Picture shown is for illustrative purposes only.
A government audit of India's flagship payments processor last year found more than 40 security vulnerabilities including several it called "critical" and "high" risk, according to an internal government document seen by Reuters.
The audit, which took place over four months to February 2019, highlighted a lack of encryption of personal data at the National Payments Corporation of India (NPCI) which forms the backbone of the country's digital payments system and operates the RuPay card network championed by Prime Minister Narendra Modi.
The March 2019 government document cited the storing of 16-digit card numbers and other personal information such as customer names, account numbers and national identity numbers in "plain text" in some databases, leaving the data unprotected if the system was breached. The audit has not previously been reported.
The NPCI said in a statement to Reuters it is regularly audited in the interests of security and senior management reviews all findings, which are then "remediated to (the) satisfaction of the auditors". This includes the findings cited by Reuters, it said.
India's National Cyber Security Coordinator, Rajesh Pant, whose office coordinated the audit, also said in a statement to Reuters that "all observations raised in last year's report have been confirmed as resolved by the NPCI".
Pant added audits are best practice for the mitigation of cyberattacks and are conducted on a periodic basis by all enterprises.
The audit was undertaken to provide Modi's National Security Council with an overview of the NPCI's defences against cyberattacks. Modi's office and the finance ministry did not respond to a Reuters request for comment.
The audit's findings underscore the data-security challenges faced by the NPCI which processes billions of dollars daily via services that include inter-bank fund transfers, ATM transactions and digital payments.
In India and beyond, financial institutions are under immense pressure to mount effective defences to protect their customers as the number of malicious cyberattacks grow and hackers become more sophisticated.
Set up in 2008, the NPCI is a not-for-profit company which as of March 2019 counted 56 banks as its shareholders, including the State Bank of India, Citibank and HSBC .
RuPay, in particular, has been enthusiastically endorsed by Modi who has likened its use to a national duty. It has grown to account for almost two-thirds of nearly 900 million debit and credit cards issued in India as of October, according to NPCI and central bank data.Reuters
"PM Narendra Modi", a biopic on Prime Minister Narendra Modi, raked in nearly Rs3 crore (Rs30 million) on the first day of its release.
India has raised its import duty on wheat to 40 per cent from 30 per cent, the government said late on Friday, as the world’s No.2 producer of the grain tries to support local farmers
Indian shares hit a record high on Monday after exit polls from the country’s marathon election indicated a new term for Hindu nationalist Prime Minister Narendra Modi. While opposition parties refused to concede and the country faces a nerve-jangling three day wait until the official count begins,
Congress President Rahul Gandhi said on Monday that nearly 25 crore poor people in the country will get financial assistance of Rs 72,000 per annum if the party is voted to power under the ambitious minimum income guarantee scheme which the party has named "Nyay."
A North Carolina mall crowded with shoppers on the day after Thanksgiving suddenly reverberated with sounds of bullets and the shoppers ran for their lives.
The Dubai Public Prosecution referred 18 defendants of different nationalities to the Dubai Misdemeanors Court on charges of laundering $8.4 million (Dhs31 million) between 2014 and 2020 by exploiting three companies.
NCM expected the formation of clouds in the east and far north, with a possibility of rainfall on Sunday. The lowest temperature (11.2 °C) was recorded on Saturday at 6:45am in Rokna in the city of Al Ain.