In a world where anyone can create perfect forgeries with a single command, the very foundation of trust and identity verification is crumbling, with governments racing to catch up, finds Satyen K. Bordoloi.
It is an enduring scene in thrillers: a forger bent at his desk, painstakingly copying original documents to create duplicates for the hero or villain. The audience, knowing the document being shown for verification is forged, sit at the edge of their seats as an official checks them. These scenes have been invalidated by a single AI tool so proficient at replicating documents with just one command that it might have unintended consequences on the world. That tool, with a peculiar name, in case you’ve been living in a cave, is Nano Banana, from Google.
Social media has been filling up with people using Nano Banana to replicate official documents: PAN cards as good as the original, Aadhaar cards with better colour and logos than government-issued ones. One person even edited his tray of eggs using Nano Banana to get a refund from an online bazaar, claiming many eggs were broken in transit when only one actually was. Trust Indians to find bizarre, corrupt uses for every product.
Beyond fun and games, this points to something drastic: the usual authentication methods in India – visually checking government-issued ID cards like Aadhaar, PAN, and driving licenses – are no longer viable. The hotel taking a Xerox of your documents during registration, or the CISF personnel checking your Aadhaar at the airport while comparing it to your face – this process is invalidated. Yes, forgers always had the option to create fakes, but the ease, accessibility, and precision now make it dangerous for everyone, especially the government. All old verification methods based on documentation are now dead.
The Nano Banana Revelation
A Bengaluru-based tech professional, Harveen Singh Chadha, demonstrated how Nano Banana could generate strikingly realistic fake Aadhaar and PAN cards bearing the name “Twitterpreet Singh.” His social media post warned: “Nano Banana is good, but that is also a problem. It can create fake identity cards with extremely high precision. The legacy image verification systems are doomed to fail”.
His generated documents weren’t crude forgeries but sophisticated replicas complete with government logos, photographs, QR codes, and all the visual hallmarks of authenticity. It was so convincing that it sparked immediate concerns among cybersecurity experts and policymakers about the integrity of India’s digital identity infrastructure.
Others joined the experimentation bandwagon, creating flawless replicas of everything from utility bills to educational certificates, thus proving that the technology isn’t limited to identity documents but extends to any paper-based verification system.
Why Visual Verification Is Dead
All this exposed what security experts have long feared – our verification systems rely overwhelmingly on visual inspection, which cannot distinguish between legitimate and AI-generated documents. This creates critical vulnerabilities across multiple sectors. In banking and finance, telecom, travel and hospitality and government services, all KYC processes, security and hotel check-ins, subsidies and benefits that solely rely on physical document verification or submission
The core problem lies in what security experts call the “verification gap” – the disconnect between frontend visual inspection and backend verification systems. And the problem is, even if a backend verification system exists, who is going to scan every ID proof to check whether it was generated by AI, especially when hundreds of millions of visual inspections and verifications happen every day?
Is India Prepared?
India’s digital identity framework, particularly Aadhaar, is one of the world’s most ambitious digital identity projects, with over 1.3 billion enrolled users. The system was designed with sophisticated security features, including biometric authentication, encrypted data storage, and digital checks. The reality on the ground, however, is that it has become like every other card: checked visually and not through the system. There has been guidance from the government about verification systems and also AI use in the past, but once again, ground reality stands at odds with intention.
New Threats for Common People
Beyond document forgery, AI is revolutionising how scammers operate, making scams more personalised, convincing, and challenging to detect. The emergence of what security experts call “AI-enhanced social engineering” is one of the biggest threats. Take phishing, which has got a shot in the arm thanks to AI. Once, it was easy to spot it thanks to poor language and grammar in phishing emails and messages. Today, however, they are flawlessly written, context-aware, and can be personalised using public data from social media profiles, press releases, or corporate websites. According to recent cybersecurity reports, phishing attacks have skyrocketed by 4,151% since the advent of ChatGPT in 2022.
What is more alarming is the rise of deepfakes in social engineering, with attackers generating audio deepfakes that mimic the voices of executives or colleagues, tricking them into authorising a wire transfer or disclosing sensitive information. And this is above and beyond deepfake videos used to create all kinds of content, from ones that disrupt peace and harmony to porn.
A Global Challenge
India’s verification crisis is part of a global phenomenon as generative AI becomes increasingly accessible worldwide. Different regions are approaching AI regulation with varying strategies. The European Union has adopted a comprehensive, legally binding approach through its AI Act, with strict risk classifications and compliance requirements. The US has taken a more sector-specific approach, with agencies like the U.S. Copyright Office developing policies to address specific AI challenges, such as authorship. China is also emerging as one of the most welcoming nations to AI-generated output, with Chinese courts increasingly inclined to protect the copyrights of AI-generated works.
This document verification challenge, posed by advanced generative AI, however, persists. The global nature of both AI development and criminal activity necessitates international cooperation.
Solutions for Governments and Citizens
India’s verification ecosystem requires fundamental modernisation and improvements. The key is to move beyond visual inspection to mandatory backend verification through official channels, such as the UIDAI Aadhaar database. The other key is to implement AI-resistant security features, such as digital watermarking, cryptographic seals, and dynamic elements that image-generation tools cannot replicate. Think of it like the silver band on old notes, which can be physically verified but is impossible, or extremely difficult to forge. Thus, systems need to be developed that are specifically trained to identify AI-generated documents by analysing digital artefacts and inconsistencies. Documents have to be made that are not easy to forge. Uniform QR code scanning procedures should be established across all verification scenarios to enable instant backend validation.
Establishing a practice of multi-factor verification, especially for verifying suspicious requests, is another way to do this. The government must also create accessible channels for reporting suspected AI-generated forgeries and scams.
India stands at a critical junction. With our massive digital infrastructure and ambitious digital governance initiatives, we have both the most to lose and the most significant potential to develop innovative solutions. The steps taken in the coming months will determine whether India’s digital identity framework remains a global model or becomes a cautionary tale.
In this new world where seeing is no longer believing, our systems must adapt accordingly because the race between AI-driven forgery and verification technology has begun in earnest. The outcome will determine the future of identity, trust, and security in the digital age.
In case you missed:
- GoI afraid of using foreign GenAI in absence of Indian ones? Here’s how they still can
- Digital Siachen: Why India’s War With Pakistan Could Begin on Your Smartphone
- Zero Clicks. Maximum Theft: The AI Nightmare Stealing Your Future
- OpenAI, Google, Microsoft: Why are AI Giants Suddenly Giving India Free AI Subscriptions?
- Why Elon Musk is Jealous of India’s UPI (And Why It’s Terrifyingly Fragile)
- How India Can Effectively Fight Trump’s Tariffs With AI
- Digital Siachen: How India’s Cyber Warriors Thwarted Pakistan’s 1.5 Million Cyber Onslaught
- Face-Off: Denmark’s Copyright Move Against Deepfakes & the Ghost of Anil Kapoor
- Greatest irony of the AI age: Humans being increasingly hired to clean AI slop
- From Generics to Genius: The AI Revolution Reshaping Indian Pharma
