1. Home
  2. WhatsApp Pay may put Indian digital banking at risk: Experts

WhatsApp Pay may put Indian digital banking at risk: Experts

Agencies
November 8, 2019

After WhatsApp accounts of 121 Indians were compromised by the Israeli spyware Pegasus, experts have warned that the payment feature the Facebook-owned platform is planning to launch in India may put the digital banking system at risk.

"WhatsApp payment needs to be seen with microscopic eye, primarily because in payment you will be dealing with sensitive personal data and cyber security is going to be an essential building block component for WhatsApp to demonstrate its due diligence," Pavan Duggal, one of the nation's top cyber law experts, told IANS.

The Ministry of Electronics and Information Technology (Meity) has already expressed dissatisfaction over the manner WhatsApp communicated about the compromised accounts.

The piece of NSO Group software called Pegasus allegedly exploited WhatsApp's video calling system by installing the spyware via missed calls to snoop on 1,400 users globally. The devices were compromised with just a WhatsApp video call.

In May, WhatsApp, which has 400 million users in India, urged its 1.5 billion global users to upgrade the app after discovering the vulnerability.

"WhatsApp's recent operations have shown that it's difficult for the government to get information from it. WhatsApp is an intermediary under the Information Technology Act and is mandated to exercise due diligence under the law. But it has failed to do due diligence," Duggal said.

"You should not be in a hurry to grant new licences or permission to WhatsApp without being satisfied with its adherence to cyber-security norms, international best practices and Indian laws," he said.

The Facebook-owned company is learnt to have countered the government charge that it didn't inform it about a privacy breach on the messaging platform. WhatsApp didn't even comply with the data breach notification law in India, Duggal said.

"It (WhatsApp) didn't follow reasonable security practices as mandated in Section 43A of the IT Act, 2000. In fact, it abetted the crime of un-authorised access too. Granting WhatsApp pay licence should be given a second thought by the Reserve Bank of India," said Prashant Mali, cyber lawyer at Bombay High Court.

In light of the recent hack, the government, the RBI and the National Payments Corporation of India (NPCI) is reportedly evaluating the risk of allowing social media apps into the digital payment ecosystem.

"With the government, the RBI and the NPCI planning to evaluate the risks involved in making payments via social media apps and services, the security of the UPI payment infrastructure on WhatsApp Pay has been rendered under a cloud of vulnerability," said Salman Waris, Managing Partner at TechLegis Advocates & Solicitors, a law firm.

The RBI revealed in an affidavit in the Supreme Court earlier that WhatsApp had not complied with the data localisation norms. In an April 2018 circular, the RBI stated that the data of any payment banking system have to physically located in India.

"The history of WhatsApp has shown that it's not cooperative with the government in sharing of information. If financial information is compromised, it will not only have an impact on users, but it can also have an impact on the sovereignty and security of India," Duggal said.

The government must go slow till the time WhatsApp demonstrates compliance to Indian law and showed that the platform was secure, he said.

"Because almost every phone user in India is on WhatsApp, it's all the more important for the government and the RBI to ensure that WhatsApp not only complies with the parametres of cyber security and data localisation norms, but also the IT Act and the rules and regulations thereunder.

"If WhatsApp doesn't comply with the data localisation norms, rules and regulations of the IT Act, then there is no question of granting new permission," Duggal said.

In a statement, a WhatsApp spokesperson said that safety and security of users remains the platform's highest priority.

"In May, our security team caught and stopped a cyber attack designed to send malware to mobile devices. Unable to break end-to-end encryption, this kind of malware abuses vulnerabilities within the underlying operating systems that power our mobile phones," the WhatsApp spokesperson said.

"Technology companies are constantly working to stay ahead of these kind of challenges through updates and patches. The safety and security of our users remains our highest priority, which is why in May we blocked the attack and have taken action in the courts to hold NSO accountable," the statement added.

Facebook filed a lawsuit against Israel's NSO Group last month. According to Facebook, the NSO Group violated laws, including the US Computer Fraud and Abuse Act.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 12,2020

Thiruvananthapuram, Mar 12: In the wake of COVID-19 outbreak, Internet service providers in Kerala have agreed to step up the network capacity by 30 to 40 per cent of the present capacity to meet the demand, especially in view of the spurt in work-at-home mode.

"The decision was made at a meeting of representatives of various telecom service providers in Kerala circle and officials of the Telecommunication Department convened by the Secretary, Electronics and IT, following a direction by Chief Minister Pinarayi Vijayan to look into the issue," said a press release by the IT Department.

The decision will be beneficial for those working in IT institutions. The government has come out with a set of suggestions to avoid social gatherings at public places in view of coronavirus spread. Telecom service providers have assured the government that they are well equipped to face the current situation.

The major part of Internet consumption in Kerala is made available through local servers. Moreover, global Internet traffic is very low as compared to the overall consumption. So, increasing the capacity won't be difficult, service providers informed.

"Complaints regarding the low availability of the Internet due to the spurt in consumption of the Internet can be made to the service providers to their complaint redressal number or inform state government call centre (155300). But complaints regarding the insufficiency in the current network infrastructure should be strictly avoided," said the release.

The IT Department will also demand daily reports from various telecom service providers. By analysing these reports, steps for remedies will be taken after bringing the sudden increase in consumption to the service providers.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
June 27,2020

New Delhi, Jun 27: Prime Minister Narendra Modi on Saturday said that India fared much better compared to some other countries in the fight against the COVID-19 pandemic. The PM made this observation while delivering the inaugural address to mark the 90th birth anniversary celebrations of Reverend Dr Joseph Mar Thoma Metropolitan.

"Earlier this year, some people had predicted that the impact of the virus in India would be very severe. Due to lockdown, many initiatives have been taken by the Government and in this people-driven fight, India is much better placed than many other nations. India's recovery rate is rising," Modi said in his virtual address.

He further warned that the time was not apt to "let our guard down".

The prime minister greeted the Mar Thoma Metropolitan and wished him a "long life and best health."

"Dr Joseph Mar Thoma has devoted his life for the betterment of our society and nation. He has been particularly passionate about the removal of poverty and women empowerment," the prime minister said.

Praising the Mar Thoma Church for its contributions to the country the Prime Minister added that it has worked to bring a positive difference in the lives of people in the country in areas of healthcare and education.

"The Mar Thoma Church is closely linked with the noble ideals of Saint Thomas, the Apostle of Lord Christ. India has always been open to spiritual influences from many sources. It is with this spirit of humility that the Mar Thoma Church has worked to bring a positive difference in the lives of our fellow Indians," Modi said.

Followers of the Mar Thoma Church from India and abroad participated in the programme through video conference.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 11,2020

New Delhi, Jan 11: Assets worth Rs 78 crore have been attached by the ED in connection with a money laundering probe against former ICICI Bank Chairman Chanda Kochhar and others, officials said on Friday.

A provisional order under the Prevention of Money Laundering Act (PMLA) has been issued for attachment of the properties that includes Kochhar's Mumbai-based house and some other assets belonging to a company linked to her, they said.

The book value of the attached assets is Rs 78 crore, they said.

The Enforcement Directorate (ED) is probing Kochhar, her husband Deepak Kochhar and others in a case of alleged irregularities and money laundering in giving loans by the bank to the Videocon group.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.