Fraud cases involving ‘misuse’ of Aadhaar data on rise, last week one of my relatives called me and anxiously told me that a duplicate e-sim card was issued against his name using his Aadhaar card without his notice and wanted to know what can he do to prevent misuses of his Aadhaar card in future.
Late last year there was a report of a major breach of Aadhaar details of 81.5 crore Indians due to a massive data leak from Indian Council of Medical Research (ICMR) and that data was placed on auction sale in the darkweb. Many of us give Aadhaar card photocopy or scanned copy to various agencies and businesses for hotel room reservation, loan or other banking services, sim card, school/college admission etc. which may also get leaked and sold to criminals. In my previous article, I had listed various frauds done using such leaked or stolen Aadhaar card details, please check it.
Aadhaar is a 12-digit unique identity number that can be obtained voluntarily by all residents of India, based on their biometrics (10 finger prints, 2 iris prints and photo of face) and demographic data. Aadhaar program was initially created aiming to issue an Aadhaar number to all residents ensuring that it is robust enough to eliminate duplicate and fake identities, and that the number can be verified and authenticated in an easy and cost-effective way online anywhere, anytime. Later, it was extended as proof of identity and proof of address for residents of India for host of services, including mobile SIM cards, bank accounts, registration of deaths, land registration, vehicle registration, the Employees’ Provident Fund Organization, and a large number of welfare schemes by government and by private companies and businesses.
Preventive steps one can take to prevent such misuse or frauds :-
- Do not share your Aadhaar card unless its actually needed, if you have to share, share black and white photocopy of it and write the reason for giving along with the date of issue.
- Instead of Aadhaar use driver’s license or voter ID for verification of your name, age or address.
- Keep the mobile number linked to Aadhaar updated if you happen to change your mobile number, same goes with e-mail address as you get messages on both if any verification happens on your Aadhaar number.
- Check your Aadhaar authentication history report on uidai.gov.in website regularly for unexpected verifications.
- Do lock biometric verification of your Aadhaar card on the Aadhaar website or mAadhaar App and unlock it whenever you want.
- You can generate Aadhaar card virtual ID on Aadhaar website and use it for verification and then change it after verification.
- You can download Masked Aadhaar copy from UIDAI website and use it for verification.
Steps you can take once you are aware of misuse of your Aadhaar card :-
- To prevent further misuse, lock your Aadhaar biometric or your Aadhaaar card itself on mAadhaar App and unlock it only when you need it at a later date.
- Immediately call 1930 cyber helpline or file a complaint on misuse at cybercrime.gov.in website or at your local police station.
- Call 1947 Aadhaar Helpline number or Email help@uidai.gov.in, or lodge a complaint on the UIDAI website to report the fraudulent activities of your Aadhaar card.
- File a complaint against the government or other organizations that have allowed the fraud without proper verification and take legal action against them.
Legal(Indian) remedies available to the victim :-
You can register a criminal case at your nearest cyber or regular police station, under the following legal sections or under the Acts and Sections as prescribed by the police as per your case :
- Section 378(Theft), Section 405/406(Criminal breach of trust), Section 415/416/417(Cheating),section 419 (punishment for cheating by impersonation), Section 419 (punishment for cheating by impersonation), Section 420 (cheating and dishonestly inducing delivery of property), Section 424(extract data illegally), Section 441(criminal trespass) of Indian Penal Code (IPC).
- Section 43 (Penalty and compensation for damage to computer, computer system, etc.), section 66 (punishment for computer related offences – a person committing data theft, transmitting virus into a system, destroying data, hacking, or denying access to the computer or network to an authorized person), section 66C(which prescribes penalties for identity theft and states that anyone who fraudulently or dishonestly uses a person’s identity information) and Section 66D (punishment for fraud by impersonation using computer resources), Section 66E(Violation of privacy).
- Section 36 – Penalty for impersonation, Section 37 – Penalty for disclosing identity information or section 40 – Penalty for unauthorized use by requesting entity or offline verification-seeking entity under Aadhaar Act 2016, carrying punishment of imprisonment up to 3 years or a fine of Rs. 10,000/1,00,000 or both may be awarded.