Aligarh: In a startling cybercrime case, police have arrested a man who allegedly learned fingerprint cloning techniques from YouTube and siphoned off nearly ₹3.5 million from multiple bank accounts using the Aadhaar Enabled Payment System (AEPS). The accused has been identified as Shivam Kumar, a resident of Fatehpur, who was tracked and apprehended following technical surveillance from Gurugram.
According to investigators, Kumar purchased a rubber stamp–making machine online for around ₹14,000 and used polymer curing chemicals to fabricate artificial thumbs. The probe revealed that he downloaded sale deed PDFs from government revenue portals to extract Aadhaar numbers and fingerprint impressions. Using this data, he created cloned fingerprints and carried out biometric transactions on AEPS machines.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
Police said the accused would enter victims’ Aadhaar details into AEPS applications, transfer money into his banking correspondent (BC) wallet, and later withdraw cash through Jan Seva Kendras. Using this method, he allegedly drained lakhs of rupees from different accounts over several months.
Following complaints from victims, a case was registered under cheating and IT Act provisions at the cyber police station. Digital trails, mobile location data and banking records were analysed to trace the suspect. He was eventually located and arrested from the Bhangrola police station area in Gurugram.
During the arrest, officers recovered 689 cloned fingerprints, six mobile phones, two SSD drives, 13 SIM cards, two biometric devices, and one laptop from his possession. Officials said the seized material clearly indicates the fraud was carried out in a highly organised and technically planned manner.
According to the Crime Circle Officer, charge sheets have already been filed against seven other accused linked to the same network. Shivam Kumar is also facing fraud cases in Kanpur and Fatehgarh. Police have now sent all seized devices for forensic examination to determine how many accounts were targeted and through which channels the money was routed.
Investigators explained that in fingerprint cloning scams, criminals first collect personal data, then create fake biometric replicas to execute AEPS withdrawals. In many cases, victims remain unaware until funds have already vanished from their accounts.
Cyber officials warned that such crimes are becoming increasingly sophisticated, combining biometric manipulation with digital payment systems. They urged citizens to exercise extreme caution while sharing Aadhaar or biometric information, and advised against submitting fingerprints on unknown devices or to unauthorised individuals.
Police also appealed to the public to avoid handing over documents casually, using biometric services at unverified centres, or installing suspicious applications. Any unusual banking activity should be reported immediately.
Authorities stressed that in the event of digital fraud, victims must promptly inform their bank, attempt to freeze affected accounts, and lodge complaints on the official cybercrime portal. Early reporting, especially within the first few hours, significantly improves the chances of recovering stolen funds.
Police said the investigation is ongoing and efforts are underway to identify additional accomplices and suspicious accounts based on the evolving digital money trail.
About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.
