A Wake-up Call For Everyone On The Issue Of Vulnerability


When we compare the pre and present COVID-19 pandemic scenario, the adoption of technology has grown to more than four times with millions forced to work from home and digital connectivity will take even more of a hold on everyday habits post the pandemic. For some consumers this may be totally new behavior (such as shopping for groceries online for the first time), while for others this may mean increased online usage or the addition of new technology, tools and software.


Owing to the rapid rise of COVID-19 cases across the country, state governments and large municipalities are coming up with strict surveillance mechanisms to ensure that those quarantined adhere to the norms, and stay at home. Health surveillance in this context seems to be taking multiple forms — a mixture of human intelligence and technology. At the same time, Payments on Unified Payments Interface (UPI) in June hit an all-time high of Rs 1.34 billion in terms of volume with transactions worth nearly Rs 2.62 lakh crore, as per National Payments Corporation of India (NPCI) data and in the month of May, the number of UPI transactions stood at 1.23 billion valued at Rs 2.18 lakh crore.


But the surprising part is no one is talking about the vulnerability associated with hardware/software and Work From Home solutions (Hardware/software) including the CCTV and UPI payments, but everyone is busy in selling and users are in desperate buying whatever is best available. Demand has surged in the hardware and software buyings, thanks to the shift towards home working.


Today the most important thing to ponder is the payment system that allows users to make and receive payments anywhere around the globe by just using a smartphone through Unified Payment Interface app . UPI allows customers to pay directly from linked bank accounts to merchants without using credit card, debit card and bank account details like the account numbers, IFSC code or net banking.


UPI is considered to be a very safe medium for online transactions but the security levels are not that high because if someone figures out the M-Pin, the attacker can easily transfer money from a bank account. According to NPCI, UPI has End-to-End encryption secure verification methods and much more. Also it doesn’t include 3rd party software to be installed in the user’s smartphone. There are many security flaws in UPI.


There are various types of vulnerabilities that have been found in the payment companies including Amazon Pay, Phone Pay, BHIM, PayTM, Mobikwik, Mastercard and Visa etc.


Banks have started creating awareness programs regarding not disclosing your UPI pin, M-PIN, sharing of UPI ID, spamming warning and many more. But still beware of engaging with fraudsters, alert to transfer or receiving untrusted payment requests. Unverified application that request to allow permission to access the payment applications and do not click on any given payment link to make a payment, Sharing OPT and not to download any open source untrusted application (games, social media networking etc.), as such applications are the main cause of malwares and crashing of the smartphone.