Incident Reports

Incident Reports

As part of monitoring the payments ecosystem, we help in reporting privacy, security issues and help entities fix them. While we prefer responsible disclosure, we might disclose critical issues publicly as well. If you find something wrong / concerning, please let us know through contact and we will assist you in reporting.

S.No Entity Type of Report Outcome Comments
1 Aditya Birla Payments Bank Data Leak - Report Fixed Directory browsing enabled on webserver leaking Aadhaar / transaction data
2 UltraCash Malware Detection - Report Fixed Found SMS Malware in multiple versions of app
3 PayUMoney Data Leak - Report Fixed Unauthenticated users can access partial de-tokenized card information of users

RTI Desk - RTI-012

RTI 012 - Regulatory clarity on eSign after Aadhaar Verdict Field Value RTI ID CONCA/R/2018/50020 Date of Filing 16/10/2018 PIO Controller of certifying Authorities (CCA) Subject Regulatory clarity on use of eSign after Aadhaar Verdict Query Further to the Aadhaar judgement by the Supreme Court constitutional bench Please provide information on updates to rules, regulations made by CCA related to eSign Service Providers. Continue reading (200 words)...