Thiruvananthapuram:12 lose Rs 15 lakh to online racket

“We alerted the NCPI about it on Thursday and we hope they might soon plug it,” said Mr. Abraham.

Update: 2018-12-08 01:02 GMT
n The state police on Thursday alerted the National Payments Corporation of India (NPCI), which maintains the app, about the threat.

Thiruvananthapuram: The Kerala Police Cyberdome has detected a security vulnerability in the Unified Payments Interface (UPI) mobile application.

As many as 12 persons in the state have so far reported online looting amounting to Rs 15 lakh owing to this fault. A Jharkhand-based racket was suspected to be behind it. The state police on Thursday alerted the National Payments Corporation of India (NPCI), which maintains the app, about the threat. The state police also sought the help of their Jharkhand counterparts to track the racket.

The instant money transfer app is being used by a large number of users, especially after demonetisation. It is regulated by the Reserve Bank of India.

Thiruvananthapuram-range IG and Cyberdome nodal officer Manoj Abraham said that the probe into a series of online looting complaints had led to  the detection of the fraud. The looting is done by misusing a vulnerability in the one-time-password (OTP) system.

“We alerted the NCPI about it on Thursday and we hope they might soon plug it,” said Mr. Abraham.

Mr. Abraham also cautioned the public against passing on OTP to anyone over phone.  "No online payment applications will ask for OTPs over phone. So if anyone asks for an OTP over phone, it will be a fraud," he said.  

From the details of the transactions, the racket was suspected to be operating from Jharkhand. There seems to be over ten persons in the racket. The help of Jharkhand police was sought in tracking them, he said.

Similar News