AePS Fingerprint Clone Fraud in India — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 01, 2026

Severity: CRITICAL | View Full Scam Details

AePS Fingerprint Clone Fraud: Protect Your Aadhaar Money in India (2026)

AePS fingerprint clone fraud is a serious threat in India, using cloned fingerprints to steal money directly from your Aadhaar-linked bank account.

What Is the AePS Fingerprint Clone Fraud in India?

The Aadhaar-enabled Payment System (AePS) was designed to make banking easier and more accessible, especially for people in rural areas who may not have easy access to ATMs or traditional banking services. It allows you to withdraw cash, make balance inquiries, and even transfer funds using just your Aadhaar number and fingerprint for authentication. Unfortunately, this convenience has opened the door to a new kind of fraud: fingerprint cloning.

Scammers are finding increasingly sophisticated ways to obtain your fingerprint and use it to access your bank account without your knowledge or consent. This fraud is particularly prevalent in areas where people heavily rely on AePS for daily transactions. Victims often come from rural areas where awareness of digital fraud is lower. While the RBI and CERT-In haven't issued specific advisories solely on AePS fingerprint cloning, they have consistently warned about the risks of biometric data compromise and the importance of secure authentication practices. The Indian Cybercrime Coordination Centre (I4C) is actively working to combat such cybercrimes, but prevention at the user level remains critical.

This type of fraud undermines the trust in the AePS system and causes significant financial hardship for victims.

How This Scam Works — Step by Step

Here's how AePS fingerprint clone fraud typically unfolds:

1. Initial Contact: The scam usually starts with a phone call or a WhatsApp message. The scammer often pretends to be a representative from a bank, a government agency, or even a local service provider offering assistance with your Aadhaar-linked bank account.
2. False Pretext: They create a sense of urgency or offer a tempting deal, like updating your KYC (Know Your Customer) details, resolving a fictitious issue with your Aadhaar linkage, or claiming you're eligible for a government subsidy. The key is to get you to trust them.
3. Fingerprint Acquisition: This is where the scam gets dangerous. The fraudster might ask you to provide your fingerprint on a device they control, either in person (under the guise of registration or verification) or remotely. In more sophisticated cases, they might use hidden cameras or other methods to capture your fingerprint without your direct knowledge.
4. Fingerprint Cloning: Once they have your fingerprint image, they use technology to create a fake fingerprint clone. This could involve making a mold of your fingerprint using readily available materials like silicone or gelatin.
5. Unauthorized Transactions: With the cloned fingerprint, the scammer can now access your Aadhaar-linked bank account through an AePS-enabled device. They can withdraw cash, transfer funds, or even make purchases without your permission.
6. Funds Siphoning: They quickly move the stolen money to various accounts to make it difficult to trace, often using mule accounts or converting the funds into cryptocurrencies.

Real Warning Signs to Watch For

• Unexpected Calls or Messages: Be wary of unsolicited calls or WhatsApp messages claiming to be from a bank or government agency, especially if they ask for your Aadhaar details or fingerprint.
• Requests for Fingerprint Verification Outside of Official Channels: Never provide your fingerprint on a device controlled by someone you don't trust. Legitimate AePS transactions always happen at authorized merchant locations or bank branches.
• Promises of Easy Money or Benefits: Scammers often lure victims with the promise of quick money or government subsidies to gain their trust.
• Pressure to Act Quickly: Fraudsters use urgency to prevent you from thinking critically. If they pressure you to act immediately, it's a red flag.
• Poor Grammar and Spelling: Scam messages and emails often contain grammatical errors or spelling mistakes.
• Requests for Aadhaar OTP: You should NEVER share your Aadhaar OTP with anyone. Banks or government officials will NEVER ask for your Aadhaar OTP.
• Mismatched Information: If the details provided by the caller or in the message don't match your account information, be suspicious.

What Happens to Victims

The consequences of AePS fingerprint clone fraud can be devastating. Victims not only lose their hard-earned money (sometimes their entire savings), but they also face emotional distress and a loss of trust in the banking system. The misuse of Aadhaar data can also lead to further identity theft and fraud. Reversing fraudulent UPI transactions can be a lengthy and complicated process. Victims may also face difficulties accessing government services and subsidies if their Aadhaar details have been compromised. In extreme cases, victims may even be falsely implicated in other fraudulent activities using their stolen identity.

What RBI and CERT-In Say

While there aren't specific, dedicated announcements against AePS Fingerprint Cloning specifically, the RBI has consistently emphasized the importance of customer awareness and responsible digital banking practices. Their guidelines on limiting liability in unauthorized electronic transactions provide some recourse for victims, but early reporting is crucial. Similarly, CERT-In regularly issues advisories regarding phishing attacks, malware, and other cyber threats that can be used to collect personal information, including biometric data. Remember to report any suspected cybercrime incidents to the national cybercrime reporting portal (cybercrime.gov.in) and call the cybercrime helpline (1930).

How to Protect Yourself

1. Never Share Your Aadhaar or Biometric Data Unnecessarily: Only provide your Aadhaar number or fingerprint when absolutely necessary and to trusted sources.
2. Be Cautious of Unsolicited Calls and Messages: Do not trust callers claiming to be from banks or government agencies asking for your personal information. Always verify their identity independently.
3. Protect Your Fingerprint: Avoid touching fingerprint scanners in public places if you are unsure of their legitimacy.
4. Enable Transaction Alerts: Set up SMS and email alerts for all transactions on your Aadhaar-linked bank account so you can quickly detect any unauthorized activity.
5. Regularly Review Your Bank Statements: Carefully check your bank statements for any suspicious transactions and report them immediately.
6. Consider Biometric Locking: Explore the option of locking your biometrics through UIDAI (Unique Identification Authority of India) when you don't need to use them regularly. This prevents unauthorized biometric authentication.
7. Report Suspicious Activity: If you suspect that your fingerprint has been compromised, immediately report it to your bank and the cybercrime authorities.

What to Do If You've Been Targeted

If you suspect you've been a victim of AePS fingerprint clone fraud, take these immediate steps:

1. Contact Your Bank Immediately: Report the fraudulent transaction to your bank and request them to freeze your account and block any further unauthorized transactions.
2. File a Complaint with Cybercrime Authorities: Lodge a complaint on the National Cybercrime Reporting Portal (cybercrime.gov.in) and call the cybercrime helpline at 1930.
3. Report to UIDAI: Inform UIDAI about the potential misuse of your Aadhaar details.
4. File a Police Report: Visit your local police station and file a First Information Report (FIR) detailing the incident.
5. Change Your Banking Passwords and PINs: Update all your banking passwords and PINs to prevent further unauthorized access.
6. Monitor Your Credit Report: Keep an eye on your credit report for any signs of identity theft or fraudulent activity.

Frequently Asked Questions

Q: What is AePS? A: AePS stands for Aadhaar-enabled Payment System. It allows you to access your bank account and perform transactions using just your Aadhaar number and fingerprint for authentication.

Q: How can scammers clone my fingerprint? A: Scammers can clone your fingerprint by obtaining an image of your fingerprint through various means, such as collecting them from unsecured fingerprint scanners, or social engineering to get you to provide your fingerprint to them directly. They then use these images to create fake fingerprints.

Q: Is AePS a safe system to use? A: AePS is generally a secure system, but like any technology, it is vulnerable to fraud if precautions aren't taken. By being vigilant and following the safety tips outlined above, you can significantly reduce your risk of becoming a victim of fraud.

Don't let scammers steal your hard-earned money! If you receive any suspicious messages or calls, verify them immediately at BharatSecure.app.