wordpress blog stats
Connect with us

Hi, what are you looking for?

Update – Facebook doesn’t use payments data for commercial purposes, says WhatsApp

Update (16th April 2018): According to a report on Livemint, WhatsApp has clarified its data privacy policy in India after it was reported that it shares its users’ payments data with parent company Facebook.

“Facebook does not use WhatsApp payment information for commercial purposes, it simply helps pass the necessary payment information to the bank partner and NPCI. In some cases, we may share limited data to help provide customer support to you or keep payments safe and secure,” WhatsApp said.

Original story (10 April 2018): WhatsApp, whose entry into the UPI payments space has been far from smooth, has said it is sharing critical user data like mobile number, Virtual Payment Address (VPA) and even the user’s UPI PIN with third parties including parent company Facebook.

First reported by Livemint, the policies in WhatsApp’s Payments Privacy Policy says, “We share information with third-party providers and services to help us operate and improve Payments… To send payment instructions to PSPs (payment service providers), maintain your transaction history, provide customer support, and keep our Services safe and secure, including to detect, prevent, or otherwise address fraud, safety, security, abuse, or other misconduct, we share information we collect under this Payments Privacy Policy with third-party service providers including Facebook,”

To provide Payments to you, we share information with third-party services including PSPs, such as your mobile phone number, registration information, device identifiers, VPAs (virtual payments addresses), the sender’s UPI PIN, and payment amount,” it adds.

While any payment information being shared with third parties is concerning, particularly worrying is the fact that WhatsApp has the ability to share critical information like a user’s UPI PIN, phone number and VPA. This is further compounded by WhatsApp choosing to share all this information with its parent company Facebook. Facebook has been reeling under the revelation that around 87 million users’ data was access by British political firm Cambridge Analytica without the said users’ consent.

The Livemint report says that according to the National Payments Corporation of India (NPCI), the banks associated with third-party payment apps like WhatsApp and PhonePe need to get exclusive permission from NPCI before they share customer data. But it is unclear if that allows for sharing of data as sensitive as a user’s UPI pin.

WhatsApp’s controversial payments launch

WhatsApp launched its UPI-powered payments service in India in February to some anger over its lack of interoperability and alleged disruption of an ‘open’ system. (The openness of UPI is up for debate.)

Following the launch, incumbent payment services in India felt WhatsApp was playing by its own rules. Most vocal among them was the PayTM CEO, Vijay Shekhar Sharma. In an interview with CNBC Sharma said, “WhatsApp is killing India’s ‘beautiful, open UPI system’, and that it has gotten preferential access to UPI. He says that “it does not allow transactions to non-WhatsApp UPI handles, UPI handles created via other apps, does not include passwords and logins, and QR code scanning. Everyone else has 3 factors of authentication: login, password and then UPI pin. WhatsApp doesn’t have login and password.”

WhatsApp has since remedied some of these concerns by adding support for BharatQR and interoperability with other UPI apps.

The National Payments Corporation of India (NPCI) then released a statement responding to the controversy where they said the WhatsApp rollout was a “beta launch with a limited user base of 1 million and low per transaction limit.”

This was the first we heard of “beta rollout” for any UPI application. While features have been added post-launch, the basic framework has been in place for launches by other players (Tez or PhonePe for example). A one million user rollout for a financial feature with real transactions being termed “beta” sounds… unconvincing. There is no explicit mention of the “low transaction limit” on the app. With over a 200 million monthly active user base we have serious doubts that the feature can only be accessed by only a million users, so when is the ‘beta launch’ coming to an end and when are we getting a stable release?

You May Also Like


The National Payments Corporation of India is in the process of rolling out a completely open source platform for the Unified Payments Interface (UPI)...


Facebook’s Oversight Board will be reviewing, at Facebook’s referral, the decision to indefinitely suspend former US President Donald Trump’s from Facebook and Instagram. Trump’s accounts...


Digital sovereignty also involves the autonomy of Indians as far as ownership of that data is concerned, Ravi Shankar Prasad Union Minister for Electronics...


MobiKwik’s net revenues grew by 134% to ₹379 crore at the end of FY20 from ₹162 crore on the back of higher revenue from...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ