New Delhi: In a significant breakthrough against biometric-enabled financial fraud, cybercrime investigators in Uttar Pradesh’s Barabanki district have dismantled an alleged organized gang accused of using fake fingerprints and cloned biometric data to fraudulently withdraw money from bank accounts through the Aadhaar Enabled Payment System (AEPS). Three accused have been arrested, while investigators continue efforts to identify other members believed to be associated with the network.
The case highlights the growing misuse of biometric authentication systems by cybercriminals who are increasingly exploiting stolen personal information and cloned fingerprints to gain unauthorized access to banking services. Investigators believe the gang operated through a carefully planned network involving retailer IDs, sensitive identity data and fraudulent biometric verification tools.
According to officials, the investigation began following a complaint filed by a resident of Barabanki district who alleged that a retailer ID created under a digital financial services platform had been misused to conduct fraudulent transactions. The complainant claimed that individuals associated with the operation had induced his relative to obtain a retailer ID and subsequently used it to carry out unauthorized financial transactions.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
Modus Operandi of Identity Theft
Preliminary findings revealed that approximately ₹1.29 lakh was allegedly withdrawn and transferred through multiple transactions using forged Aadhaar credentials and cloned biometric data. Investigators examining financial records, transaction logs and chargeback notices reportedly discovered several suspicious activities linked to the retailer account over a period of time.
Based on the complaint, police registered a case under relevant provisions of the Bharatiya Nyaya Sanhita (BNS) and Sections 66C and 66D of the Information Technology Act, which deal with identity theft and cheating through computer resources.
The breakthrough came after cyber investigators combined digital forensic analysis with manual intelligence gathering to trace the suspects’ movements and financial activities. Acting on specific inputs, police conducted an operation near an industrial area in Barabanki and arrested three accused identified as Shivam Yadav, Manish Yadav and Nusrat Ali.
Bypassing Biometric Authentication
During interrogation, investigators allege that the accused disclosed details of the operation and explained how the network functioned. According to police, the gang allegedly persuaded individuals to obtain retailer IDs by offering commissions and incentives. Once such IDs were activated, the suspects reportedly gathered sensitive personal information from multiple sources, including Aadhaar numbers, bank account details, mobile phone numbers and PAN-related data.
Officials suspect that the information was then used to create cloned biometric profiles capable of bypassing authentication mechanisms associated with AEPS transactions. Using these cloned fingerprints, the accused allegedly accessed banking services and withdrew money from victim accounts without their knowledge.
Investigators believe the operation relied heavily on identity theft and unauthorised use of biometric credentials. Cybersecurity experts have repeatedly warned that biometric fraud is emerging as a major challenge because fingerprints, unlike passwords, cannot be easily changed once compromised.
Seizures and Expert Warnings
Police further stated that the proceeds of the alleged fraud were distributed among members of the network and routed through multiple accounts. Authorities suspect that some of the money was later used for purchasing vehicles, land and other assets in an attempt to conceal the origins of the funds.
During the operation, investigators recovered four mobile phones, five SIM cards, two thumb scanner devices and an Ertiga car allegedly linked to the fraud network. Digital forensic examination of the seized devices is currently underway to identify additional victims, financial transactions and possible associates operating in other districts or states.
Renowned cybercrime expert and former IPS officer Prof. Triveni Singh said cybercriminals are increasingly combining social engineering with advanced biometric manipulation techniques to target unsuspecting citizens. He advised individuals to regularly monitor their bank accounts, safeguard Aadhaar-linked information and immediately report any unauthorised AEPS transaction to banks and the national cybercrime helpline.
Uncovering a Wider Cyber Syndicate
Investigators believe the arrests may help uncover a wider network involved in biometric-enabled financial fraud. Police are now analysing transaction trails, digital evidence and communication records to identify additional suspects and determine the full scale of the operation.
The case serves as a reminder that while biometric banking systems offer convenience and accessibility, they also require strong safeguards and continuous monitoring to prevent misuse by increasingly sophisticated cybercrime syndicates.
