1. Home
  2. WhatsApp Pay may put Indian digital banking at risk: Experts

WhatsApp Pay may put Indian digital banking at risk: Experts

Agencies
November 8, 2019

After WhatsApp accounts of 121 Indians were compromised by the Israeli spyware Pegasus, experts have warned that the payment feature the Facebook-owned platform is planning to launch in India may put the digital banking system at risk.

"WhatsApp payment needs to be seen with microscopic eye, primarily because in payment you will be dealing with sensitive personal data and cyber security is going to be an essential building block component for WhatsApp to demonstrate its due diligence," Pavan Duggal, one of the nation's top cyber law experts, told IANS.

The Ministry of Electronics and Information Technology (Meity) has already expressed dissatisfaction over the manner WhatsApp communicated about the compromised accounts.

The piece of NSO Group software called Pegasus allegedly exploited WhatsApp's video calling system by installing the spyware via missed calls to snoop on 1,400 users globally. The devices were compromised with just a WhatsApp video call.

In May, WhatsApp, which has 400 million users in India, urged its 1.5 billion global users to upgrade the app after discovering the vulnerability.

"WhatsApp's recent operations have shown that it's difficult for the government to get information from it. WhatsApp is an intermediary under the Information Technology Act and is mandated to exercise due diligence under the law. But it has failed to do due diligence," Duggal said.

"You should not be in a hurry to grant new licences or permission to WhatsApp without being satisfied with its adherence to cyber-security norms, international best practices and Indian laws," he said.

The Facebook-owned company is learnt to have countered the government charge that it didn't inform it about a privacy breach on the messaging platform. WhatsApp didn't even comply with the data breach notification law in India, Duggal said.

"It (WhatsApp) didn't follow reasonable security practices as mandated in Section 43A of the IT Act, 2000. In fact, it abetted the crime of un-authorised access too. Granting WhatsApp pay licence should be given a second thought by the Reserve Bank of India," said Prashant Mali, cyber lawyer at Bombay High Court.

In light of the recent hack, the government, the RBI and the National Payments Corporation of India (NPCI) is reportedly evaluating the risk of allowing social media apps into the digital payment ecosystem.

"With the government, the RBI and the NPCI planning to evaluate the risks involved in making payments via social media apps and services, the security of the UPI payment infrastructure on WhatsApp Pay has been rendered under a cloud of vulnerability," said Salman Waris, Managing Partner at TechLegis Advocates & Solicitors, a law firm.

The RBI revealed in an affidavit in the Supreme Court earlier that WhatsApp had not complied with the data localisation norms. In an April 2018 circular, the RBI stated that the data of any payment banking system have to physically located in India.

"The history of WhatsApp has shown that it's not cooperative with the government in sharing of information. If financial information is compromised, it will not only have an impact on users, but it can also have an impact on the sovereignty and security of India," Duggal said.

The government must go slow till the time WhatsApp demonstrates compliance to Indian law and showed that the platform was secure, he said.

"Because almost every phone user in India is on WhatsApp, it's all the more important for the government and the RBI to ensure that WhatsApp not only complies with the parametres of cyber security and data localisation norms, but also the IT Act and the rules and regulations thereunder.

"If WhatsApp doesn't comply with the data localisation norms, rules and regulations of the IT Act, then there is no question of granting new permission," Duggal said.

In a statement, a WhatsApp spokesperson said that safety and security of users remains the platform's highest priority.

"In May, our security team caught and stopped a cyber attack designed to send malware to mobile devices. Unable to break end-to-end encryption, this kind of malware abuses vulnerabilities within the underlying operating systems that power our mobile phones," the WhatsApp spokesperson said.

"Technology companies are constantly working to stay ahead of these kind of challenges through updates and patches. The safety and security of our users remains our highest priority, which is why in May we blocked the attack and have taken action in the courts to hold NSO accountable," the statement added.

Facebook filed a lawsuit against Israel's NSO Group last month. According to Facebook, the NSO Group violated laws, including the US Computer Fraud and Abuse Act.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 8,2020

New Delhi, Mar 8: In order to spread awareness, a special COVID-19 mobile phone caller tune was launched by all telecom operators with basic infection prevention messages played when a caller dials-out, Ministry of Health and Family Welfare said on Saturday.

"In order to spread awareness about COVID-19, a special COVID-19 mobile phone caller tune was launched by all telecom operators. Over 117.2 crore subscribers of BSNL, MTNL Reliance Jio, Airtel and Vodafone-Idea are being progressively reached out to through SMSs and Call Backs," Ministry of Health and Family Welfare said in a press statement.

"As many as 52 laboratories are now operational across the country for testing the COVID-19 virus. An additional 57 laboratories have been provided with Viral Transport Media and swabs for sample collection," the statement added.

India has 39 confirmed cases of deadly coronavirus so far. The disease has caused deaths of 3200 people globally. 

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 9,2020

Srinagar, Jan 9: Envoys from 15 countries including the United States were shown around Srinagar on Thursday, the first visit by New Delhi-based diplomats since the government stripped Kashmir of its semi-autonomous status and began a harsh crackdown five months ago.

The diplomats were driven by Indian authorities in a motorcade amid tight security from the airport to the military headquarters in Srinagar, where they were briefed on the security situation, an army officer said. He spoke on condition of anonymity as he was not authorized to speak to reporters.

They also held discussions with civil society members and some Kashmiri politicians, said Raveesh Kumar, spokesman for the Ministry of External Affairs (MEA).

The objective of the visit, organized by the Union government, was for the envoys to see first-hand “how things have progressed and how normalcy has been restored to a large extent'' in Kashmir since August, Kumar told reporters in New Delhi.

In October, a group of European Parliament members had visited the region, which is claimed by both India and Pakistan.

The delegation that visited Kashmir on Thursday included US ambassador to India Kenneth Juster and diplomats from Bangladesh, Vietnam, Norway, the Maldives, South Korea, Morocco, Niger, Nigeria, Argentina, the Philippines, Fiji, Uzbekistan, Peru and Togo.

Offices, shops and businesses were open in Srinagar on the cold winter day, but the diplomats did not stop to talk to people as they moved to different venues of their meetings.

They were to fly to Jammu, the winter capital of Kashmir, later Thursday and return to New Delhi on Friday.

Congress leader Jairam Ramesh pointed out the oddity of taking foreign diplomats to the troubled state but not allowing allowing Indian political leaders to freely visit it.

The National Conference said it was "disappointed" with the way the government brought envoys from various countries to "endorse" its "claims of normalcy" in the union territory. The party alleged that it was no more than a "guided tour" with access limited to "handpicked individuals who toe the government line".

“The NC wishes to ask these envoys that if the situation in Jammu & Kashmir is "normal", then why are scores of people, including three former chief ministers, under detention for almost 160 days and why have the people been denied access to the internet for over 5 months?" a statement issued by the party said.

Kumar dismissed as unfounded criticism of the visit, and said more such visits to Kashmir by New Delhi-based diplomats are likely in the near future.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 1,2020

New Delhi, Jan 1: In the backdrop of huge losses borne by airlines, Aviation Minister Hardeep Singh Puri has said the government is concerned that more airlines will shut down if predatory pricing continues. "Some predatory pricing is taking place" in airfares, the minister told reporters on Tuesday. Mr Puri however ruled out any plan by the government to regulate airfares. The remarks come amid high competition in the country's aviation sector, struggling against high fuel prices and other operating costs.

"The interesting thing that we have observed is that on Delhi-Mumbai route 20 years ago, the average fare was Rs 5,100. Today, the average fare is Rs 4,600. Some predatory pricing is taking place. It means people are selling tickets below their cost," he said.

"One of our concerns is that if there is predatory pricing, then the airlines will stop functioning. This is not Air India's problem only. Jet Airways got shut down. Before that, it was Kingfisher airline," he said.

IndiGo and SpiceJet - two of the country's biggest airlines - reported losses of Rs 1,062 crore and Rs 463 crore respectively in the second quarter of 2019-20. Other airlines have also reported losses in the quarter that ended on September 30, 2019.

Asked if predatory pricing is the reason for the ill health of the airlines, the minister said, "No, there are many reasons... Predatory pricing is one of the factors. But the profitability of an airline is dependent on (a) number of things."

Asked if the trend of predatory pricing has come down after regular discussion with the airlines, he said, "Yes, absolutely."

"It is (a) constant battle. An ideal situation from an airline's point of view is that they grow and they are also able to charge more fares. What fares they charge is their business. Our advice to them is to charge realistic fares," he added. "It should not be too high. And it is not in your business interests if you are imposing predatory fares."

The minister also said that the government is not planning to regulate fares. "No regulation. It has to be done within deregulation system.... If I put a cap on fare, the airline will start charging that cap only... that cap will become the normal fare... So, within a deregulated structure, we have to bring about an equilibrium," the minister said.

"Government, periodically, at my level or at secretary''s level, we sit down with the main aircraft operators and tell them it is in your interest not to allow such practices which undermine the civil aviation sector."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.