A recent report has surfaced online revealing that JioMoney app carries a bug that exposes user data, including Aadhaar number, date of birth and JioMoney mPIN. JioMoney is Jio’s e-wallet app, which works in a similar way as Paytm.
The bug was discovered by an app user CS Akshay, who irritated by the lack of service decided to take matters into his own hands by analyzing JioMoney’s code. At this point, he discovered the massive vulnerability and the number of loopholes that are responsible for revealing customer data. Following that, Akshay even set up a micro site for the topic and tweeted about the problem, but decided to take them down after getting a call from Jio.
In response to the issue however, Jio told BGR India, “We have come across an unverified and unsubstantiated claim of personal data of JioMoney users being exposed. We confirm that there is no such issue in JioMoney. Prima facie, the claims appear to be mischievous attempts to malign our services. We assure our users that their data is safe and maintained with highest security.”
This is also not the first time a Jio service has been accused of exposing customer data. In 2017, a Rajasthani coder, Imran Chhimpa, had figured out a way to get Jio user details by simply having access to their phone numbers, with a login to a Jio app used by retailers. However, Chhimpa was arrested soon after setting up a website that allowed people to retrieve data by simply typing a Jio number.
Watch: Asus Zenfone 5Z First Look
While Jio is still sticking to its claim, the company currently is in a tough spot with its customers. Users might also be more concerned by the fact that the company has a partnership with Uber, Sodexo, Snapdeal and Dominos Pizza. And while the app is subject to RBI’s regulations, it is currently unclear if RBI is aware of this incident.