Major Security flaws in BHIM APP
Security flaws in BHIM APP: This app, which was launched by The PM Narendra Modi on December 30, is linked to NPCI’s United Payments Interface. In this type of payment system the users through Smartphone can directly transfer money from their bank accounts without having to key in their debit or credit card numbers.
However BHIM has its own security and other flaws , which has not been tested well before launch. Some of the security flaws which we faced while installing and using this APP are
1. The first challenge was to find the app in Google Play store, If you type BHIM then multiple options come for that as shown below :
This leaves a end user confusion over which is the real APP and which one to download. The Government of India must check with the android development to make it mandatory to display only the BHIM app if the user is searching for the BHIM APP.
2. The one highlighted in red is fake app. I found comments from many users who complained about it and asked the google to block it. The one highlighted in green is original one. Though not a big issue, but it can be handled if complained to google play.
3. After installing the correct version, it doesn’t sent OTP to your mobile number. Instead it will ask you to send message from your mobile number. Then verification happens. Usually, the case is reverse for all other apps as they prefer sending OTP.
4. Once your number is verified, it will ask you to register passcode.
5. Then comes the step where user needs to select his/her bank. I have concerns from this step of BHIM App. If user has already installed any of his banking apps, for e.g., HDFC. Then as soon as user selects HDFC, this app gives details of his/her account details automatically. In normal scenario, we would expect, it to redirect to HDFC site and then using proper authentication these details should be shared to BHIM app. I think user data is compromised here.
6. I am using note2, and my phone has become extremely slow using this app. Might be my phone is old, but on the same place I can comfortably use Paytm and other apps on my phone. So I guess it should have been made lighter as compared to other payment apps.
7. There have been several appreciations about this app on Google, on the same hand there are many people who are complaining about it. Connect to your google Pla7. y to see review about this product.
Verdict: I have immediately uninstalled this app from my mobile as I felt that my security might be compromised if I use it. I can’t share my bank details with any third party systems. I feel PayTm SBI Buddy is much secure to use.