How to Prevent the Misuse of Aadhaar Card?

Aadhaar fraud is the unauthorised use of someone’s Aadhaar details to pass identity checks or access services in their name. Aadhaar sits at the centre of many authentication processes, so breaches raise the risk of identity theft.

Consequences can include financial loss and personal data being diverted for fraudulent activity. People may also face disruption in services or routine transactions, and in some situations, legal implications.

A simple Aadhaar lock step can reduce misuse risk, but it also helps to know what fraud typically looks like.

Unsecured storage and public exposure

Records kept on weak servers have been accessed by hackers, then used to impersonate people and open fake accounts. In 2017, several government websites were found displaying Aadhaar numbers and beneficiary details, increasing privacy and theft risks.

Biometric misuse and AePS withdrawals

Leaked biometrics have been used to debit money through the Aadhaar-enabled Payment System by replicating fingerprints or exploiting compromised devices. In April 2025, police in Uttar Pradesh said a gang altered biometrics for more than 1,500 people across 12 states through illegal update activity.

Forged documents and operator access

Police cases in 2025 described forged papers being used to create identity records, alongside unauthorised access to UIDAI-linked systems using an operator ID and password. Reports also cited syndicates generating digitally forged birth and residence certificates through illegal portals, including the alleged creation of records for foreign nationals using collected biometrics.

Start by checking your Aadhaar Authentication History on the myAadhaar portal or in the mAadhaar app. The record shows the last six months of authentication activity, with up to 50 entries per view.

Log in using your Aadhaar number or VID, complete the security check and confirm with an OTP sent to your registered mobile number. Open Authentication History, choose All under Select Modality, set a date range, and fetch the results.

Review each entry for the authentication method, date and time, AUA name, transaction IDs and success status. Look for requests you do not recognise, odd timing or repeated failures, then adjust the date range if you need older entries.

If you suspect unauthorised use, start on the myAadhaar portal. Select Grievance and Feedback or File Complaint, add what happened, then keep your Enrolment ID, Update Request Number or Service Request Number for tracking. Check progress through Check Grievance or Feedback Status.

You can also contact UIDAI directly through the Aadhaar helpline 1947 or email help@uidai.gov.in with a clear summary. If there is financial loss, report it as cyber fraud via 1930 or the National Cybercrime Reporting Portal. CPGRAMS- Centralised Public Grievance Redress and Monitoring System is another accepted route if needed.

A simple setting can add a layer of protection without changing your Aadhaar details. Here are the key benefits of locking the Aadhaar card.

• It blocks fingerprint, iris, and face-based verification until you temporarily unlock it

• It suits people who share Aadhaar often or authenticate at multiple service points

• It helps when you notice unfamiliar entries in your Aadhaar authentication history

• It still lets you proceed when needed by unlocking for a short window

• It reduces the risk of biometrics being used without your consent

To temporarily lock your Aadhaar biometrics to prevent misuse, choose the online option. Here is how to lock Aadhaar biometrics-

• Go to the UIDAI myAadhaar portal and open the ‘Lock /Unlock Biometrics’ service.

• Complete OTP verification as prompted using your registered mobile number.

• Select ‘Enable Biometric Lock’ to lock fingerprint, iris, and face-based Aadhaar authentication.

The steps above pertain to biometric locking. If you want Aadhaar lock so it cannot be used for authentication while locked, follow these steps-

• Open the ‘Aadhar Lock and Unlock Service’ under My Aadhaar

• Select ‘Lock Aadhaar’

• Enter your Aadhaar number, full name, PIN code, and Captcha.

• Select ‘Send OTP’ and complete verification on your linked mobile number

• Your Aadhaar card biometrics will be successfully locked.

Once you enable the Biometric Locking system, your fingerprints, iris, and face data remain locked until you either temporarily unlock them or disable the locking system.

You can unlock biometrics using the UIDAI website, mAadhaar, an enrolment centre, or an Aadhaar Seva Kendra.

Follow these steps to unlock aadhaar card biometrics using the UIDAI website-

• Go to the UIDAI myAadhaar portal and open the ‘Lock /Unlock Biometrics’ service. 

• Complete OTP verification using your registered mobile number. 

• Choose Unlock to temporarily unlock your biometrics. UIDAI notes this is a temporary unlock option.

If you want biometrics to stay usable until you lock again, select Disable the locking system instead of temporary unlock.

The steps above relate to biometric unlocking. If you want to unlock your UID so it can be used for authentication again, follow these steps-

• Open the ‘Aadhar Lock and Unlock Service’ under My Aadhaar

• Select Unlock. 

• Enter your latest VID and the security code shown on the page.

• Tap ‘Send OTP’, then submit. Your UID will be unlocked.

You can also use SMS service for locking/unlocking your Aadhaar card, the process is quick and very user-friendly.

Before you start:

• Send all messages from your registered mobile number to 1947

• If you do not have a Virtual ID, generate it by sending GVID followed by the last 4 digits of your Aadhaar number

• If you already have one, retrieve it by sending RVID followed by the last 4 digits of your Aadhaar number

Lock Aadhaar number by SMS

• Request an OTP by sending GETOTP followed by the last 4 digits of your Aadhaar number

• Lock the UID by sending LOCKUID followed by the last 4 digits and the 6-digit OTP

• If the last 4 digits match for linked dependents, use the last 8 digits in the second message

Unlock Aadhaar number by SMS

• Request an OTP by sending GETOTP followed by the last 6 digits of your Virtual ID

• Unlock by sending UNLOCKUID followed by the last 6 digits and the 6-digit OTP

• If VID digits match for linked dependents, use the last 10 digits in the second message

Biometric locking on mAadhaar requires OTP verification, so your mobile number must be linked to Aadhaar. It is a practical option when you want tighter control over biometric authentication.

• Download the mAadhaar app from the Play Store or the App Store, then sign in with your registered mobile number

• Open My Aadhaar and add or select your Aadhaar profile, setting an app passcode if prompted

• Enter your Aadhaar number and captcha when asked, then complete OTP verification

• Choose the biometric lock option and enable the biometric locking.

Aadhaar photocopies are easy to circulate and hard to control, so UIDAI advises limiting how often you share them. Safer formats can usually meet KYC needs while revealing less information.

• Prefer Masked Aadhaar, which hides the first 8 digits and shows only the last 4 digits

• Share a Virtual ID when a number is requested, since it can be used for authentication or eKYC, and your Aadhaar number cannot be derived from it

• For KYC, consider the digitally signed Offline XML and share it with a Share Code, as it includes only the required details plus hashes of the registered mobile and email

• Ask the organisation to verify via the secure QR code on Aadhaar or e-Aadhaar instead of keeping a photocopy

• If a copy is unavoidable, use a Masked Aadhaar printout and write “For KYC with the <organisation name> only”, plus date and signature

• Review ‘Aadhaar Authentication History’ regularly, which shows six months of logs with up to 50 records per view

To enjoy any digital services via an Aadhaar card, you will have to use the one-time password (OTP) sent on your registered mobile number and email ID. Therefore you need to get your email ID and mobile number linked with your Aadhaar card. 

A new feature called TOTP (time-based OTP) is added by the government to minimise the malpractices of individuals/institutions asking for OTPs. Through TOTP, you can generate a unique code for accessing services via an Aadhaar card.

A Virtual ID or VID is a temporary, revocable 16-digit number mapped to your Aadhaar number, and it can be used instead of the Aadhaar number for authentication and eKYC. UIDAI also says there is no expiry period for VID. You can regenerate after a minimum validity period of 1 calendar day, and the older VID gets deactivated when a new one is generated.

It is okay to share your Virtual ID with institutions in any procedure regarding KYC and for information verification. Once the procedure is completed, it is important to generate a new Virtual ID so that your personal information is safe with you and not accessible by anyone else.

Here are a few things that would help you prevent misuse of the Aadhaar cards -

• You cannot temporarily use your Aadhaar card biometric as an authentication if it is locked.

• There is a high chance that some of your bank transactions might get affected or delayed as your Aadhaar card biometric will not be accessible.

• You can unlock your Aadhaar card biometric only by using the One Time Password. You will receive OTP via SMS on your registered mobile number.

• Locking/Unlocking is a free service offered by UIDAI.

• Do not disclose your Aadhaar OTP to any unauthorised entity, and share Aadhaar details only when you understand why they are being asked for.

Knowing how to lock an Aadhaar card gives you stronger control over authentication and lowers the risk of misuse. Keep sharing minimal, prefer masked Aadhaar or Virtual ID and review authentication history periodically.

This becomes even more relevant during personal loan applications, where identity checks are routine, and documents move across multiple touchpoints. Keep your registered mobile number active for OTP verification, unlock only when required and lock again once the task is complete. If anything looks off, report it promptly through the official UIDAI channels.