#Fact Check-Misleading Newspaper from Kerala stating ban on paper currency

Introduction

In today's digital age protecting your personal information is of utmost importance. The bad actors are constantly on the lookout for ways to misuse your sensitive or personal data. The Aadhaar card is a crucial document that is utilised by all of us for various aspects. It is considered your official government-verified ID and is used for various purposes such as for verification purposes, KYC purposes, and even for financial transactions. Your Aadhaar card is used in so many ways such as flight tickets booked by travel agents, check-in in hotels, verification at educational institutions and more. The bad actors can target and lure the victims by unauthorized access to your Aadhaar data and commit cyber frauds such as identity theft, unauthorized access, and financial fraud. Hence it is significantly important to protect your personal information and Aadhaar card details and prevent the misuse of your personal information.

What is fingerprint cloning?

Cybercrooks have been exploiting the Aadhaar Enabled Payment System (AePS). These scams entail cloning individuals' Aadhaar-linked biometrics through silicon fingerprints and unauthorized biometric devices, subsequently siphoning money from their bank accounts. Fingerprint cloning also known as fingerprint spoofing is a technique or a method where an individual tries to replicate someone else's fingerprint for unauthorized use. This is done for various reasons, including gaining unauthorized access to data, unlocking data or committing identity theft. The process of fingerprint cloning includes collection and creation.

The recent case of Aadhaar Card fingerprint cloning in Nawada

Nawada Cyber Police unit has arrested two perpetrators who were engaged in fingerprint cloning fraud.  The criminals are accused of duping consumers of money from their bank accounts by cloning their fingerprints. Among the two perpetrators, one of them runs the Common Service Centre (CSC) whereas the second is a sweeper at the DBGB branch bank. The criminals are accused of duping consumers of money from their bank accounts by cloning their fingerprints. According to the police, an organized gang of cyber criminals had been defrauding the consumers for the last two years with the help of a CSC operator and were embezzling money from the accounts of consumers by cloning their fingerprints and taking Aadhaar numbers. The operator used to collect the Aadhaar number from the consumers by putting their thumb impression on a register. Among these two perpetrators, one was accused of withdrawing more money from the consumer's account and making less payment and sometimes not making the payment after withdrawing the money. Whereas the second perpetrator stole the data of consumers from the DBGB branch bank and prepared their fingerprint clone. During the investigation of a case related to fraud, the Special Investigation Team (SIT) of Cyber ​​Police conducted raids in Govindpur and Roh police station areas on the basis of technical surveillance and available evidence and arrested them. 

Safety measures for the security of your Aadhaar Card data

• Locking your biometrics: One way to save your Aadhaar card and prevent unauthorized access is by locking your biometrics. To lock & unlock your Aadhaar biometrics you can visit the official website of UIDAI or its official portal. So go to UIDAI’s and select the “Lock/Unlock Biometrics” from the Aadhar service section. Then enter the 12-digit Aadhaar number and security code and click on the OTP option.  An OTP will be sent to your registered mobile number with Aadhaar.  Once the OTP is received enter the OTP and click on the login button that will allow you to lock your biometrics.  Enter the 4-digit security code mentioned on the screen and click on the “Enable” button. Your biometrics will be locked and you will have to unblock them in case you want to access them again. The official website of UIDAI is “https://uidai.gov.in/” and there is a dedicated Aadhar helpline 1947. 
• Use masked Aadhaar Card: A masked Aadhaar card is a different rendition of an Aadhaar card that is designed to amplify the privacy and security of an individual Aadhaar number.  In a masked Aadhaar card, the first eight digits of the twelve digits Aadhaar number are replaced by XXXX- XXXX and only the last four digits are visible.  This adds an additional layer of protection to an individual Aadhaar’s number. To download a masked Aadhaar card you visit the government website of UIDAI and on the UIDAI homepage, you will see a "Download Aadhaar" option. Click on it.  In the next step, you will be required to enter your 12-digit Aadhaar number along with the security code displayed on the screen.  After entering your Aadhaar number, click on the Send OTP. You will receive an OTP on your registered phone number. Enter the OTP received in the provided field and click on the “Submit” button.  You will be asked to select the format of your Aadhaar card, You can choose the masked Aadhaar card option. This will replace the first eight digits of your Aadhaar number with "XXXX-XXXX" on the downloaded Aadhaar card. Once the format is selected, click on the “Download Aadhaar” button and your masked Aadhaar card will be downloaded. So if any organisation requires your Aadhaar for verification you can share your masked Aadhar card which only shows the last 4 digits of your Aadhaar card number. Just the way you keep your bank details safe you should also keep your Aadhaar number secure otherwise people can misuse your identity and use it for fraud. 
• Monitoring your bank account transactions: Regularly monitor your bank account statements for any suspicious activity and you can also configure transaction alerts with your bank account transactions.

Conclusion: 

It is important to secure your Aadhaar card data effectively. The valuable security measure option of locking biometrics provides an additional layer of security. It safeguards your identity from potential scammers. By locking your biometrics you can secure your biometric data and other personal information preventing unauthorized access and any misuse of your Aadhaar card data. In today's evolving digital landscape protecting your personal information is of utmost importance. The cyber hygiene practices, safety and security measures must be adopted by all of us hence establishing cyber peace and harmonizing cyberspace. 

References:

• https://www.livehindustan.com/bihar/story-cyber-crime-csc-operator-and-bank-sweeper-arrested-in-nawada-cheating-by-cloning-finger-prints-8913667.html
• https://www.indiatoday.in/news-analysis/story/cloning-fingerprints-fake-shell-entities-is-your-aadhaar-as-safe-as-you-may-think-2398596-2023-06-27

‍

‍

Introduction

The Kumbh Mela is known worldwide as India's most significant pilgrimage and has earned a place on the UNESCO Intangible Cultural Heritage of Humanity list in 2017.  This year, the Maha Kumbh will be held in Prayagraj, Uttar Pradesh, with 40 crore devotees from all over the world expected to attend this momentous event from January 13th  to 26th February 2025. As the world embraces the blessings of digitalisation, people are increasingly relying on the Internet for arranging their travel, booking rooms, and securing accommodations for this grand spiritual journey. 

However, amidst this digital age, where the conveniences offered are manifold, there also lurks the shadow of deceit. Cybercriminals are finding innovative ways to entrap innocent individuals. Fraudulent activities are on the rise, with wrongdoers operating fake websites that promise secure bookings for cottages, tents, and other accommodations for the Mahakumbh event. Like the deceptive mirage that the desert traveller may mistakenly believe to be an oasis, these malicious sites lure pilgrims with the false hope of easy arrangements, only to exploit their trust and commit malicious cyber fraudulent activities. 

Policy and Preventive Measures Taken by Government

This year, the government has taken steps to utilise digitalisation services to enhance the experience of devotees, blending innovation with tradition. However, considering the rise in cyber scams, a dedicated cyber police station has also been established at Maha Kumbh 2025 to address threats such as the misuse of AI, the dark web, and social media platforms. This initiative aims to protect devotees from potential scams.

To strengthen safety measures, a special team of selected officers from across the state has been deployed in Mahakumbh Nagar, Prayagraj, to provide cybersecurity and ensure the safety of pilgrims. A dedicated cyber police station or digital police station will ensure round-the-clock monitoring of cyberspace.

‍

The cybersecurity team has already identified 44 suspicious websites and initiated action against them. To further safeguard devotees attending Maha Kumbh 2025, a large-scale awareness campaign is being conducted to educate users about potential cyber threats.

The Role of Digital Discipline in Navigating the Uncharted Waters of the Internet

As the Yajurveda (ancient Vedic scriptures of Hinduism) reminds us ‘सत्यं चानृतं च सत्यं अभवत्, यदेतत् तपसा तप्यताम्।’. This learning translates into English as "Truth and falsehood are both present, yet truth is purified through intense discipline”. The Mahakumbh is a confluence not just of rivers but of faith and humanity's eternal quest for truth (Satyam). In the digital age, this vigilance extends to protecting ourselves from cyber frauds and scams that exploit the sanctity of occasions like the Mahakumbh. Just as devotees seek purity through holy rituals, we must also embrace Digital Discipline to navigate the confluence of tradition and technology safely.

Here are some Digital Discipline best practices you must follow:

• Be cautious of fake websites, fraudulent travel agencies, and scam bookings. Always verify legitimacy before engaging in any  transactions.  
• Stay alert for fake donation requests and only contribute to verified organizations.
• Be aware of any mis/disinformation and implausible claims surrounding the Mahakumbh event and verify it from authenticated sources. The official website of Mahakumbh is https://kumbh.gov.in.
• To report any cybercrime or issue, you can report it on the National Cyber Crime Reporting Portal at https://cybercrime.gov.in/, equipped with a 24x7 helpline 1930 that serves as a powerful resource available to the victims of cybercrimes to report their cases.

Conclusion

Netizens worldwide must prioritise Digital Discipline to ensure they are safeguarded from the snares of these cyber miscreants, so that they may safely and joyfully embark on their journey to the Maha Kumbh and receive divine blessings and purity of purpose through the experience.

References

• https://www.deccanherald.com/india/uttar-pradesh/up-police-gets-on-its-toes-to-ensure-cyber-safe-maha-kumbh-3335911
• https://www.hindustantimes.com/cities/others/four-cyber-crooks-held-for-operating-fake-booking-websites-101735326388201.html
• https://www.indiatvnews.com/uttar-pradesh/maha-kumbh-2025-cyber-police-station-set-up-in-prayagraj-to-safeguard-devotees-from-online-frauds-in-city-preparation-security-other-details-2024-12-11-965745
• https://organiser.org/2024/12/12/268915/bharat/mahakumbh-2025-cyber-police-station-set-up-to-protect-devotees-from-ai-and-social-media-scammers/
• https://www.ptinews.com/story/national/maha-kumbh-56-cyber-warriors-deployed-to-safeguard-devotees-against-online-scams/2135062

What are Decentralised Autonomous Organizations (DAOs)?

A Decentralised Autonomous Organisation or a DAO, is a unique take on democracy on the blockchain. It is a set of rules encoded into a self-executing contract (also known as a smart contract) that operates autonomously on a blockchain system. A DAO imitates a traditional company, although, in its more literal sense, it is a contractually created entity. In theory, DAOs have no centralised authority in making decisions for the system; it is a communally run system whereby all decisions (be it for internal governance or for the development of the blockchain system) are voted upon by the community members. DAOs are primarily characterised by a decentralised form of operation, where there is no one entity, group or individual running the system. They are self-sustaining entities, having their own currency, economy and even governance, that do not depend on a group of individuals to operate. Blockchain systems, especially DAOs are characterised by pure autonomy created to evade external coercion or manipulation from sovereign powers. DAOs follow a mutually created, agreed set of rules created by the community, that dictates all actions, activities, and participation in the system’s governance. There may also be provisions that regulate the decision-making power of the community.

Ethereum’s DAO’s White Paper described DAO as “The first implementation of a [DAO Entity] code to automate organisational governance and decision making.” Can be used by individuals working together collaboratively outside of a traditional corporate form.  It can also be used by a registered corporate entity to automate formal governance rules contained in corporate bylaws or imposed by law.”  The referred white paper proposes an entity that would use smart contracts to solve governance issues inherent in traditional corporations.  DAOs attempt to redesign corporate governance with blockchain such that contractual terms are “formalised, automated and enforced using software.”

Cybersecurity threats under DAOs

While DAOs offer increased transparency and efficiency, they are not immune to cybersecurity threats. Cybersecurity risks in DAO, primarily in governance, stem from vulnerabilities in the underlying blockchain technology and the DAO's smart contracts. Smart contract exploits, code vulnerabilities, and weaknesses in the underlying blockchain protocol can be exploited by malicious actors, leading to unauthorised access, fund manipulations, or disruptions in the governance process. Additionally, DAOs may face challenges related to phishing attacks, where individuals are tricked into revealing sensitive information, such as private keys, compromising the integrity of the governance structure. As DAOs continue to evolve, addressing and mitigating cybersecurity threats is crucial to ensuring the trust and reliability of decentralised governance mechanisms.

Centralisation/Concentration of Power

DAOs today actively try to leverage on-chain governance, where any governance votes or transactions are directly taken on the blockchain. But such governance is often plutocratic in nature, where the wealthy hold influences, rather than democracies, since those who possess the requisite number of tokens are only allowed to vote and each token staked implies that many numbers of votes emerge from the same individual. This concentration of power in the hands of “whales” often creates disadvantages for the newer entrants into the system who may have an in-depth background but lack the funds to cast a vote. Voting, presently in the blockchain sphere, lacks the requisite concept of “one man, one vote” which is critical in democratic societies.

Smart contract vulnerabilities and external threats

Smart contracts, self-executing pieces of code on a blockchain, are integral to decentralised applications and platforms. Despite their potential, smart contracts are susceptible to various vulnerabilities such as coding errors, where mistakes in the code can lead to funds being locked or released erroneously. Some of them have been mentioned as follows;

Smart Contracts are most prone to re-entrance attacks whereby an untrusted external code is allowed to be executed in a smart contract. This scenario occurs when a smart contract invokes an external contract, and the external contract subsequently re-invokes the initial contract. This sequence of events can lead to an infinite loop, and a reentrancy attack is a tactic exploiting this vulnerability in a smart contract. It enables an attacker to repeatedly invoke a function within the contract, potentially creating an endless loop and gaining unauthorised access to funds.

Additionally, smart contracts are also prone to oracle problems. Oracles refer to third-party services or mechanisms that provide smart contracts with real-world data. Since smart contracts on blockchain networks operate in a decentralised, isolated environment, they do not have direct access to external information, such as market prices, weather conditions, or sports scores. Oracles bridge this gap by acting as intermediaries, fetching and delivering off-chain data to smart contracts, enabling them to execute based on real-world conditions. The oracle problem within blockchain pertains to the difficulty of securely incorporating external data into smart contracts. The reliability of external data poses a potential vulnerability, as oracles may be manipulated or provide inaccurate information. This challenge jeopardises the credibility of blockchain applications that rely on precise and timely external data.

Sybil Attack: A Sybil attack involves a single node managing multiple active fake identities, known as Sybil identities, concurrently within a peer-to-peer network. The objective of such an attack is to weaken the authority or influence within a trustworthy system by acquiring the majority of control in the network. The fake identities are utilised to establish and exert this influence. A successful Sybil attack allows threat actors to perform unauthorised actions in the system.

Distributed Denial of Service Attacks: A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the regular functioning of a network, service, or website by overwhelming it with a flood of traffic. In a typical DDoS attack, multiple compromised computers or devices, often part of a botnet (a network of infected machines controlled by a single entity), are used to generate a massive volume of requests or data traffic. The targeted system becomes unable to respond to legitimate user requests due to the excessive traffic, leading to a denial of service.

Conclusion

Decentralised Autonomous Organisations (DAOs) represent a pioneering approach to governance on the blockchain, relying on smart contracts and community-driven decision-making. Despite their potential for increased transparency and efficiency, DAOs are not immune to cybersecurity threats. Vulnerabilities in smart contracts, such as reentrancy attacks and oracle problems, pose significant risks, and the concentration of voting power among wealthy token holders raises concerns about democratic principles. As DAOs continue to evolve, addressing these challenges is essential to ensuring the resilience and trustworthiness of decentralised governance mechanisms. Efforts to enhance security measures, promote inclusivity, and refine governance models will be crucial in establishing DAOs as robust and reliable entities in the broader landscape of blockchain technology.

References:

‍https://www.imperva.com/learn/application-security/sybil-attack/

‍https://www.tripwire.com/state-of-security/blockchain-security-understanding-vulnerabilities-and-mitigating-risks

‍https://medium.com/@RedStone_Finance/the-oracle-problem-and-its-implications-for-blockchains-c0c0ad9cf5a7

‍https://www.linkedin.com/posts/satish-kulkarni-bb96193_what-are-cybersecurity-risk-to-dao-and-how-activity-7048286955645677568-B3pV/ https://www.geeksforgeeks.org/what-is-ddosdistributed-denial-of-service/ Report of Investigation Pursuant to Section 21 (a) of the Securities Exchange Act of 1934: The DAO, Securities and Exchange Board, Release No. 81207/ July 25, 2017

‍https://www.sec.gov/litigation/investreport/34-81207.pdf https://www.legalserviceindia.com/legal/article-10921-blockchain-based-decentralized-autonomous-organizations-daos-.html