What is AePS Security and why is it popular?
Aadhaar-enabled Payment System (AePS Security) is a biometric-based payment system that allows users to access their bank accounts using their Aadhaar number and fingerprint or iris scan. AePS enables users to perform basic banking transactions such as balance enquiry, cash withdrawal, cash deposit, fund transfer, and mini statement at any AePS touchpoint, such as micro ATMs, banking correspondents, or merchant outlets.
AePS has emerged as a popular and convenient mode of payment, especially for the rural and unbanked population, who may not have access to other digital payment options. According to the National Payments Corporation of India (NPCI), AePS recorded over 2.8 billion transactions worth Rs 9.9 lakh crore in 2023-24, registering a growth of 34% in volume and 28% in value compared to the previous year.
What are the common frauds associated with AePS?
However, recent instances of fraudulent activities, including stealing Aadhaar data and siphoning funds, have raised concerns regarding the security of AePS. Some of the common frauds reported are:
- Impersonation: Fraudsters pose as bank officials or government representatives and ask users to share their Aadhaar number and OTP (one-time password) to verify their identity or update their details. They then use this information to access the user’s bank account and transfer money using AePS.
- Phishing: Fraudsters send fake emails or SMSes claiming to be from NPCI, UIDAI, or banks and ask users to click on a link or download an app to avail some benefits or rewards. The link or app may contain malware that can capture the user’s Aadhaar data and other personal information.
- Skimming: Fraudsters use devices or software to capture the user’s biometric data during an AePS transaction at a touchpoint. They then use this data to clone the user’s fingerprint or iris and perform unauthorized transactions using AePS.
What are the RBI’s plans to enhance the security of AePS?
To address these fraud risks, the Reserve Bank of India (RBI) has announced plans to bolster the security measures for AePS in its latest monetary policy statement. The RBI has proposed to:
- Streamline the onboarding process, including mandatory due diligence, for AePS touchpoint operators, to be followed by banks.
- Enhance the security features of AePS transactions, such as introducing two-factor authentication, biometric encryption, and transaction alerts.
- Implement fraud risk management measures, such as setting transaction limits, monitoring suspicious activities, and reporting fraud incidents.
The RBI expects that these measures will help protect the users’ Aadhaar data and bank accounts from unauthorized access and misuse.
What are the best practices for using AePS Security?
The RBI also urges the users to be vigilant and aware of the possible frauds and follow the best practices while using AePS, such as:
- Never share your Aadhaar number, OTP, PIN, or bank details with anyone over phone, email, or SMS.
- Never click on any suspicious link or download any unknown app that claims to be related to AePS.
- Always check the transaction amount and confirm it before providing your biometric authentication at an AePS touchpoint.
- Always collect the receipt or confirmation message after completing an AePS transaction.
- Always report any fraudulent or unauthorized transaction to your bank or NPCI immediately.
AePS is a revolutionary payment system that has enabled financial inclusion and empowerment for millions of Indians. By enhancing its security features and creating awareness among its users, the RBI aims to make AePS more safe and reliable for everyone.
Recent Blog : MSE Payments: Businesses Navigate New Tax Law