In an effort to save our precious time and effort and bag in some really amazing discounts, many of us have now switched to the online shopping sites for our shopping needs. For many of those for whom online shopping is a regular affair, here’s something you need to know.
A recent study done by Fallible.co, a security firm working towards escalating the security of tech startups has made some shocking revelations. According to the study, many of the popular Indian startups whose services we avail online possess a potential credit card detail theft for the customers.
The study done by the security firm found vulnerabilities in the payment gateways of popular sites like Makemytrip, BookmyShow, Yatra, Swiggy, Voonik, Mobikwik, Foodpanda, Freecharge, Uber, Ola, Snapdeal, Redbus and Rupay.
According to Fallible.co, the study results in no way claims that these aforementioned startup’s payment gateways are hacked or insecure, but it just means to stress that they are not up-to-date in their security measures and can be easily hacked. The security firm also further noted that any of the customer who has availed paying for the services on these startups through their credit cards, their details are now probably stolen.
Though the security firm did not present any valid proof for their claims but it does serve as a warning bell for credit card users on these startups website and mobile apps and the startups themselves. Though no proof was presented, Fallible.co did manage to provide an example of one of the traditional payment gateway certified by PCI DSS level 1 as being hacked. The thing to be noted is that the startup that makes use of this particular payment gateway has over 15 million transactions being processed on per month basis.
Another popular payment gateway that can be easily hacked using the ‘commodity grade gaming PC’ in only a week’s time was also named by Fallible.co. According to them, every particular detail about the credit card can easily be stolen.
The security firm also had a piece of advice for people who have already used their credit cards on the aforementioned startups. The firm warned the users to keep a close check on their credit card’s usage and report any vulnerability they see as soon possible. It also noted that the hackers might not make use of the stolen information immediately but might plan to do so gradually over a period of time.
According to the firm, people should switch from credit cards to debit cards as they require a PIN and an OTP and hence are more safer.
In the year 2015, Abhishek Anand, co-founder, Fallible.co had revealed that almost 70 percent of the technology driven startups that they had investigated were easily vulnerable to hacking. These included some of the big names like Zomato, HomeShop18, Peppertap and Ola etc. Anand also divulged that out of the seventeen startups that they contacted in order to share the hacking vulnerabilities details with them, only two willingly offered bug bounty benefits.