Aadhaar-enabled payment system (AePS) transactions can be conducted with just an Aadhaar number, fingerprint/IRIS (for authentication), and the name of the bank where the account is opened. To prevent misuse of Aadhaar data the biometrics should be locked using the m-Aadhaar app or Unique Identification Authority of India (UIDAI) website.
However, if an individual has not locked their biometrics details and is a victim of AePS fraud, then here’s what can be done now.
Bank’s customer care: One of the first things that an individual should do is to contact the bank’s hotline number to report fraudulent transactions. Every bank in India has a dedicated hotline number to report fraudulent transactions. You can call the hotline number and provide whatever details you could gather about the fraudulent transaction like the SMS intimation or email or others
Account Block: “People can request their bank to temporarily block their account to prevent unauthorised transactions if they are suspicious of any ongoing misuse or fraud. This step is essential to ensure that the security of your account is intact,” says Shreejith Menon, COO- of Operations Customer Service & Facilities, at Fincare Small Finance Bank.
“For your security, change your PIN, internet banking password, and any other relevant passwords associated with your accounts immediately,” Menon further advised.
Notify the authorities: “The victim(s) of AePS unauthorised transactions should immediately report the fraud incident to his bank and file a police complaint and also report the incident to National Cyber Crime Reporting Portal (https://cybercrime.gov.in/). Further, the victim also has 90 days to raise chargeback (reversal) on the transaction. They have to approach their bank for this or call the customer service helpline of the bank. Also based on the customer’s request, the bank will be taking steps to prevent further transactions in the account,” says Biju K, Senior Vice President & Chief Vigilance Officer, at Federal Bank.
Further, the Unique Identification Authority of India (UIDAI) must also be apprised of the AePS fraud incident. The contact details of UIDAI can be found here- https://uidai.gov.in/en/contact-support.html.
Do note that there are per-day and amount-specific limits for AePS transactions. Currently the maximum per day limit is Rs 10,000 for a maximum number of five transactions per day. So, a total of Rs 50,000 can be withdrawn in five transactions per day using AePS. If an AePS fraud has happened to you, immediately block your bank account for transactions right from the first unauthorized transaction, do not wait.
How do banks protect your money from frauds?
Banks also have a risk monitoring cell that alerts a customer when they detect any suspicious or fraudulent transactions.
“Banks have deployed monitoring tools to track anomalous transactions in the customer account. Accordingly, various monitoring rules have been defined by the bank and configured. The generated alerts are being continuously monitored by the analysts. Banks also report the details of unauthorized transactions to the National Payment Corporation of India (NPCI) for further action,” says Biju K of Federal Bank.
Menon of Fincare Small Finance Bank further shares some details about the risk monitoring tools used. The tools used vary from bank to bank.
Geographical location monitoring: Banks often monitor the geographical locations of transactions. If a transaction occurs in a location that is significantly different from the customer’s usual transaction history (e.g., a customer from Bangalore conducting a transaction in Delhi), it can trigger an alert. The bank’s support team might then contact the customer and verify the transaction.
Transaction frequency and patterns: Banks analyse the frequency and patterns of transactions. Unusual or unexpected transactions, such as a sudden spike in activity or a type of transaction the bank’s customer rarely engages in, could trigger alerts.
Behavioral analysis: Some banks use behavioral analysis to establish a baseline of their customer’s typical behavior. Deviations from this baseline can raise suspicions. For example: Transactions that occur during non-business hours or on holidays when the customer typically does not conduct banking activities can be considered suspicious. The bank may ask for confirmation and verify the transaction with the customer.