Don't share information over the phone with anyone.
Use only official apps and keep your Aadhaar locked unless needed, advises Tinesh Bhasin.
Illustration: Dominic Xavier/Rediff.com
The Aadhaar conundrum continues for the retail consumer.
On one hand, the Supreme Court is yet to give its final verdict on its legality. But, on the other hand, precious data is being leaked and some companies have been misusing this 12-digit unique identification number.
Recently, the Unique Identification Authority of India (UIDAI) initiated an inquiry against a telecom operator for allegedly opening payments bank accounts of its subscribers who went for Aadhaar-based SIM verification without their 'informed consent'.
Even the Life Insurance Corporation has issued an advisory to its customers. The insurer came across messages where policyholders were asked to link Aadhaar to their policies by sending an SMS to a designated number.
LIC said it does not have such a facility.
Already, there have been several cases where criminals have called people on the pretext of linking their Aadhaar with bank accounts or mobile numbers.
After making them reveal sensitive information, the criminals have stolen money from their bank accounts.
"Earlier, individuals were getting calls from criminals to reveal bank-related one-time passwords (OTP). Now, these criminals are using Aadhaar seeding as the new tool to get sensitive information," says Rohit Srivastwa, a cybersecurity expert.
Experts say that most frauds occur as victims share their sensitive information with criminals due to lack of awareness.
Scammers usually call with threats that unless the individual shares details right away, their bank accounts will be locked or mobile SIM cards deactivated.
"No service provider ever calls individuals to collect data. If you get a call asking for any information, then it is bound to be a fraudulent call," says Sivarama Krishnan, partner and leader-cybersecurity, PwC India.
Just following a few precautions can help you prevent losing money to frauds and misuse of your Aadhaar details.
When you have to link your Aadhaar to any services, check on the Web site of the company on the ways you can do it.
For banks, all you need to do is mention the Aadhaar number online as the account is already know-your-customer (KYC) compliant.
It's only for telecom companies that you are required to visit the retailer or their outlet and authenticate biometrics.
These days, criminals have also resorted to collecting sensitive data through apps.
Once installed on your phone, these apps ask for details such as a bank account or card details to link Aadhaar.
Once shared, the details are used to swindle money.
Ensure that you don't download and install apps that are not from the Google Play Store (Android) or Apple's store or iTunes.
"Even if the app is from an authentic source, avoid third-party apps and only go for official ones," says Krishnan.
If a service provider insists on a photocopy of the Aadhaar card, sign on it, mention the date and purpose for which the photocopy was shared.
UIDAI also provides an option to users to lock and unlock their Aadhaar account.
One way to do this this is by using an OTP.
A simpler way is to download the mAadhaar app.
You can lock and unlock the account more easily through the app whenever needed.
How to lock/unlock biometrics
- Go to: https://resident.uidai.gov.in/biometric-lock
- Enter your Aadhaar number
- Enter security code/captcha
- Receive the OTP
- Lock your Aadhaar
- In app, select biometric settings to lock or unlock after setting up your profile