The National Payments Corporation of India (NPCI), an Indian retail payments organization, wrote a letter to the Internet Freedom Foundation in which it stated that it has discontinued to onboard new Truecaller users on its UPI platforms after the breach of data.
On Tuesday, 30th of July 2019, a bug in the caller-ID app of Truecaller, which claims to have around 100 million users in India, risked the financial data of its users. The app that is known for helping the people to avoid spam callers automatically started doing the registration of new users to the Unified Payment Interface (UPI) account without their consent.
According to the media, the action of the app scared some users to such an extent that they were prompted to immediately reach out to ICICI Bank and get their debit cards and net banking accounts blocked.
In response to this, Truecaller accepted its mistake on Tuesday and blamed the latest update of the app for this mishappening.
In a statement released to the media, it added, “We have discovered a bug in the latest update of Truecaller that affected the payments feature, which automatically triggered a registration post updating to the version. This was a bug and we have discontinued this version of the app so no other users will be affected.”
Dilip Asbe, the Managing Director and CEO of NPCI wrote, “We wish to reiterate that no sooner the bug was noticed on 30 July 2019, NPCI has stopped Truecaller new user onboarding services on UPI platform.”
In a statement about the issue, Dilip Asbe assured that the accounts of customers who were accidentally enrolled by Truecaller won’t be affected in any way.
In India, Truecaller renders its payment services through its payments partner which is ICICI Bank. The bank helps in facilitating UPI service for the platform.