Bengaluru-based software engineer Harveen Singh Chadha has ignited a nationwide security debate by demonstrating how Google's Nano Banana AI can generate strikingly photorealistic fake identity documents, including Aadhaar and PAN cards. The demonstration, initially posted as a social media experiment, has exposed critical vulnerabilities in India's digital identity verification infrastructure and raised urgent questions about AI misuse prevention in an era of rapidly advancing generative AI capabilities.
Chadha used Google's Nano Banana imaging model to create fake identity documents for a fictional character named "Twitterpreet Singh," documenting the process on X platform. The generated cards exhibited extraordinary accuracy and visual fidelity, indistinguishable from legitimate government-issued documents to casual inspection. The realistic appearance prompted Chadha to issue a stark warning about verification system vulnerabilities.
"Nano Banana is impressive—and that's the problem," Chadha wrote on X. "It can replicate identity cards with extraordinary accuracy. Traditional image-based verification systems don't stand a chance. The legacy image verification systems are doomed to fail."
The experiment transcended lighthearted social media content, sparking serious discussions within India's technology, security, and regulatory communities about document authenticity, identity verification methodologies, and AI governance frameworks."
The demonstration exposed critical weaknesses in existing verification practices. When customers present Aadhaar or PAN cards at hotels, airports, banks, or telecom shops, field staff typically perform visual inspection without accessing backend verification systems. This manual verification approach cannot distinguish between legitimate and AI-generated documents, making it susceptible to sophisticated forgery.
Chadha highlighted this gap when responding to suggestions about built-in verification mechanisms. Although Google embeds digital fingerprints called SynthID within images created by Gemini AI—enabling detection through the Gemini app—this technology provides minimal protection in real-world scenarios. "No one is going to scan every ID proof through the Gemini app," Chadha noted, accurately reflecting the operational reality of identity verification in banking, travel, hospitality, and telecom sectors where millions of transactions occur daily.
The incident has accelerated discussions around India's Know Your Customer (KYC) infrastructure modernization. Industry experts argue that India's verification ecosystem requires fundamental upgrades including standardized QR code scanning protocols, enhanced backend database cross-referencing, and AI-resistant authentication mechanisms.
The Aadhaar ecosystem's inherent scalability and digital-first design position it as a potential foundation for strengthened verification systems. Real-time authentication through updated Aadhaar applications could become standard practice for private-sector identity verification, significantly reducing reliance on document appearance as a verification mechanism.
This incident reflects a global challenge as generative AI becomes increasingly accessible to the general population. India's digitalization trajectory—with Aadhaar serving as the foundation for financial inclusion, digital payments, and government services—makes document forgery prevention exceptionally critical. Financial institutions, telecom operators, travel and hospitality businesses, and government agencies all depend on reliable identity verification.
The convergence of advanced AI capabilities and gaps in current verification infrastructure creates urgent imperative for policy intervention, regulatory updates, and technology infrastructure modernization.