How A Deepfake Gang Exploited AI to Hijack Identities in Gujarat
Law enforcement authorities in Ahmedabad have dismantled a criminal syndicate accused of deploying advanced artificial intelligence to subvert biometric security protocols. Investigators allege the group used deepfake technology generated via platforms such as Gemini AI and Meta AI to hijack digital identities, facilitating widespread financial fraud across Gujarat.
Background and Context
The case highlights a growing vulnerability in biometric verification systems, particularly those relying on "liveness detection" to confirm a user's physical presence. By generating synthetic media capable of mimicking human movements like eye-blinking, the suspects reportedly tricked standard security checkpoints at Common Service Centers (CSC). These centers serve as critical access points for government services, including the management of Aadhaar, India's biometric identification system.
Key Figures and Entities
Police have taken four individuals into judicial custody, identified as Kanubhai Parmar, Ashish Valand, Mohammad Kaif Patel, and Deep Gupta. According to official statements, the accused possess educational backgrounds ranging from secondary school completion to degrees in Business Administration and IT diplomas. Authorities are currently pursuing leads to identify additional accomplices within the network.
Legal and Financial Mechanisms
The modus operandi involved projecting deepfake videos onto verification screens to authenticate fraudulent updates to victims' Aadhaar profiles. Once the syndicate successfully changed the linked mobile numbers, they gained control over sensitive digital platforms such as DigiLocker and various banking applications.
This access enabled the opening of unauthorized accounts at institutions including IDFC First Bank, Kotak Mahindra Bank, and Jio Payments Bank. Subsequently, the group applied for personal loans through lending services like RKBansal, True Credits, and EarlySalary, diverting funds and leaving victims with significant financial liability.
International Implications and Policy Response
The breach has prompted a security awareness campaign by the Ahmedabad Police, urging citizens to safeguard their digital identities. In response to the evolving threat landscape, the Unique Identification Authority of India (UIDAI) advises citizens to lock their biometric data via the official mAadhaar app or website to prevent unauthorized authentication.
Further preventative measures recommended by authorities include using masked Aadhaar copies, refusing to share One-Time Passwords (OTPs), and avoiding unofficial links for KYC updates.
Sources
This report draws on statements from the Ahmedabad Police, official guidelines from the Unique Identification Authority of India (UIDAI), and corporate records of the implicated financial institutions.
