1. Home
  2. WhatsApp Pay may put Indian digital banking at risk: Experts

WhatsApp Pay may put Indian digital banking at risk: Experts

Agencies
November 8, 2019

After WhatsApp accounts of 121 Indians were compromised by the Israeli spyware Pegasus, experts have warned that the payment feature the Facebook-owned platform is planning to launch in India may put the digital banking system at risk.

"WhatsApp payment needs to be seen with microscopic eye, primarily because in payment you will be dealing with sensitive personal data and cyber security is going to be an essential building block component for WhatsApp to demonstrate its due diligence," Pavan Duggal, one of the nation's top cyber law experts, told IANS.

The Ministry of Electronics and Information Technology (Meity) has already expressed dissatisfaction over the manner WhatsApp communicated about the compromised accounts.

The piece of NSO Group software called Pegasus allegedly exploited WhatsApp's video calling system by installing the spyware via missed calls to snoop on 1,400 users globally. The devices were compromised with just a WhatsApp video call.

In May, WhatsApp, which has 400 million users in India, urged its 1.5 billion global users to upgrade the app after discovering the vulnerability.

"WhatsApp's recent operations have shown that it's difficult for the government to get information from it. WhatsApp is an intermediary under the Information Technology Act and is mandated to exercise due diligence under the law. But it has failed to do due diligence," Duggal said.

"You should not be in a hurry to grant new licences or permission to WhatsApp without being satisfied with its adherence to cyber-security norms, international best practices and Indian laws," he said.

The Facebook-owned company is learnt to have countered the government charge that it didn't inform it about a privacy breach on the messaging platform. WhatsApp didn't even comply with the data breach notification law in India, Duggal said.

"It (WhatsApp) didn't follow reasonable security practices as mandated in Section 43A of the IT Act, 2000. In fact, it abetted the crime of un-authorised access too. Granting WhatsApp pay licence should be given a second thought by the Reserve Bank of India," said Prashant Mali, cyber lawyer at Bombay High Court.

In light of the recent hack, the government, the RBI and the National Payments Corporation of India (NPCI) is reportedly evaluating the risk of allowing social media apps into the digital payment ecosystem.

"With the government, the RBI and the NPCI planning to evaluate the risks involved in making payments via social media apps and services, the security of the UPI payment infrastructure on WhatsApp Pay has been rendered under a cloud of vulnerability," said Salman Waris, Managing Partner at TechLegis Advocates & Solicitors, a law firm.

The RBI revealed in an affidavit in the Supreme Court earlier that WhatsApp had not complied with the data localisation norms. In an April 2018 circular, the RBI stated that the data of any payment banking system have to physically located in India.

"The history of WhatsApp has shown that it's not cooperative with the government in sharing of information. If financial information is compromised, it will not only have an impact on users, but it can also have an impact on the sovereignty and security of India," Duggal said.

The government must go slow till the time WhatsApp demonstrates compliance to Indian law and showed that the platform was secure, he said.

"Because almost every phone user in India is on WhatsApp, it's all the more important for the government and the RBI to ensure that WhatsApp not only complies with the parametres of cyber security and data localisation norms, but also the IT Act and the rules and regulations thereunder.

"If WhatsApp doesn't comply with the data localisation norms, rules and regulations of the IT Act, then there is no question of granting new permission," Duggal said.

In a statement, a WhatsApp spokesperson said that safety and security of users remains the platform's highest priority.

"In May, our security team caught and stopped a cyber attack designed to send malware to mobile devices. Unable to break end-to-end encryption, this kind of malware abuses vulnerabilities within the underlying operating systems that power our mobile phones," the WhatsApp spokesperson said.

"Technology companies are constantly working to stay ahead of these kind of challenges through updates and patches. The safety and security of our users remains our highest priority, which is why in May we blocked the attack and have taken action in the courts to hold NSO accountable," the statement added.

Facebook filed a lawsuit against Israel's NSO Group last month. According to Facebook, the NSO Group violated laws, including the US Computer Fraud and Abuse Act.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
June 9,2020

New Delhi, Jun 9: Petrol price on Tuesday was hiked by 54 paise per litre and diesel by 58 paise a litre - the third straight daily increase in rates after oil PSUs ended an 82-day hiatus in rate revision.

Petrol price in Delhi was hiked to Rs 73.00 per litre from 72.46, while diesel rates were increased to Rs 71.17 a litre from Rs 70.59, according to a price notification of state oil marketing companies.

This is the third daily increase in rates in a row. Oil companies had on Sunday restarted revising prices in line with costs, after ending an 82-day hiatus.

Prices were raised by 60 paise per litre each on both petrol and diesel on Sunday as well as on Monday. In all, petrol price has gone up by Rs 1.74 per litre and diesel by Rs 1.78 a litre in three days.

Oil PSUs - Indian Oil Corp (IOC), Bharat Petroleum Corp Ltd (BPCL) and Hindustan Petroleum Corp Ltd (HPCL) - had put daily price revisions on hold soon after the government on March 14, hiked excise duty on petrol and diesel by Rs 3 per litre each.

Oil companies did not pass on that excise duty hike, as well as the May 6 increase in tax on petrol by Rs 10 per litre and Rs 13 a litre hike on diesel by setting them off against the decline in retail prices that should have effected to reflect international oil rates falling to two-decade low.

International rates have since rebounded and oil companies having exhausted all the margin are now passing on the increase to customers, an industry official said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
February 19,2020

Washington, Feb 19: Sri Srinivasan, a prominent Indian-American judge, has created history by becoming the first person of South Asian descent to lead a powerful federal circuit court considered next only to the US Supreme Court.

Srinivasan, 52, became the Chief Judge of the United States Court of Appeals for the DC Circuit.

An Obama appointee who has already been considered for a Supreme Court seat twice, donned the mantle of the chief judge of the DC federal court circuit on February 12.

Srinivasan succeeded Judge Merrick Garland, who has been a member of the DC Circuit since 1997 and Chief Judge since 2013. He will remain on the bench, a press release said.

Notably, Garland's nomination to the Supreme Court by the then president Barack Obama was blocked by Senate Republicans in 2016.

Srinivasan, was appointed to the US Court of Appeals for the District of Columbia Circuit in May 2013.

He was the first ever Indian-American to be appointed to the second most powerful court of the US.

Neomi Rao, nominated by President Donald Trump, is the second Indian American on this powerful judiciary bench.

History being made on the DC Court of Appeals. Congratulations, Judge Srinivasan! Senator Mark Warner said.

Congratulations to Judge Sri Srinivasan on becoming the Chief Judge of the U.S. Court of Appeals for the D.C. Circuit! A milestone for the Indian-American/Kansan community (and yet another piece of evidence my family can use that I'm underachieving), US Federal Communications Commission Chair Ajit Pai said.

According to The Washington Post, Srinivasan spoke recently about his path to the bench at an event celebrating women in the law, a field where men still dominate leadership positions.

"Everybody doubts their belonging and worthiness in some measure. I definitely did and still do. This is just going to be a part of the thing when you're looking out in the world in which everyone isn't like you. It's natural to doubt whether you belong and whether you're worthy, he said, "but you do belong and you are worthy.

Born in Chandigarh, and raised in Lawrence, Kansas, he received a B.A. from Stanford University, a J.D. from Stanford Law School, and an M.B.A. from the Stanford Graduate School of Business.

Following graduation, he served as a law clerk to Judge J. Harvie Wilkinson III of the US Court of Appeals for the Fourth Circuit, as a Bristow Fellow in the Office of the US Solicitor General, and as a law clerk to US Supreme Court Justice Sandra Day O'Connor.

From 2011 until his appointment to the US Court of Appeals, Judge Srinivasan served as the Principal Deputy Solicitor General of the United States.

He has argued 25 cases before the US Supreme Court. He has also taught appellate advocacy at Harvard Law School as well as a seminar on civil rights statutes and the Supreme Court at Georgetown University Law Center.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 8,2020

Washington, Mar 8: An attendee at last week's Conservative Political Action Conference (CPAC), which also saw the participation of US President Donald Trump, has tested positive for COVID-19, the American Conservative Union (ACU) said.

The exposure occurred prior to the conference held in National Harbor, Maryland, just south of Washington D.C., Xinhua news agency quoted the ACU as saying in a statement on Saturday.

A New Jersey hospital tested the person, and the Centers for Disease Control and Prevention (CDC) confirmed the positive result, said the statement.

"The individual is under the care of medical professionals in the state of New Jersey, and has been quarantined," it said.

Trump and Vice President Mike Pence spoke at the gathering, which took place from February 26-29.

Also present at the event were a number of administration and cabinet officials, including Secretary of State Mike Pompeo, Health and Human Services Secretary Alex Azar, and newly-appointed White House Chief of Staff Mark Meadows.

White House Press Secretary Stephanie Grisham said in a statement Saturday that the White House was aware of the development.

"At this time there is no indication that either President Trump or Vice President Pence met with or were in close proximity to the attendee," Grisham said in a statement.

"The President's physician and US Secret Service have been working closely with White House Staff and various agencies to ensure every precaution is taken to keep the First Family and the entire White House Complex safe and healthy."

The news emerged as Washington D.C. and neighbouring state of Virginia respectively confirmed their first cases of COVID-19 on Saturday.

In a press conference on Saturday night, Washington D.C. Mayor Muriel Bowser said a resident in his 50s showed symptoms of a respiratory virus in February. He was admitted to a hospital in the District on March 5.

The patient had no history of recent international travel, nor had he been exposed to anyone who was confirmed to be infected, according to Bowser.

The Mayor said D.C. health authorities were investigating the man's contact with other people before he went to the hospital.

A US Marine assigned to Fort Belvoir in Fairfax County, Virginia, tested positive on Saturday for COVID-19 and is currently being treated at Fort Belvoir Community Hospital, according to a Pentagon spokesman.

"The Marine recently returned from overseas where he was on official business," tweeted Jonathan Rath Hoffman, adding that Secretary of Defence Mark Esper and the White House have been briefed.

As of Saturday night, more than 420 cases of COVID-19 were reported in the US with 17 deaths, according to the Center for Systems Science and Engineering at Johns Hopkins University.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.