope National Payments Corporation Of India (NPCI) or @Axis Bank would find that our from the data of the transaction they have.
Hi Sayan, we request you to share with us your concern and registered contact number on the following link: https://bit.ly/2ym8k8k. Alternatively, you may also message us on our official Facebook page: https://www.facebook.com/axisbank/ so that we may assist you further in the referred matter. Regards, Team Axis Bank
Hi Sayan Seth Did you get any ticket number from NCPI since what I have found that there is no proper complaint system there and no reference number or status can be tracked and you are on mercy of National Payments Corporation Of India (NPCI) response which they do only if raised on social media to save face otherwise no email to you, no calls to you
Have You Done Any Transactions for Land in Recent Times Sayan Seth ???
But every time when addhar based otp generated you get sms , Didn't you?
Sabka Saath sabka vikaas, is nothing but a cheesy line. There is little to no investment or focus on security of assets and database. If you search “Aadhar database breach”, you’ll notice it is common in every two to three months. Of course, this is never covered in mainstream media due to biased coverage. But, everyone in IT knows that their details are never safe.
Sayan Seth I too have faced similar issue with other bank. Though in my case it was bank fault because they had 2 separate ADHAAR linked with same bank account and I was not notified for this. So person with other AADHAAR was able to Withdraw. Default setting for SMS was set to 5000, so I didnt get messages until i noticed my balance going down. I tried checking with bank and didnt get much help so I reached out to RBI Ombusement. Since fault was from Bank, they returned money after this. Please check if this help. Usually AEPS transaction detail contains one number which tells which KIOSK center was used to Withdraw the money. Bank can check this. Abd as you mentioned yes it is good to disable AEPS transactions as most of use rarely use it.
Last year, I suffered a loss of 18,000 INR within a month of registering a property in West Bengal. This loss was linked to my Axis Bank account. I filed a complaint with the Banking Ombudsman but unfortunately, I did not receive a refund. As a result of this incident, I deactivated the biometrics associated with my Aadhaar. Recently, I was reviewing the history of Aadhaar authentications and noticed that Axis Bank had made several unsuccessful biometric authentication attempts in the past six months. 😅
Rs 149/- has been deducted from my Axis Bank account in last week.. I called the customer care and asked for clarification. They have told that I haven't done any transaction in last month, that's why it was deducted.. I haven't seen such kind of cheap and nonsense excuse from any other bank. I decided to close my account..
Hi, thanks for bringing this to our notice. Let us look into this.