+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Paytm, Freecharge, BHIM, etc have serious privacy concerns. Here are the details

Apr 10, 2017, 16:17 IST
Since demonetisation, digital payments have surged as more and more Indians are paying through online methods and digital wallets.
Advertisement

However, whenever we talk about online transactions, we cannot ignore cyber security and cyber crimes.

Worldwide, there have been many cases of cyber crimes where hackers invaded security and made transactions.

From the Indian context, digital payments are also prone to such risks. A study conducted by the Centre for Software and IT Management (CSITM) at Indian Institute of Management Bangalore focuses on the risks associated with Indian mobile phone based payment systems.

The study found out many popular apps such as Paytm, Freecharge, BHIM, etc were not secure.

Advertisement

The experiments were conducted with five popular mobile payment systems, in four broad categories – wallets (PayTM, FreeCharge), direct link with user’s bank (BHIM), specific bank’s app for account holders (iMobile by ICICI Bank), and basic USSD service (dialing *99#).

Prof. Rahul De, Chairperson, CSITM, and faculty in the Decision Sciences and Information Systems area at IIM Bangalore said the study found serious privacy concerns with all the services studied. For instance, while in many apps like Freecharge, the wallets are not directly linked to third party vendors (such as Uber or BigBasket), apps such as PayTM allow for automatic linkage with the vendors, and the vendors can automatically deduct amounts without the explicit consent of the user.

As per the study, a recurring security concern was that many of the apps such as Paytm, Freecharge do not automatically log the users out, and anyone having access to the phone can make financial transactions through these apps.

This risk is highest if the user loses or misplaces her/his mobile phone, and higher still if the phone is unlocked or unprotected. However, apps such as iMobile, BHIM have auto-logout/ session time-out features.

“We also observed inadequate management of the transactions and no evidence of systematic analysis of transaction patterns. The lack of these features is a potential security violation. However, even while we were conducting the study, we observed that the features of the apps and services were constantly evolving and changing,” said Prof De.
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article