No OTP, No PIN: How Aadhaar-Linked Scams Are Emptying Bank Accounts Silently

Fraudsters are using fingerprints instead of passwords, and one small mistake can wipe out your savings

A new and extremely dangerous form of digital fraud is putting millions of bank accounts at risk. Unlike traditional scams that require OTPs, PINs, or debit cards, this one works using only your Aadhaar number and fingerprint. Victims often realise something is wrong only after their bank balance suddenly drops, without any alert, message, or visible transaction.

This scam operates through the Aadhaar Enabled Payment System, commonly known as AEPS. AEPS allows people to withdraw money using their Aadhaar number and biometric authentication. While the system was designed to make banking easier in rural and remote areas, criminals are now misusing it to drain accounts quietly.

In this fraud, scammers first obtain a person’s Aadhaar number. This usually happens at cyber cafés, photocopy shops, hotels, mobile repair shops, or any place where Aadhaar copies are casually shared. Many people unknowingly leave behind copies of their Aadhaar cards, making it easy for criminals to collect sensitive data.

Once the Aadhaar number is obtained, scammers try to gather banking information linked to it. The final and most dangerous step is collecting the fingerprint. Fraudsters often access biometric data from places where fingerprints are taken for verification, such as land registry offices or private service centres. Using this data, they create fake fingerprints, sometimes on artificial silicone thumbs.

With a fake fingerprint and Aadhaar number, criminals can withdraw money from the victim’s bank account using AEPS. No OTP, no PIN, no debit card, and no phone alert are required. This is why many victims do not realise what has happened until it is too late.

What makes this scam even more frightening is that transactions can appear normal on banking systems. Since AEPS is a legitimate payment method, the withdrawal does not trigger suspicion unless the victim checks their balance frequently.

Experts warn that Aadhaar biometric data is as sensitive as a bank password. If it falls into the wrong hands, financial damage can be severe and instant.

The good news is that there is a powerful safety feature available to everyone: Aadhaar Biometric Lock. When you enable biometric lock, your fingerprint and iris scan cannot be used for any financial transaction without your consent. Even if someone has your Aadhaar number and a fake fingerprint, money cannot be withdrawn.

Locking your biometrics does not affect your regular services. You can still use OTP-based authentication for eKYC, government services, LPG subsidy, and other benefits. The biometric lock only blocks fingerprint-based withdrawals.

To lock your Aadhaar biometrics, visit the official UIDAI website. Go to the “My Aadhaar” section and choose the “Lock/Unlock Biometrics” option. Enter your Aadhaar number, verify with OTP, and enable the biometric lock. Once done, your fingerprints and iris scans become unusable for AEPS withdrawals.

If you ever need biometric verification for bank KYC or SIM activation, you can temporarily unlock your biometrics for a short period and lock them again immediately after use.

Along with locking biometrics, people must change a few daily habits. Never share your Aadhaar number casually. Avoid giving photocopies unless absolutely necessary. If you must provide a copy, write the purpose and date on it. Never allow unknown persons to scan your fingerprint. Do not update Aadhaar details at unauthorised centres.

Be extra careful at cyber cafés and print shops. Always collect your documents immediately after use and ensure no copies are left behind. Avoid clicking on suspicious links or responding to unknown calls asking for Aadhaar-related information.

Many victims of AEPS fraud have reported that their accounts were emptied within minutes. The speed of the crime makes prevention far more important than recovery. Once money is withdrawn, tracing and refunding becomes difficult.

This new scam shows that digital safety is no longer only about OTPs and passwords. Biometric security has become equally critical. Aadhaar was created to simplify services, but without awareness, it can become a financial risk.

A few simple steps can protect your life savings. Lock your biometrics, guard your Aadhaar details, and stay alert. In the age of biometric fraud, silence does not mean safety. It only means the scam is harder to detect.

Disclaimer: This article is for general awareness only. Readers are advised to consult their bank or UIDAI for official procedures and security guidelines before taking any financial or identity-related action.