1. Home
  2. WhatsApp Pay may put Indian digital banking at risk: Experts

WhatsApp Pay may put Indian digital banking at risk: Experts

Agencies
November 8, 2019

After WhatsApp accounts of 121 Indians were compromised by the Israeli spyware Pegasus, experts have warned that the payment feature the Facebook-owned platform is planning to launch in India may put the digital banking system at risk.

"WhatsApp payment needs to be seen with microscopic eye, primarily because in payment you will be dealing with sensitive personal data and cyber security is going to be an essential building block component for WhatsApp to demonstrate its due diligence," Pavan Duggal, one of the nation's top cyber law experts, told IANS.

The Ministry of Electronics and Information Technology (Meity) has already expressed dissatisfaction over the manner WhatsApp communicated about the compromised accounts.

The piece of NSO Group software called Pegasus allegedly exploited WhatsApp's video calling system by installing the spyware via missed calls to snoop on 1,400 users globally. The devices were compromised with just a WhatsApp video call.

In May, WhatsApp, which has 400 million users in India, urged its 1.5 billion global users to upgrade the app after discovering the vulnerability.

"WhatsApp's recent operations have shown that it's difficult for the government to get information from it. WhatsApp is an intermediary under the Information Technology Act and is mandated to exercise due diligence under the law. But it has failed to do due diligence," Duggal said.

"You should not be in a hurry to grant new licences or permission to WhatsApp without being satisfied with its adherence to cyber-security norms, international best practices and Indian laws," he said.

The Facebook-owned company is learnt to have countered the government charge that it didn't inform it about a privacy breach on the messaging platform. WhatsApp didn't even comply with the data breach notification law in India, Duggal said.

"It (WhatsApp) didn't follow reasonable security practices as mandated in Section 43A of the IT Act, 2000. In fact, it abetted the crime of un-authorised access too. Granting WhatsApp pay licence should be given a second thought by the Reserve Bank of India," said Prashant Mali, cyber lawyer at Bombay High Court.

In light of the recent hack, the government, the RBI and the National Payments Corporation of India (NPCI) is reportedly evaluating the risk of allowing social media apps into the digital payment ecosystem.

"With the government, the RBI and the NPCI planning to evaluate the risks involved in making payments via social media apps and services, the security of the UPI payment infrastructure on WhatsApp Pay has been rendered under a cloud of vulnerability," said Salman Waris, Managing Partner at TechLegis Advocates & Solicitors, a law firm.

The RBI revealed in an affidavit in the Supreme Court earlier that WhatsApp had not complied with the data localisation norms. In an April 2018 circular, the RBI stated that the data of any payment banking system have to physically located in India.

"The history of WhatsApp has shown that it's not cooperative with the government in sharing of information. If financial information is compromised, it will not only have an impact on users, but it can also have an impact on the sovereignty and security of India," Duggal said.

The government must go slow till the time WhatsApp demonstrates compliance to Indian law and showed that the platform was secure, he said.

"Because almost every phone user in India is on WhatsApp, it's all the more important for the government and the RBI to ensure that WhatsApp not only complies with the parametres of cyber security and data localisation norms, but also the IT Act and the rules and regulations thereunder.

"If WhatsApp doesn't comply with the data localisation norms, rules and regulations of the IT Act, then there is no question of granting new permission," Duggal said.

In a statement, a WhatsApp spokesperson said that safety and security of users remains the platform's highest priority.

"In May, our security team caught and stopped a cyber attack designed to send malware to mobile devices. Unable to break end-to-end encryption, this kind of malware abuses vulnerabilities within the underlying operating systems that power our mobile phones," the WhatsApp spokesperson said.

"Technology companies are constantly working to stay ahead of these kind of challenges through updates and patches. The safety and security of our users remains our highest priority, which is why in May we blocked the attack and have taken action in the courts to hold NSO accountable," the statement added.

Facebook filed a lawsuit against Israel's NSO Group last month. According to Facebook, the NSO Group violated laws, including the US Computer Fraud and Abuse Act.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 11,2024

udupistatue.jpg

Udupi, Nov 11: The Karkala town police in Udupi have arrested Krishna Naik, the sculptor responsible for installing a 33-foot Parashurama statue at Umikkal Hill in Bailur, Karkala taluk. 

Naik, the owner of Krish Art World and a resident of Bengaluru's Visvesvaraya Layout, was apprehended in Mahe, part of the Union Territory of Puducherry, for allegedly substituting a look-alike statue in place of a genuine bronze figure at the Parashurama Theme Park in Karkala.

Udupi Superintendent of Police Dr. Arun K confirmed the arrest, stating that Naik faces charges under Sections 420 (cheating) and 409 (criminal breach of trust) of the Indian Penal Code. 

This legal action followed a complaint lodged in June by Krishna Shetty, a resident of Nallur village, Karkala. Shetty claimed that Naik had received a payment of ₹1,25,50,000 from Udupi Nirmithi Kendra for the installation of a bronze Parashurama statue. However, Naik allegedly deceived the government by installing a replica instead.

The statue was unveiled on January 27, 2023, by then Chief Minister Basavaraj Bommai. Current Chief Minister Siddaramaiah has since ordered a CID investigation to probe deeper into the alleged fraud surrounding the statue's installation at the theme park.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 11,2024

hospital.jpg

Mangaluru: In a deeply tragic turn of events, a 28-year-old woman named Ranjitha, who had recently given birth but tragically lost her newborn, ended her life by suicide on Monday. She reportedly leapt from the fourth-floor window of Lady Goschen Hospital’s luggage room.

Ranjitha, whose strength and resilience had carried her through a difficult pregnancy, was scheduled for discharge on Monday. Her journey to Lady Goschen Hospital began on October 24, when she was transferred from Karkala. She was a high-risk patient, battling both hypertension and diabetes. At the time of her admission, she was just 27 weeks pregnant.

Due to the complexities of her health, doctors made the difficult decision to perform an emergency C-section on October 30. She delivered a baby girl, premature and weighing only 960 grams. The newborn was immediately moved to the Neonatal Intensive Care Unit, where doctors did all they could. Despite these efforts, the baby passed away on November 3.

Ranjitha’s sorrow was profound. She stayed under hospital care even after her initial recovery and was preparing to go home on November 9. She had even requested a couple more days at the hospital, seeking time perhaps to cope with her unimaginable grief.

On the day of her discharge, a discharge card ready and her family eagerly waiting to take her home, Ranjitha reportedly made her way to the luggage room in the early hours. There, standing on a cot placed for patients' family members, she climbed to a window and fell from the fourth floor. Despite the attempts of another visitor to intervene, tragedy was inevitable. She was rushed to Government Wenlock Hospital, where doctors confirmed the worst—she was no more.

Dr. Durgaparasad M R, the Medical Superintendent at Lady Goschen Hospital, shared his grief and spoke of the ongoing investigation. A post-mortem is to be conducted, and the local Tahsildar will complete the necessary inquest procedures. Ranjitha’s exact reasons for taking this step are yet to be confirmed, though the weight of her recent losses paints a sorrowful picture.

If you or anyone you know is struggling emotionally, please remember that help is available. Reach out to mental health experts who can provide support and guidance. The toll-free helpline number 9152987821 is available to assist anyone in distress.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 15,2024

iranarmy.jpg

Iran’s Islamic Revolution Guards Corps (IRGC) has killed or captured 69 terrorists linked to the Israeli spy agency Mossad during a major counterterrorism drill in the country's southeast, its spokesman says.  

General Ahmad Shafaei, the spokesman for the “Martyrs of Security” drill, said Friday that a total of 23 terrorists have been killed and another 46 arrested in various clean-up operations ever since the IRGC Ground Force launched it in the Sistan and Baluchestan province on November 1.

Seven terrorists have also turned themselves in during the period.

“The undeniable fact about terrorists is that they rely on arrogant powers, particularly the intelligence service of the wicked and vicious Zionist regime," Shafaei said.

“Unfortunately, weapons and munitions at terrorists’ disposal are among the most sophisticated ones in the world. This accounts for their heavy dependence.” 

The official stated that several members of the disbanded terror teams were non-Iranian nationals, who had been hired by foreign intelligence agencies to carry out acts of sabotage and terror inside Iran.

In a most recent operation, six terrorists were arrested and four others were eliminated, three of whom were non-Iranians, he added. 

On October 26, ten members of Iran's law enforcement forces were killed in a terrorist attack in the Gohar Kuh district of Taftan in the Sistan and Baluchestan province.

The so-called Jaish al-Adl terrorist group claimed responsibility for the assault, which was one of the deadliest in the province in recent months.

The group has carried out numerous terrorist attacks in Iran, primarily in Sistan and Baluchestan.

Its tactics include the abduction of border guards as well as targeting civilians and police stations within the province to incite chaos and disorder.

In January, Iran launched a military operation during which the headquarters of the Pakistan-based terrorist group was targeted in missile strikes, destroying its infrastructure.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.