Credit Score Aadhaar biometric lockmAadhaar appprevent ghost loans Indiaidentity theft preventionAadhaar fraud protectionbiometric lock UIDAIAePS fraud preventionAadhaar eKYC loan fraudcredit fraud prevention IndiaUIDAI biometric lock unlock

Lock Your Aadhaar Biometrics Today: The 2-Minute Step That Prevents Ghost Loans (2026)

Lock Aadhaar biometrics via mAadhaar in 2 minutes to prevent ghost loans and biometric fraud. Rs 22,845 crore lost to cyber fraud in 2024. Aadhaar lock is.

By HonestMoney.in Editorial Team | Updated April 26, 2026

Rs 22,845 Crore Lost to Cyber Fraud in 2024. The Best Defense Takes 2 Minutes and Costs Nothing.

India lost Rs 22,845 crore to cyber fraud in 2024 — a 206% increase from 2023. Ghost loans — credit accounts opened in your name without your consent — are one of the fastest-growing vectors. Fraudsters use stolen PAN and Aadhaar documents, cloned fingerprints, and compromised lending apps to take loans that appear on your credit report.

The single most effective prevention: lock your Aadhaar biometrics.

When locked, your fingerprints, iris scans, and facial data cannot be used for Aadhaar eKYC authentication — the primary identity verification method used by digital lending apps, banks, and NBFCs for instant loan approval. A fraudster with your Aadhaar number but blocked biometrics cannot complete eKYC, and without eKYC, cannot get a loan disbursed.

It is free. It takes 2 minutes. And most Indians do not know it exists.

What Aadhaar Biometric Lock Does (and Doesn’t Do)

What it blocks

Fraud Vector	How It Works	Biometric Lock Stops It?
Cloned fingerprint eKYC	Fraudster replicates your fingerprint and uses it at a loan agent’s biometric scanner	Yes — authentication fails
AePS fraud	Unauthorized cash withdrawal from your bank via fingerprint at micro-ATM	Yes — transaction fails
Biometric SIM activation	New SIM issued in your name using biometric verification	Yes — verification fails
Aadhaar eKYC loan origination	Digital lending app uses biometric eKYC to verify identity for instant loan	Yes — eKYC fails

What it does NOT block

Fraud Vector	How It Works	Why Biometric Lock Doesn’t Help
OTP-based eKYC	Lender sends OTP to your Aadhaar-linked mobile; fraudster intercepts via SIM swap	Uses OTP, not biometrics
Offline Aadhaar verification	Lender accepts Aadhaar XML file or physical copy with manual verification	No biometric step involved
PAN-only verification	Some lenders use PAN + bank statement without Aadhaar eKYC	No Aadhaar involved
Existing account misuse	Fraudster accesses your existing bank account via compromised credentials	Biometric lock protects identity, not account access

Biometric lock is the strongest single protection but not a complete shield. Combine it with credit monitoring and mobile number security for comprehensive coverage.

How to Lock Your Aadhaar Biometrics (3 Methods)

Method 1: mAadhaar App (Fastest — 2 minutes)

Download mAadhaar from Google Play Store or Apple App Store (official UIDAI app — verify the developer is “UIDAI”)
Open the app and register with your 12-digit Aadhaar number
Verify via OTP sent to your Aadhaar-linked mobile number
Tap “Biometric Lock” on the home screen
Toggle the switch to ON
Done. Your fingerprint, iris, and facial authentication are now disabled across all Aadhaar-linked services

Method 2: UIDAI Website (3 minutes)

Visit resident.uidai.gov.in
Navigate to Aadhaar Services → Biometric Lock/Unlock
Enter your Aadhaar number and captcha
Verify via OTP
Enable the biometric lock

Method 3: SMS (1 minute)

Send an SMS to 1947 from your Aadhaar-registered mobile number with the format specified on the UIDAI website.

All three methods are free, instant, and available 24/7. There is no limit on how many times you can lock and unlock.

What Happens After You Lock

Services that continue working normally

UPI payments (Google Pay, PhonePe, Paytm) — PIN-based, not biometric
Net banking and mobile banking apps
Debit and credit card transactions
NEFT, RTGS, IMPS transfers
All existing loan EMI debits
All existing SIPs and investments
Income tax filing (PAN-based, not biometric)

Services that will be blocked until you unlock

Aadhaar-enabled Payment System (AePS) — fingerprint-based cash withdrawal at micro-ATMs and banking correspondents
New bank account opening via biometric eKYC (OTP-based eKYC still works)
New SIM card issuance via biometric verification
New loan applications that use biometric eKYC (many digital lenders)
Government subsidy enrollment that requires biometric verification

The unlock-use-relock workflow

When you need to use a biometric service (opening a new bank account, buying a SIM card):

Open mAadhaar → Biometric Lock → Toggle OFF → OTP verification
Complete the biometric task (typically 5-15 minutes)
Open mAadhaar → Biometric Lock → Toggle ON

Keep biometrics locked 99% of the time. Only unlock for the specific minutes when you need biometric authentication, then lock again immediately.

Why Ghost Loans Are Growing in India

The fraud chain

Document theft: Your PAN card photo, Aadhaar copy, or biometric data gets stolen — through a data breach, a photocopy shop, a loan agent, or a phishing attack
Application: Fraudster applies for an instant personal loan or credit card on a digital lending platform using your documents
eKYC verification: If biometrics are unlocked, the app completes Aadhaar eKYC using cloned fingerprints — loan approved in minutes
Disbursement: Loan amount is credited to the fraudster’s bank account (not yours)
Default: Fraudster never repays — the default gets reported to credit bureaus under your PAN
Discovery: You find out months later when you check your credit report or get rejected for a loan you actually applied for

The scale of the problem

28.15 lakh cybercrime cases reported in 2025 (up from 22.68 lakh in 2024)
Rs 22,845 crore lost to cyber fraud in 2024
8,500 estimated identity theft and data breach cases in 2025
40% of identity theft cases go unreported (NHRC estimate)
Digital lending apps processed crores of Aadhaar eKYC verifications in 2025

The detection delay

Even if you monitor your credit, ghost loans take 15-30 days to appear on your credit report (the lender reporting lag). By the time you discover it, the loan has been disbursed, the money is gone, and the fraudster has disappeared. The dispute process takes another 30-50 days to remove it.

Prevention is dramatically more effective than detection. Locking biometrics stops the fraud chain at Step 3.

The AePS Fraud Epidemic

Aadhaar-enabled Payment System (AePS) allows cash withdrawals from bank accounts using only a fingerprint and Aadhaar number at micro-ATMs. This system — designed for financial inclusion in rural India — has become a major fraud vector.

How AePS fraud works

Fraudster obtains your Aadhaar number (publicly available in many cases)
Fraudster creates a silicone or rubber clone of your fingerprint (obtained from surfaces you touched, old biometric records, or compromised biometric devices)
Fraudster visits a micro-ATM or banking correspondent
Uses the cloned fingerprint to authenticate an AePS withdrawal from your bank account
Cash is withdrawn — you get an SMS alert (if enabled) but the money is already gone

Why biometric lock is the definitive solution

With biometrics locked, the AePS authentication fails at Step 4. The micro-ATM returns an error, no cash is dispensed, no money leaves your account.

If you do not regularly use AePS for cash withdrawals at micro-ATMs (most urban Indians don’t), there is zero downside to keeping biometrics locked permanently.

Aadhaar Number Lock (Virtual ID): The Second Layer

Beyond biometric lock, UIDAI offers a Virtual ID (VID) — a temporary 16-digit number mapped to your Aadhaar that can be used instead of your actual Aadhaar number for authentication.

Why use Virtual ID

Your real 12-digit Aadhaar number is never exposed to the requesting agency
VID can be regenerated anytime (old one automatically expires)
Agencies that accept VID cannot reverse it to obtain your real Aadhaar number

How to generate Virtual ID

Open mAadhaar app → VID Generator
Or visit resident.uidai.gov.in → Virtual ID (VID) Generator
Enter Aadhaar number and verify via OTP
A 16-digit VID is generated and sent to your registered mobile

When to use Virtual ID

Use VID instead of your Aadhaar number wherever the receiving agency does not legally require your actual Aadhaar number. This includes: hotel check-ins, mobile recharges, non-financial KYC, and any form where Aadhaar is requested but not mandated by law.

For maximum protection, enable both: biometric lock + Virtual ID.

The Complete Fraud Prevention Stack

Biometric lock is the strongest single step. But combine it with these measures for comprehensive protection:

Defense Layer	What It Protects Against	Cost	Setup Time
Aadhaar biometric lock	Biometric eKYC fraud, AePS fraud	Free	2 minutes
Aadhaar Virtual ID	Aadhaar number exposure	Free	2 minutes
Bank SMS/email alerts	Unauthorized transactions	Free	Already enabled for most
Credit monitoring (quarterly)	Unauthorized accounts and inquiries	Free	25 minutes (one-time)
CIBIL Alerts (optional)	Real-time CIBIL report changes	Rs 800-1,200/year	5 minutes
DND registration (call 1909)	Phishing calls disguised as loan offers	Free	2 minutes
Two-factor auth on all financial apps	Account takeover	Free	10 minutes
Masked Aadhaar for KYC	Full Aadhaar exposure	Free	Download from UIDAI

Total cost for the complete prevention stack (without CIBIL Alerts): Rs 0. Total setup time: under 45 minutes.

What to Do If You Already Have a Ghost Loan

If you have discovered an unauthorized loan on your credit report:

Lock Aadhaar biometrics immediately (if not already locked) to prevent further fraud
Contact the lender listed on the ghost loan — inform them it was unauthorized, request account freeze
File disputes with all 4 credit bureaus where the loan appears — complete dispute playbook here
File a cyber crime complaint at cybercrime.gov.in
File a PAN grievance at the Income Tax e-filing portal
Check all your bank accounts for unauthorized transactions
Generate a new Aadhaar Virtual ID to invalidate any old VID that may have been compromised

The bureau must resolve the dispute within 30 days or pay you Rs 100/day in compensation. If the bureau misses the deadline, escalate to the RBI Ombudsman at cms.rbi.org.in (free process, no lawyer needed).

Do It Now: 2-Minute Action

Open your phone
Download mAadhaar (UIDAI official app)
Register with your Aadhaar number
Tap Biometric Lock
Toggle ON

Your fingerprints, iris, and face are now locked. Ghost loans via biometric eKYC are blocked. AePS fraud against your account is blocked. Cost: Rs 0. Time: 2 minutes. Reversible: anytime you need it.

This is the single highest-impact, lowest-effort financial protection step available to any Indian citizen. There is no reason not to do it right now.

CIBIL Alerts vs Free Apps: What Catches Fraud First? — prevention (this guide) stops fraud. Monitoring catches what prevention missed. Full comparison of paid vs free detection
CIBIL vs Experian: Why Scores Don’t Match — ghost loans may appear on one bureau but not others. Know which bureaus to check
How to Check CIBIL Score Free: 5 Methods — pull your free report to check for existing ghost loans before they cause damage
CIBIL Score 600 to 750: 6-Month Action Plan — if a ghost loan already damaged your score, here is the recovery plan

HonestMoney.in Editorial Team

Research-backed content sourced from official publications, regulatory filings, verified data, and real-world experiences. Updated April 2026.

FAQ 11

Frequently Asked Questions

Research-backed answers from verified data and published sources.

What is Aadhaar biometric lock and how does it prevent loan fraud?

Aadhaar biometric lock is a free UIDAI feature that disables fingerprint, iris, and facial authentication linked to your Aadhaar number. When locked, nobody can use your biometrics for Aadhaar eKYC — which is the primary identity verification method used by digital lending apps, banks, and NBFCs for instant loan approval. If a fraudster has your Aadhaar number and attempts biometric authentication (using cloned fingerprints or other methods), the authentication will fail. This blocks the most common pathway for ghost loans in India.

How do I lock my Aadhaar biometrics using the mAadhaar app?

Step 1: Download mAadhaar app from Play Store or App Store (official UIDAI app). Step 2: Register with your Aadhaar number and verify via OTP sent to your Aadhaar-linked mobile. Step 3: Open the app and tap Biometric Lock on the home screen. Step 4: Toggle the lock to ON. Your biometrics are locked immediately. The entire process takes under 2 minutes. You can also lock via the UIDAI portal (resident.uidai.gov.in) or by sending an SMS to 1947. Locking is free and can be done unlimited times.

Will locking Aadhaar biometrics affect my bank account or UPI payments?

No. Locking biometrics does NOT affect: UPI transactions (PIN-based, not biometric), net banking, debit/credit card transactions, mobile banking apps, NEFT/RTGS/IMPS transfers, or any existing loan EMIs. It DOES block: Aadhaar-enabled Payment System (AePS) transactions (fingerprint-based cash withdrawal at micro-ATMs), new Aadhaar eKYC-based account opening or loan applications, and new SIM card issuance via biometric verification. If you need to use any biometric-based service, temporarily unlock via the mAadhaar app, complete the task, and lock again immediately.

What is the difference between Aadhaar biometric lock and Aadhaar number lock?

Biometric lock disables fingerprint, iris, and facial authentication — preventing anyone from using your biometrics for eKYC or AePS transactions. Aadhaar number lock (Virtual ID) lets you share a temporary 16-digit Virtual ID instead of your actual 12-digit Aadhaar number, preventing exposure of your real Aadhaar number. For maximum protection, enable both: lock biometrics to prevent biometric-based fraud, and use Virtual ID whenever sharing Aadhaar details. Both features are free and available through the mAadhaar app.

Can someone still take a loan in my name if my Aadhaar biometrics are locked?

Yes, through non-biometric methods. Locking biometrics blocks biometric eKYC (fingerprint/iris authentication) but does NOT block: (1) OTP-based eKYC — if someone has access to your Aadhaar-linked mobile number, they can complete eKYC via OTP. (2) Offline Aadhaar verification — using a downloaded Aadhaar XML file or physical Aadhaar copy with manual verification. (3) PAN-only verification — some lenders use PAN + bank statement for verification without Aadhaar eKYC. Biometric lock is the strongest single protection but not a complete shield. Combine it with credit monitoring and securing your mobile number.

What are ghost loans and how common are they in India?

Ghost loans are credit accounts opened in your name without your knowledge or consent, using stolen or leaked identity documents. India lost Rs 22,845 crore to cyber fraud in 2024 (206% increase from 2023). The NHRC estimates 40% of identity theft cases go unreported. Ghost loans commonly originate through: digital lending apps using cloned biometrics for Aadhaar eKYC, loan agents submitting applications with collected KYC documents, and data breaches exposing PAN and Aadhaar details. Victims discover ghost loans when they check their credit report and find accounts they never opened, or when they are denied credit due to defaults on unknown accounts.

How do I temporarily unlock Aadhaar biometrics when I need to use them?

Open the mAadhaar app, go to Biometric Lock, and toggle it to OFF. Verify via OTP. Your biometrics are unlocked immediately. Complete whatever biometric-based task you need (bank account opening, SIM verification, AePS transaction). Then immediately go back to mAadhaar and toggle the lock back to ON. The unlock is instant and there is no cooling period. Best practice: keep biometrics locked 99% of the time and only unlock for the specific minutes when you need biometric authentication.

Is there any cost for locking or unlocking Aadhaar biometrics?

No. Locking and unlocking Aadhaar biometrics is completely free. There is no limit on how many times you can lock and unlock. The service is available 24/7 through the mAadhaar app, the UIDAI website (resident.uidai.gov.in), or via SMS to 1947. UIDAI does not charge any fee for this service. Beware of third-party websites or apps that claim to offer Aadhaar lock services for a fee — these are scams. Only use official UIDAI channels.

What percentage of Indians have their Aadhaar biometrics locked?

No official UIDAI data is publicly available on the percentage of Indians who have locked their Aadhaar biometrics. Based on awareness surveys and expert estimates, the number is extremely low — likely in single-digit percentages. This is despite the fact that biometric lock is free, instant, and prevents the most common identity theft vector. The low adoption is due to lack of awareness — most Indians do not know this feature exists, and it is not promoted prominently by UIDAI. This represents a massive protection gap at the population level.

I found a ghost loan on my credit report. What should I do?

Act immediately: (1) Lock Aadhaar biometrics via mAadhaar to prevent further fraud. (2) Contact the lender listed on the ghost loan — inform them it was unauthorized and request account freeze. (3) File a dispute with all 4 credit bureaus where the loan appears. (4) File a cyber crime complaint at cybercrime.gov.in. (5) File a PAN grievance at the Income Tax e-filing portal. (6) Check all bank accounts for unauthorized transactions. Bureau must resolve the dispute within 30 days or pay Rs 100/day compensation. See our complete dispute playbook for step-by-step guidance.

Does Aadhaar biometric lock prevent Aadhaar-enabled Payment System (AePS) fraud?

Yes. AePS transactions rely entirely on fingerprint authentication linked to your Aadhaar. When your biometrics are locked, AePS transactions using your Aadhaar will fail — even if someone has cloned your fingerprints. This is critical because AePS fraud (unauthorized cash withdrawals from your bank account using cloned fingerprints at micro-ATMs) has been growing rapidly in rural India. If you do not regularly use AePS for cash withdrawals, there is zero downside to keeping biometrics locked permanently.

Disclaimer: This information is for educational purposes only and does not constitute financial advice. Credit scores are calculated by credit bureaus (CIBIL, Experian, Equifax, CRIF) using proprietary models. Score ranges and factors may vary by bureau. Check your credit report directly from RBI-licensed credit bureaus for accurate information.