Can someone access your bank account using your Aadhaar number
What's the story
An Aadhaar card is a vital document that is needed for verification purposes, during activities such as opening bank accounts and withdrawing money from the Employee's Provident Fund (EPF).
This card incorporates all the important personal details. However, do you really need to worry if someone gets their hands on your Aadhaar card? Can they access your bank account?
Let us find out.
Context
Why does this story matter?
In this era of digital transformation, you need to think twice before disclosing your personal details on public forums.
According to the Unique Identification Authority of India (UIDAI), people should practice safe cyber hygiene when using their Aadhaar card publicly.
They should avoid sharing or accessing their Aadhaar details on public computers as doing so puts them at risk of identity theft or cybercrime.
Details
Bank accounts cannot be hacked with just Aadhaar number
Just as no one can access your bank account by knowing only your account number, no one can withdraw money (or access your Aadhaar-linked bank account) by merely knowing Aadhaar number.
To withdraw money from the bank account requires your signature, debit card, PIN, OTP, etc. In a similar way, to gain access to your Aadhaar-linked account, your fingerprint and OTP is needed.
Scenario
UIDAI keeps upgrading and reviewing its security systems
To make Aadhaar more secure and functional, UIDAI continually reviews and updates its safety features and security systems.
No biometric data from the Aadhaar database has ever been compromised, according to UIDAI.
To provide further security, banks deploy security protocols like certificate pinning for safe banking of Aadhaar-linked bank accounts, irrespective of the customer's internet security.
Precautions
Individuals are advised to share only masked copies of Aadhaar
If someone tries to access your Aadhaar-linked bank account using your Aadhaar number, they have to undergo rigorous user authentication protocols of banks.
However, individuals are still advised to avoid downloading e-Aadhaar on a public computer such as internet cafes or kiosks. However, if done, they should delete downloaded copies.
Also, they should share their Aadhaar photocopies only in a masked format.
Loophole
Criminals always find ways to steal public info
According to UIDAI, there has not been a single instance of a biometric data breach from the Aadhaar database.
However, criminals have devised ways to steal people's information including thumbprints, by downloading Aadhaar cards and accessing digital fingerprints.
Then they create thumb impressions, put these clone fingerprints on biometric machines attached to NPCI and UIDAI, and withdraw/transfer money from bank accounts.